Jump to content

Contracted PUM.Hijack.HomepageControl


Recommended Posts

Here is the DSS.txt

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.21.2

Run by OLS Administrator at 14:08:31 on 2013-05-30

Microsoft Windows 7 Enterprise 6.1.7601.1.1252.1.1033.18.3027.1902 [GMT -5:00]

.

AV: Microsoft Forefront Endpoint Protection 2010 *Enabled/Outdated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Forefront Endpoint Protection 2010 *Enabled/Outdated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ================

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\STacSV.exe

C:\windows\system32\WLANExt.exe

C:\windows\system32\conhost.exe

C:\windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\aestsrv.exe

C:\windows\kbruntime\ipsecat.exe

C:\windows\kbruntime\wpagnt.exe

C:\windows\system32\dllhost.exe

c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

C:\windows\System32\msdtc.exe

C:\windows\system32\SearchIndexer.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\windows\system32\taskhost.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\DellTPad\Apntex.exe

C:\windows\system32\conhost.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\windows\system32\Macromed\Flash\FlashUtil32_11_7_700_169_ActiveX.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\windows\system32\DllHost.exe

C:\windows\system32\DllHost.exe

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\System32\svchost.exe -k secsvcs

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

uDefault_Page_URL = about:blank

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices

mRun: [Apoint] c:\program files\delltpad\Apoint.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exe

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoWelcomeScreen = dword:1

uPolicies-Explorer: ConfirmFileDelete = dword:1

uPolicies-Explorer: RestrictWelcomeCenter = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: dontdisplaylastusername = dword:1

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

TCP: NameServer = 24.124.0.1 24.124.0.6

TCP: Interfaces\{3EEA1D9D-19C3-44BB-9D4D-4D875D66EDDE} : DHCPNameServer = 24.124.0.1 24.124.0.6

TCP: Interfaces\{F97E49A3-F2B5-4039-9412-B12922F07C36} : DHCPNameServer = 10.254.1.102 10.254.1.101

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Notify: igfxcui - igfxdev.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL

.

============= SERVICES / DRIVERS ===============

.

R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\elrawdsk32bit.sys [2013-5-30 20392]

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165264]

R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\AEstSrv.exe [2013-5-30 81920]

R2 ipsecat;ipsecat;c:\windows\kbruntime\ipsecat.exe [2013-5-30 138240]

R2 wpagnt;wpagnt;c:\windows\kbruntime\wpagnt.exe [2013-5-30 138240]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2012-5-14 349736]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2013-5-30 127488]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-5-30 40776]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 54144]

R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2010-11-11 206360]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2011-4-11 62464]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]

S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]

S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [2011-4-11 77184]

S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2011-4-11 25600]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]

S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]

S3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [2011-4-11 112640]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2013-5-30 1343400]

.

=============== Created Last 30 ================

.

2013-05-30 19:04:59 439632 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c3e774b6-d7b7-46d6-ab0e-72f9ca0d2923}\gapaengine.dll

2013-05-30 18:59:37 439632 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{61a63fa3-0cb6-4561-ac87-359bd12e1f58}\gapaengine.dll

2013-05-30 18:57:25 -------- d-----w- C:\124ae144db64181b160f94

2013-05-30 18:22:14 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2013-05-30 18:22:14 -------- d-----w- c:\users\ols administrator\appdata\roaming\Malwarebytes

2013-05-30 18:21:57 -------- d-----w- c:\programdata\Malwarebytes

2013-05-30 18:21:55 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-05-30 18:21:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-05-30 18:21:25 -------- d-----w- c:\users\ols administrator\appdata\local\Programs

2013-05-30 18:20:41 439632 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5c706d76-b13c-4168-8c64-5bf4b410a330}\gapaengine.dll

2013-05-30 18:17:39 -------- d-----w- c:\windows\system32\Wat

2013-05-30 18:10:22 7016152 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{00fab93a-e4d1-4338-8295-7e4cc4db84e3}\mpengine.dll

