Jump to content

Can't update Malywarebytes


Recommended Posts

Hi, I used Malware Bytes Chameleon to get rid of the "system care" virus. As far as I can tell, the virus is gone. But now I can't update malware bytes or access any antivirus software pages. Everything else seems to be back to normal.

how can I fix this so that I can update Malware Bytes and order Malware bytes PRO so this doesn't happen again?

Thank you.

Link to post
Share on other sites

Hello dingdong1 and welcome to Malwarebytes!

I am D-FRED-BROWN and I will be helping you. :)

I suspect there is still some leftover malware left on your computer which is preventing you from using your antivirus software. The following scans should give me an idea of what we're facing, and we'll move on from there.

Please print or save this topic. It will make it easier for you to follow the instructions and complete all of the necessary steps.

----------Step 1----------------

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

----------Step 2----------------

Please download Malwarebytes Anti-Rootkit from HERE

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

----------Step 3----------------

Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

***IMPORTANT: save ComboFix to your Desktop***

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please go here to see a list of programs that should be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**

Please include the C:\ComboFix.txt in your next reply for further review.

NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.

----------Step 4----------------

Please download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

----------Step 5----------------

In your next reply, please include the following:

  • TDSSKiller's logfile
  • MBAR mbar-log.txt and system-log.txt
  • ComboFix's report (C:\ComboFix.txt)
  • Security Check checkup.txt

After that, please let me know: How is your computer running now? Do you have any questions or concerns you'd like me to address? Don't hesitate to ask. :)

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Note:

Please make sure you are subscribed to this topic: Click on the "Follow This Topic" Button (at the top right of this page), make sure that the "Receive notification" box is checked and that it is set to "Instantly"

-------> Your topic will be closed if you haven't replied within 3 days! <--------

(If I don't respond within 24 hours, please send me a PM)

-DFB

Link to post
Share on other sites

Hi, I used malywarebytes chameleon to get rid of the "system care virus". It seemed to have worked as everything appeared to work as normal after deleting found viruses. Than I tried to update Malwarebytes & tried to go onto Antivirus websites but couldn't access them. I'm pasting my 2 files below. Any help would be greatly appreciated. Thank you.

attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 5/16/2013 7:13:43 AM

System Uptime: 5/20/2013 6:08:49 AM (34 hours ago)

.

Motherboard: Dell Inc. | | 0RN474

Processor: Intel® Core2 Duo CPU E4500 @ 2.20GHz | Socket 775 | 2194/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 149 GiB total, 103.296 GiB free.

D: is CDROM ()

Z: is NetworkDisk (NTFS) - 74 GiB total, 37.864 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1: 5/16/2013 7:51:09 AM - System Checkpoint

RP2: 5/16/2013 9:17:45 AM - Removed Ask Toolbar.

RP3: 5/16/2013 9:20:17 AM - Software Distribution Service 3.0

RP4: 5/16/2013 10:09:47 AM - Software Distribution Service 3.0

RP5: 5/16/2013 11:22:24 AM - Software Distribution Service 3.0

RP6: 5/16/2013 12:01:07 PM - Installed Dell Resource CD.

RP7: 5/16/2013 1:26:31 PM - Software Distribution Service 3.0

RP8: 5/17/2013 3:20:01 PM - System Checkpoint

RP9: 5/17/2013 5:03:01 PM - Software Distribution Service 3.0

RP10: 5/17/2013 5:52:57 PM - Software Distribution Service 3.0

RP11: 5/17/2013 9:58:10 PM - Software Distribution Service 3.0

RP12: 5/20/2013 7:08:24 AM - System Checkpoint

RP13: 5/21/2013 7:57:13 AM - System Checkpoint

.

==== Installed Programs ======================

.

