Jump to content

Recommended Posts

When I try to purchase malwarebytes through the software I get an application not found error. It also displays the website that it should direct you to. I wouldnt mind going to the website and buying that way but i dont want anything wrong with the program. This is after a virus removal with several programs. even took out the hard drive ran virus removal on another machine. Ran a check disk. Im using windows xp. Ive tried superantispyware. combofix. tsskiller. updates are working correctly ive also uninstalled mbam..restarted...ran mbam removal tool..restarted..installed program

DDS (Ver_10-12-12.02) - NTFSx86

Run by Owner at 11:08:28.89 on Mon 01/24/2011

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1278.818 [GMT -7:00]

AV: Microsoft Security Essentials *Enabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\Program Files\Microsoft Security Essentials\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Microsoft Security Essentials\msseces.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\DAP\DAP.EXE

svchost.exe

C:\PROGRA~1\SPEEDB~2\VideoAcceleratorService.exe

C:\PROGRA~1\SPEEDB~2\VideoAcceleratorEngine.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Owner\Desktop\dds.scr

============== Pseudo HJT Report ===============

uInternet Settings,ProxyServer = http=127.0.0.1:25425

BHO: : {11bf46c6-b3de-48bd-bf70-3ad85cab80b5} - c:\progra~1\sitera~1\SiteRank.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: SBCONVERT Class: {3017fb3e-9a77-4396-88c5-0ec9548fb42f} - c:\program files\speedbit video downloader\toolbar\tbcore3.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll

BHO: SearchPredictObj Class: {389943b0-c3a2-4e69-82cb-8596a84cb3dc} - c:\progra~1\search~1\SEARCH~1.DLL

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll

BHO: Inter Payroll Toolbar: {b60d438f-fffa-4c88-bf27-979ba491b2ad} - c:\program files\inter_payroll\tbInt2.dll

BHO: Toolbar BHO: {c6549209-1ff1-4a5c-a815-981f64f34b19} - c:\progra~1\videos~2\bar\1.bin\1ebar.dll

BHO: Search Assistant BHO: {d047fe10-dfe2-45cf-9fbf-966b9e64920f} - c:\program files\videoscavenger_1e\bar\1.bin\1eSrcAs.dll

BHO: Sopcast Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: Download Accelerator Plus Integration: {ff6c3cf0-4b15-11d1-abed-709549c10000} - c:\progra~1\dap\DAPIEL~1.DLL

BHO: GrabberObj Class: {ff7c3cf0-4b15-11d1-abed-709549c10000} - c:\progra~1\speedb~1\toolbar\grabber.dll

TB: SpeedBit Video Downloader: {0329e7d6-6f54-462d-93f6-f5c3118badf2} - c:\program files\speedbit video downloader\toolbar\tbcore3.dll

TB: Inter Payroll Toolbar: {b60d438f-fffa-4c88-bf27-979ba491b2ad} - c:\program files\inter_payroll\tbInt2.dll

TB: VideoScavenger: {acf7da4c-eeb2-484a-a3a1-303d4054d50c} - c:\program files\videoscavenger_1e\bar\1.bin\1ebar.dll

TB: Sopcast Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll

TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File

TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File

TB: {00000000-0000-0000-0000-000000000000} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [DownloadAccelerator] "c:\program files\dap\DAP.EXE" /STARTUP

mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey

mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallati...uot;ver=9.0.872

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

LSP: c:\progra~1\speedb~2\sblsp.dll

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1278447726937

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1278450861718

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://l.yimg.com/jh/games/web_games/popcap/bejeweled2/popcaploader_v6.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\dap\dapie.dll

Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\dap\dapie.dll

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File

============= SERVICES / DRIVERS ===============

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 151216]

R1 MpKslf98a68ea;MpKslf98a68ea;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{10d1d70c-b047-4ba8-bdef-344eb890f321}\MpKslf98a68ea.sys [2011-1-24 28752]

R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\speedb~2\videoacceleratorservice.exe -start -scm --> c:\progra~1\speedb~2\VideoAcceleratorService.exe -start -scm [?]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2010-7-6 11520]

S2 VideoScavenger_1eService;VideoScavenger Service;c:\progra~1\videos~2\bar\1.bin\1ebarsvc.exe [2010-10-22 28766]

=============== Created Last 30 ================

2011-01-24 17:59:53 28752 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{10d1d70c-b047-4ba8-bdef-344eb890f321}\MpKslf98a68ea.sys

2011-01-24 17:58:24 -------- d-----w- c:\docume~1\owner\applic~1\Malwarebytes

2011-01-24 17:54:00 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-01-24 17:53:59 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes

2011-01-24 17:53:55 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-01-24 17:53:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-01-24 16:54:18 5890896 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2011-01-24 16:53:45 5890896 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{10d1d70c-b047-4ba8-bdef-344eb890f321}\mpengine.dll

2011-01-23 01:00:56 222080 ------w- c:\windows\system32\MpSigStub.exe

2011-01-23 00:57:38 -------- d-----w- c:\program files\Microsoft Security Essentials

2011-01-22 18:04:16 -------- d-sh--w- C:\$RECYCLE.BIN

2011-01-22 17:49:56 -------- d-----w- c:\windows\system32\CatRoot2

2011-01-21 20:47:52 -------- d-----w- c:\documents and settings\owner\Plugins

2011-01-21 20:29:45 -------- d-sha-r- C:\cmdcons

2011-01-21 20:25:51 98816 ----a-w- c:\windows\sed.exe

2011-01-21 20:25:51 89088 ----a-w- c:\windows\MBR.exe

2011-01-21 20:25:51 256512 ----a-w- c:\windows\PEV.exe

2011-01-21 20:25:51 161792 ----a-w- c:\windows\SWREG.exe

2011-01-21 20:25:46 -------- d-----w- C:\ComboFix

2011-01-21 17:32:56 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com

2011-01-21 07:24:55 -------- d-----w- c:\docume~1\alluse~1\applic~1\PC Tools

2011-01-21 04:42:20 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\Real

2011-01-21 04:41:37 -------- d-----w- c:\program files\common files\xing shared

2011-01-21 03:30:50 -------- d-sh--w- c:\docume~1\alluse~1\applic~1\PIMQMOS

2011-01-04 04:18:00 -------- d-----w- c:\windows\system32\wbem\repository\FS

2011-01-04 04:18:00 -------- d-----w- c:\windows\system32\wbem\Repository

2011-01-02 22:28:13 -------- d-----w- c:\docume~1\owner\applic~1\Sammsoft

2011-01-02 22:28:03 -------- d-----w- c:\program files\MemTurbo 4

2011-01-02 22:27:39 -------- d-----w- c:\program files\Advanced Registry Optimizer

==================== Find3M ====================

2011-01-21 04:41:11 499712 ----a-w- c:\windows\system32\msvcp71.dll

2011-01-21 04:41:11 348160 ----a-w- c:\windows\system32\msvcr71.dll

2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll

2010-11-15 16:28:20 0 ----a-w- c:\windows\system32\ConduitEngine.tmp

2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll

2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll

2010-11-06 00:26:58 43520 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl

2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec

2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll

============= FINISH: 11:09:09.56 ===============

Attach.zip

Link to post
Share on other sites

:)

Please don't attach the scans / logs from these scans, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.

Please download ATF Cleaner by Atribune.

Download - ATF Cleaner

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.