2013-05-30 18:04:47 9728 ----a-w- c:\windows\system32\Wdfres.dll

2013-05-30 18:04:47 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2013-05-30 18:04:47 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2013-05-30 18:04:08 73216 ----a-w- c:\windows\system32\WUDFSvc.dll

2013-05-30 18:04:08 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys

2013-05-30 18:04:08 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys

2013-05-30 18:04:07 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll

2013-05-30 18:04:07 196608 ----a-w- c:\windows\system32\WUDFHost.exe

2013-05-30 18:04:07 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll

2013-05-30 18:04:06 613888 ----a-w- c:\windows\system32\WUDFx.dll

2013-05-30 17:57:54 36864 ----a-w- c:\windows\system32\tsgqec.dll

2013-05-30 17:56:19 2048 ----a-w- c:\windows\system32\tzres.dll

2013-05-30 17:27:01 -------- d-----w- c:\program files\DellTPad

2013-05-30 17:25:43 -------- d-----w- c:\windows\Panther

2013-05-30 17:09:49 5120 ----a-w- c:\windows\system32\HdmiCoin.dll

2013-05-30 15:48:34 7071056 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2013-05-30 15:48:21 7016152 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{dd01ec05-4c96-44aa-b884-e1afb067192f}\mpengine.dll

2013-05-30 15:46:59 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2013-05-30 15:46:52 439632 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\nisbackup\gapaengine.dll

2013-05-30 15:45:24 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-05-30 15:43:31 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2013-05-30 15:43:30 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-05-30 15:43:21 169984 ----a-w- c:\windows\system32\winsrv.dll

2013-05-30 15:40:35 439632 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\updates\gapaengine.dll

2013-05-30 15:40:34 7071056 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\updates\mpengine.dll

2013-05-30 15:37:30 -------- d-----w- c:\program files\Microsoft Security Client

2013-05-30 15:37:16 20392 ----a-w- c:\windows\system32\drivers\elrawdsk32bit.sys

2013-05-30 15:37:16 -------- d-----w- c:\windows\kbruntime

2013-05-30 15:36:55 -------- d-----w- c:\program files\Kidspiration 3

2013-05-30 15:36:31 -------- d-----w- c:\program files\Softland

2013-05-30 15:36:30 -------- d-----w- c:\program files\Inspiration 9

2013-05-30 15:36:21 -------- d-----w- c:\program files\VideoLAN

2013-05-30 15:36:14 -------- d-----w- c:\program files\Kansas Assessment

2013-05-30 15:35:00 -------- d-----w- c:\windows\system32\Adobe

2013-05-30 15:33:49 866720 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-05-30 15:33:49 788896 ----a-w- c:\windows\system32\deployJava1.dll

2013-05-30 15:33:47 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-05-30 15:29:35 -------- d-----w- c:\program files\IDT

2013-05-30 15:29:34 61440 ----a-w- c:\windows\system32\aestaren.dll

2013-05-30 15:29:34 380928 ----a-w- c:\windows\system32\aestecap.dll

2013-05-30 15:29:34 140288 ----a-w- c:\windows\system32\aestacap.dll

2013-05-30 15:29:33 86016 ----a-w- c:\windows\system32\AESTCom.dll

2013-05-30 15:29:33 3354624 ----a-w- c:\windows\system32\stlang.dll

2013-05-30 15:29:33 12628060 ----a-w- c:\windows\system32\idtcpl.cpl

2013-05-30 15:29:32 -------- d-----w- c:\windows\system32\SRSLabs

.

==================== Find3M ====================

.

2013-05-30 15:34:54 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-05-30 15:34:54 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-05-02 07:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe

2013-04-13 04:45:16 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll

2013-04-12 13:45:29 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys

2013-04-10 05:18:40 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-04-10 05:18:40 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

2013-04-10 05:08:12 981504 ----a-w- c:\windows\system32\wininet.dll

2013-04-10 03:14:06 2347520 ----a-w- c:\windows\system32\win32k.sys

2013-03-19 05:04:13 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-03-19 05:04:10 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-19 04:53:27 186368 ----a-w- c:\windows\system32\wwansvc.dll

2013-03-19 04:48:45 38912 ----a-w- c:\windows\system32\csrsrv.dll

2013-03-19 03:33:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll

2013-03-19 02:49:16 69632 ----a-w- c:\windows\system32\smss.exe

.