Acrobat.com

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader XI (11.0.03)

Adobe® Photoshop® Album Starter Edition 3.2

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Belkin Automatic Power Management Software

Bonjour

CadFaster|QuickStep 2010

Carbonite

Carbonite Mirror Image: Carbonite Mirror Image

Chinese Simplified Fonts Support For Adobe Reader 9

Compatibility Pack for the 2007 Office system

Dell Driver Reset Tool

Dell Resource CD

DellSupport

DWG TrueView 2009

DWG TrueView 2011

FOX News Live

FOX News Live Stream

Free DWG Viewer 7.1

Free Picture Resize Starter 4.5

FTP Utility

Google Chrome

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB961118)

Intel® PRO Network Connections 12.1.12.0

iTunes

J2SE Runtime Environment 5.0 Update 6

Java 7 Update 17

Java Auto Updater

Java 6 Update 3

Java 6 Update 5

Java 6 Update 7

Lizardtech DjVu Control (autoinstall)

LogMeIn

Malwarebytes Anti-Malware version 1.75.0.1300

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2698023)

Microsoft .NET Framework 1.1 Security Update (KB2742597)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Office File Validation Add-In

Microsoft Office Professional Edition 2003

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

MSN Toolbar

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6.0 Parser (KB933579)

NVIDIA Drivers

OpenOffice.org Installer 1.0

PayPal Plug-In

Pervasive PSQL v11 Client (32-bit)

Pervasive PSQL v11 Client (32-bit) SP2

PowerDVD

QualxServ Service Agreement

QuickTime

Realtek High Definition Audio Driver

Roxio Creator Audio

Roxio Creator BDAV Plugin

Roxio Creator Copy

Roxio Creator Data

Roxio Creator DE

Roxio Creator Tools

Roxio Drag-to-Disc

Roxio Express Labeler

Roxio MyDVD DE

Roxio Update Manager

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft Windows (KB2564958)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2744842)

Security Update for Windows Internet Explorer 8 (KB2829530)

Security Update for Windows Internet Explorer 8 (KB2847204)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB979402)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219-v2)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135-v2)

Security Update for Windows XP (KB2727528)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2757638)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2780091)

Security Update for Windows XP (KB2802968)

Security Update for Windows XP (KB2807986)

Security Update for Windows XP (KB2813170)

Security Update for Windows XP (KB2813345)

Security Update for Windows XP (KB2820917)

Security Update for Windows XP (KB2829361)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982381)

Security Update for Windows XP (KB982665)

Sonic Activation Module

Spelling Dictionaries Support For Adobe Reader 8

STP Viewer 2.2

TraceParts Application

TraceParts Catalogs

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB2598845)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2661254-v2)

Update for Windows XP (KB2749655)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

ViewMate 10.2

WebFldrs XP

Windows Genuine Advantage Notifications (KB905474)

Windows Internet Explorer 8

Windows Management Framework Core

Windows Media Format 11 runtime

Windows Media Format Runtime

Windows Media Player 11

Windows PowerShell 1.0

Windows Presentation Foundation

Windows XP Service Pack 3

XML Paper Specification Shared Components Pack 1.0

.

==== Event Viewer Messages From Past Week ========

.

5/21/2013 4:03:33 PM, error: Ftdisk [31] - The fault tolerant driver could not read the on disk structures from disk 1.

5/17/2013 3:36:46 PM, error: VolSnap [12] - The shadow copy of volume C: became low on diff area space before it was properly installed.

5/16/2013 8:51:18 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: iaStor

5/16/2013 8:50:15 AM, error: NETLOGON [5719] - No Domain Controller is available for domain PRECISION due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.

5/16/2013 8:49:44 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.

5/16/2013 8:48:08 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Volume Shadow Copy service to connect.

5/16/2013 8:48:08 AM, error: Service Control Manager [7000] - The Volume Shadow Copy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

5/16/2013 8:48:07 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

5/16/2013 8:26:59 AM, error: Service Control Manager [7034] - The Volume Shadow Copy service terminated unexpectedly. It has done this 1 time(s).