============= FINISH: 14:09:01.69 ===============

Here is the Attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Enterprise

Boot Device: \Device\HarddiskVolume1

Install Date: 5/30/2013 10:31:41 AM

System Uptime: 5/30/2013 12:58:50 PM (2 hours ago)

.

Motherboard: Dell Inc. | | 0D695C

Processor: Intel® Core2 Duo CPU P8700 @ 2.53GHz | Microprocessor | 2535/266mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 74 GiB total, 52.755 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP3: 5/30/2013 12:44:39 PM - Scheduled Checkpoint

RP4: 5/30/2013 12:58:56 PM - Windows Update

RP5: 5/30/2013 1:16:47 PM - Windows Update

RP6: 5/30/2013 1:33:21 PM - Windows Update

RP7: 5/30/2013 1:55:40 PM - Windows Update

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Reader XI MUI

Adobe Shockwave Player 12.0

Apple Application Support

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dell Touchpad

Inspiration 9

Java 7 Update 21

KCA

Kidspiration 3

Malwarebytes Anti-Malware version 1.75.0.1300

Microsoft .NET Framework 4 Client Profile

Microsoft Antimalware

Microsoft Forefront Endpoint Protection 2010

Microsoft Forefront Endpoint Protection 2010 Server Management

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Security Client

Microsoft Silverlight

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

QuickTime

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition

Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition

Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

VLC Media Player 0.9.9

.

==== Event Viewer Messages From Past Week ========

.

5/30/2013 12:20:25 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

5/30/2013 10:50:18 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

5/30/2013 10:41:51 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: Real-time protection has stopped functioning for an unknown reason. Restart the service in order to recover.

5/30/2013 10:41:46 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

5/30/2013 10:40:33 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Internal Definition Update Server Update Stage: Install Source Path: http://sus.usd497.org Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

5/30/2013 10:38:24 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Internal Definition Update Server Update Stage: Install Source Path: http://sus.usd497.org Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8024001e Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

5/30/2013 10:27:48 AM, Error: volmgr [46] - Crash dump initialization failed!

5/30/2013 1:59:50 PM, Error: Microsoft-Windows-WHEA-Logger [18] - A fatal hardware error has occurred. Reported by component: Processor Core Error Source: Machine Check Exception Error Type: Cache Hierarchy Error Processor ID: 0 The details view of this entry contains further information.

5/30/2013 1:59:50 PM, Error: Microsoft-Windows-WHEA-Logger [18] - A fatal hardware error has occurred. Reported by component: Processor Core Error Source: Machine Check Exception Error Type: Bus/Interconnect Error Processor ID: 1 The details view of this entry contains further information.

5/30/2013 1:59:50 PM, Error: Microsoft-Windows-WHEA-Logger [18] - A fatal hardware error has occurred. Reported by component: Processor Core Error Source: Machine Check Exception Error Type: Bus/Interconnect Error Processor ID: 0 The details view of this entry contains further information.

5/30/2013 1:59:40 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000124 (0x00000000, 0x87b2b024, 0xb2200049, 0x0002010a). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 053013-38157-01.

5/30/2013 1:15:40 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

.

==== End Of File ===========================

Link to post
Share on other sites

Hy

my name is Daniel and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • I am currently visiting an evening school and working nightshift only which might be evening for you. In this time I am mostly online with my mobile devices and won't be able to reply.

Please post the most recent Malwarebytes Logfile

Launch Malwarebytes --> Logs --> click on the last Logfile. A notepad Window will appear. Copy/Paste its content here in your topic.

Link to post
Share on other sites

Thank you so much for responding Larusso. I have been doing some looking and have discovered that this problem seems to be because of Group Policy settings that I was unaware of at the time i posted this topic. I would like to close this topic because of this development and really appreciate all the help you are doing. I stand by MBAM and reccomend it to everyone I can. I am sorry to hae taken up your valuable time and know that there are many out there in need of your services. Thank you again so much for all of your assistance in this matter.

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.