5/16/2013 8:01:33 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Apple Mobile Device service to connect.

5/16/2013 8:01:33 AM, error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

5/16/2013 8:00:34 AM, error: Service Control Manager [7034] - The RoxMediaDB9 service terminated unexpectedly. It has done this 1 time(s).

5/16/2013 8:00:34 AM, error: Service Control Manager [7034] - The Roxio Hard Drive Watcher 9 service terminated unexpectedly. It has done this 1 time(s).

5/16/2013 8:00:34 AM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).

5/16/2013 8:00:34 AM, error: Service Control Manager [7034] - The Machine Debug Manager service terminated unexpectedly. It has done this 1 time(s).

5/16/2013 8:00:34 AM, error: Service Control Manager [7034] - The LogMeIn service terminated unexpectedly. It has done this 1 time(s).

5/16/2013 8:00:34 AM, error: Service Control Manager [7034] - The LogMeIn Maintenance Service service terminated unexpectedly. It has done this 1 time(s).

5/16/2013 8:00:34 AM, error: Service Control Manager [7034] - The LMIGuardianSvc service terminated unexpectedly. It has done this 1 time(s).

5/16/2013 8:00:34 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

5/16/2013 8:00:34 AM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).

5/16/2013 8:00:34 AM, error: Service Control Manager [7034] - The BelkinAPMRMI service terminated unexpectedly. It has done this 1 time(s).

5/16/2013 8:00:34 AM, error: Service Control Manager [7034] - The BelkinAPM service terminated unexpectedly. It has done this 1 time(s).

5/16/2013 8:00:34 AM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

5/16/2013 7:16:12 AM, error: Setup [60055] - Windows Setup encountered non-fatal errors during installation. Please check the setuperr.log found in your Windows directory for more information.

5/16/2013 7:07:44 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service SENS with arguments "" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

5/16/2013 12:53:42 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

5/16/2013 12:53:34 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {9B1F122C-2982-4E91-AA8B-E071D54F2A4D}

5/16/2013 12:50:31 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm

5/16/2013 12:49:31 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service CarboniteService with arguments "" in order to run the server: {36471C67-6A93-4434-92CC-4C614CD06666}

5/16/2013 12:49:25 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

5/16/2013 11:31:50 AM, error: Service Control Manager [7000] - The 10083 service failed to start due to the following error: The system cannot find the file specified.

.

==== End Of File ===========================

dds.txt

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.17.2

Run by paulxp at 16:07:58 on 2013-05-21

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.355 [GMT -7:00]

.

.

============== Running Processes ================

.

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\PROGRA~1\BELKIN~1\BELKIN~1.EXE

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe

C:\Program Files\Belkin Automatic Power Management Software\jre\bin\javaw.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

C:\Program Files\LogMeIn\x86\RaMaint.exe

C:\Program Files\LogMeIn\x86\LogMeIn.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\PROGRA~1\BELKIN~1\BELKIN~4.EXE

C:\Program Files\Belkin Automatic Power Management Software\jre\bin\javaw.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

C:\WINDOWS\System32\alg.exe

C:\PROGRA~1\BELKIN~1\BELKIN~3.EXE

C:\Program Files\Belkin Automatic Power Management Software\jre\bin\javaw.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\DellSupport\DSAgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\KONICA MINOLTA\FTP Utility\KMFtp.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Program Files\iPod\bin\iPodService.exe

Z:\DBAMFG\Tp5wdba.exe

C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE

C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\system32\msdtc.exe

C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe

C:\Program Files\Carbonite\Carbonite Mirror Image\CarboniteMirrorImage.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\WINDOWS\system32\SearchFilterHost.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxps://www.google.com/

uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071117

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} -

BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.0983.0\msneshellx.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: OToolbarHelper Class: {EAD3A971-6A23-4246-8691-C9244E858967} - c:\program files\paypal\paypal plug-in\PayPalHelper.dll

TB: &Google: {2318C2B1-4965-11d4-9B18-009027A5CD4F} -

TB: PayPal Plug-In: {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - c:\program files\paypal\paypal plug-in\OToolbar.dll

TB: MSN Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\program files\msn\toolbar\3.0.0983.0\msneshellx.dll

uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [Abkoxa] "c:\documents and settings\paulxp.precision.000\application data\igelag\ivid.exe"

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"

mRun: [RoxioDragToDisc] "c:\program files\roxio\drag-to-disc\DrgToDsc.exe"

mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"

mRun: [dscactivate] c:\dell\dsca.exe 3

mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"

mRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exe

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

mRun: [iMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXE

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Alcmtr] ALCMTR.EXE

mRunServices: [belkinAPM] c:\program files\belkin automatic power management software\BelkinAPM.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ftputi~1.lnk - c:\program files\konica minolta\ftp utility\KMFtp.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - hxxp://www.celartem.com/en/download/data/djvu_autoinstall/DjVuControl_en_US.cab

DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - hxxp://www.linkedin.com/cab/LinkedInContactFinderControl.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1368743394221

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1350496097986

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {FF1CD9A3-00CD-45C1-8182-4EEC229A182D} - hxxps://www.plaxo.com/activex/plx_upldr-2k-xp.cab

TCP: NameServer = 192.168.1.100

TCP: Interfaces\{CE3A9069-6EE7-4F56-BFB0-5009587B43B3} : DHCPNameServer = 192.168.1.100

Notify: LMIinit - LMIinit.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

============= SERVICES / DRIVERS ===============

.

R2 BelkinAPM;BelkinAPM;c:\progra~1\belkin~1\belkin~1.exe -zglaxservice belkinapm --> c:\progra~1\belkin~1\BELKIN~1.EXE -zglaxservice BelkinAPM [?]

R2 Carbonite-Mirror-Image-Svc;Carbonite Mirror Image Backup Service;c:\program files\carbonite\carbonite mirror image\CarboniteMirrorImage.exe [2011-9-16 2036224]

R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2012-1-31 374704]

R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2011-9-16 12856]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2012-4-5 47640]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-5-16 418376]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-5-6 701512]

R3 BelkinAPMmonitor;BelkinAPMmonitor;c:\progra~1\belkin~1\belkin~4.exe -zglaxservice belkinapmmonitor --> c:\progra~1\belkin~1\BELKIN~4.EXE -zglaxservice BelkinAPMmonitor [?]

R3 BelkinAPMRMI;BelkinAPMRMI;c:\progra~1\belkin~1\belkin~3.exe -zglaxservice belkinapmrmi --> c:\progra~1\belkin~1\BELKIN~3.EXE -zglaxservice BelkinAPMRMI [?]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-5-6 22856]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-5-21 40776]

S2 10083;10083;\??\c:\docume~1\paulxp~1.000\locals~1\temp\10083.sys --> c:\docume~1\paulxp~1.000\locals~1\temp\10083.sys [?]

S3 BelkinAPMmanager;BelkinAPMmanager;c:\progra~1\belkin~1\be8806~1.exe -zglaxservice belkinapmmanager --> c:\progra~1\belkin~1\BE8806~1.EXE -zglaxservice BelkinAPMmanager [?]

S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336]

S4 LMIRfsClientNP;LMIRfsClientNP; [x]

.

=============== File Associations ===============

.

FileExt: .scr: DWGTrueViewScriptFile=c:\windows\system32\notepad.exe "%1"

ShellExec: FRONTPG.EXE: edit=c:\progra~1\micros~2\office\FRONTPG.EXE

.

=============== Created Last 30 ================

.

2013-05-21 16:58:55 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2013-05-18 01:15:44 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll

2013-05-18 01:14:54 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll

2013-05-18 01:13:41 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll

2013-05-18 01:13:39 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll

2013-05-18 01:13:35 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

2013-05-18 00:51:37 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

2013-05-18 00:51:28 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll

2013-05-18 00:50:37 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys

2013-05-18 00:49:56 105472 -c----w- c:\windows\system32\dllcache\mup.sys

2013-05-18 00:49:55 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys

2013-05-18 00:49:55 12928 -c----w- c:\windows\system32\dllcache\usb8023.sys

2013-05-18 00:48:56 536576 -c----w- c:\windows\system32\dllcache\msado15.dll

2013-05-18 00:48:40 139784 -c----w- c:\windows\system32\dllcache\rdpwd.sys

2013-05-18 00:48:29 978944 -c----w- c:\windows\system32\dllcache\mfc42.dll

2013-05-18 00:48:29 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll

2013-05-18 00:46:54 718336 -c----w- c:\windows\system32\dllcache\ntdll.dll

2013-05-18 00:46:53 2193408 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe

2013-05-18 00:46:53 2149888 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe

2013-05-18 00:46:53 2070016 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe

2013-05-18 00:46:53 2028544 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe

2013-05-18 00:46:43 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys

2013-05-18 00:46:32 45568 -c----w- c:\windows\system32\dllcache\wab.exe

2013-05-18 00:43:18 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll

2013-05-18 00:42:49 1876352 -c----w- c:\windows\system32\dllcache\win32k.sys

2013-05-17 22:34:18 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll

2013-05-17 22:34:18 1371648 -c----w- c:\windows\system32\dllcache\msxml6.dll

2013-05-17 22:32:10 10752 ------w- c:\windows\system32\smtpapi.dll

2013-05-17 22:32:09 9728 ------w- c:\windows\system32\rwnh.dll

2013-05-17 22:31:26 19569 ----a-w- c:\windows\003452_.tmp

2013-05-17 22:31:14 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe

2013-05-17 22:31:14 294912 ------w- c:\program files\windows media player\dlimport.exe

2013-05-16 22:51:17 -------- d-----w- C:\8d584e4d383435a7ecaa7513ad22

2013-05-16 19:13:02 -------- d-----w- c:\windows\setup.pss

2013-05-16 19:01:13 -------- d-----w- c:\windows\system32\vmm32

2013-05-16 19:01:13 -------- d-----w- c:\program files\Dell

2013-05-16 16:41:06 272128 -c----w- c:\windows\system32\dllcache\bthport.sys

2013-05-16 16:39:10 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll

2013-05-16 16:38:57 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe

2013-05-16 16:38:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll

2013-05-16 16:38:28 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll

2013-05-16 16:38:23 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll

2013-05-16 16:38:23 284160 -c----w- c:\windows\system32\dllcache\pdh.dll

2013-05-16 16:38:23 110592 -c----w- c:\windows\system32\dllcache\services.exe

2013-05-16 16:38:22 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll

2013-05-16 16:38:22 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll

2013-05-16 16:38:22 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll

2013-05-16 16:38:22 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe

2013-05-16 16:35:33 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys

2013-05-16 16:32:28 218112 -c----w- c:\windows\system32\dllcache\wordpad.exe

2013-05-16 14:52:04 -------- d-----w- c:\documents and settings\all users\application data\9C2C7382D435993700009C2BD75C9ED9

2013-05-16 14:13:05 41600 -c--a-w- c:\windows\system32\dllcache\weitekp9.dll

2013-05-16 14:13:05 31232 -c--a-w- c:\windows\system32\dllcache\weitekp9.sys

2013-05-16 14:13:04 9216 -c--a-w- c:\windows\system32\dllcache\wamps51.dll

2013-05-16 14:13:02 73728 -c--a-w- c:\windows\system32\dllcache\w3ext.dll

2013-05-16 14:13:02 5632 -c--a-w- c:\windows\system32\dllcache\w3svapi.dll

2013-05-16 14:13:02 48256 -c--a-w- c:\windows\system32\dllcache\w32.dll

2013-05-16 14:13:02 4608 -c--a-w- c:\windows\system32\dllcache\w3ctrs51.dll

2013-05-16 14:11:40 92416 -c--a-w- c:\windows\system32\dllcache\mga.sys

2013-05-16 14:10:58 43520 -c--a-w- c:\windows\system32\dllcache\EXCH_fcachdll.dll

2013-05-16 14:09:53 19968 -c--a-w- c:\windows\system32\dllcache\inetsloc.dll

2013-05-16 14:09:52 7680 -c--a-w- c:\windows\system32\dllcache\inetmgr.exe

2013-05-16 14:09:52 5632 -c--a-w- c:\windows\system32\dllcache\iisrstap.dll

2013-05-16 14:09:52 169984 -c--a-w- c:\windows\system32\dllcache\iisui.dll

2013-05-16 14:09:52 14336 -c--a-w- c:\windows\system32\dllcache\iisreset.exe

2013-05-16 14:09:51 6144 -c--a-w- c:\windows\system32\dllcache\ftpsapi2.dll

2013-05-16 14:06:24 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe

2013-05-16 14:06:24 16384 ----a-w- c:\program files\internet explorer\connection wizard\isignup.exe

2013-05-16 13:49:36 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll

2013-05-16 13:49:36 24661 ----a-w- c:\windows\system32\spxcoins.dll

2013-05-16 13:49:36 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll

2013-05-16 13:49:36 13312 ----a-w- c:\windows\system32\irclass.dll

2013-05-16 13:49:20 22339 ----a-r- c:\windows\SET1CA.tmp

2013-05-16 13:49:20 10559 ----a-r- c:\windows\SET1CB.tmp

2013-05-16 13:49:15 13753 ----a-r- c:\windows\SET18F.tmp

2013-05-16 13:49:13 1086058 ----a-r- c:\windows\SET183.tmp

2013-05-16 13:49:12 1042903 ----a-r- c:\windows\SET180.tmp

2013-05-16 06:39:27 -------- d-----w- c:\windows\dell

2013-05-15 21:20:56 -------- d-----w- c:\documents and settings\all users\application data\9C319682D958993700009C30FA5CA3FC

2013-05-15 21:19:25 -------- d-----w- c:\documents and settings\paulxp.precision.000\application data\Igelag

2013-05-15 21:19:25 -------- d-----w- c:\documents and settings\paulxp.precision.000\application data\Idwa

2013-05-15 21:19:25 -------- d-----w- c:\documents and settings\paulxp.precision.000\application data\Guqeo

2013-05-11 10:37:28 209472 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll

.

==================== Find3M ====================

.

2013-05-14 21:29:13 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-05-14 21:29:12 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-04-16 22:17:15 920064 ----a-w- c:\windows\system32\wininet.dll

2013-04-16 22:17:14 43520 ------w- c:\windows\system32\licmgr10.dll

2013-04-16 22:17:14 1469440 ------w- c:\windows\system32\inetcpl.cpl

2013-04-12 23:28:55 385024 ------w- c:\windows\system32\html.iec

2013-04-10 01:31:19 1876352 ----a-w- c:\windows\system32\win32k.sys

2013-04-04 21:50:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-14 14:33:13 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-03-14 14:33:11 861088 ----a-w- c:\windows\system32\npdeployJava1.dll

2013-03-14 14:33:11 782240 ----a-w- c:\windows\system32\deployJava1.dll

2013-03-14 14:33:11 143872 ----a-w- c:\windows\system32\javacpl.cpl

2013-03-08 08:36:22 293376 ----a-w- c:\windows\system32\winsrv.dll

2013-03-07 01:32:25 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-07 00:50:30 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-02-27 07:56:51 2067456 ----a-w- c:\windows\system32\mstscax.dll

.

============= FINISH: 16:09:41.15 ===============

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.