ferris Posted January 24, 2011 ID:378877 Share Posted January 24, 2011 When I try to purchase malwarebytes through the software I get an application not found error. It also displays the website that it should direct you to. I wouldnt mind going to the website and buying that way but i dont want anything wrong with the program. This is after a virus removal with several programs. even took out the hard drive ran virus removal on another machine. Ran a check disk. Im using windows xp. Ive tried superantispyware. combofix. tsskiller. updates are working correctly ive also uninstalled mbam..restarted...ran mbam removal tool..restarted..installed program DDS (Ver_10-12-12.02) - NTFSx86 Run by Owner at 11:08:28.89 on Mon 01/24/2011Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1278.818 [GMT -7:00]AV: Microsoft Security Essentials *Enabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\Program Files\Microsoft Security Essentials\MsMpEng.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Microsoft Security Essentials\msseces.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\DAP\DAP.EXEsvchost.exeC:\PROGRA~1\SPEEDB~2\VideoAcceleratorService.exeC:\PROGRA~1\SPEEDB~2\VideoAcceleratorEngine.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Documents and Settings\Owner\Desktop\dds.scr============== Pseudo HJT Report ===============uInternet Settings,ProxyServer = http=127.0.0.1:25425BHO: : {11bf46c6-b3de-48bd-bf70-3ad85cab80b5} - c:\progra~1\sitera~1\SiteRank.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: SBCONVERT Class: {3017fb3e-9a77-4396-88c5-0ec9548fb42f} - c:\program files\speedbit video downloader\toolbar\tbcore3.dllBHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dllBHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dllBHO: SearchPredictObj Class: {389943b0-c3a2-4e69-82cb-8596a84cb3dc} - c:\progra~1\search~1\SEARCH~1.DLLBHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dllBHO: Inter Payroll Toolbar: {b60d438f-fffa-4c88-bf27-979ba491b2ad} - c:\program files\inter_payroll\tbInt2.dllBHO: Toolbar BHO: {c6549209-1ff1-4a5c-a815-981f64f34b19} - c:\progra~1\videos~2\bar\1.bin\1ebar.dllBHO: Search Assistant BHO: {d047fe10-dfe2-45cf-9fbf-966b9e64920f} - c:\program files\videoscavenger_1e\bar\1.bin\1eSrcAs.dllBHO: Sopcast Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllBHO: Download Accelerator Plus Integration: {ff6c3cf0-4b15-11d1-abed-709549c10000} - c:\progra~1\dap\DAPIEL~1.DLLBHO: GrabberObj Class: {ff7c3cf0-4b15-11d1-abed-709549c10000} - c:\progra~1\speedb~1\toolbar\grabber.dllTB: SpeedBit Video Downloader: {0329e7d6-6f54-462d-93f6-f5c3118badf2} - c:\program files\speedbit video downloader\toolbar\tbcore3.dllTB: Inter Payroll Toolbar: {b60d438f-fffa-4c88-bf27-979ba491b2ad} - c:\program files\inter_payroll\tbInt2.dllTB: VideoScavenger: {acf7da4c-eeb2-484a-a3a1-303d4054d50c} - c:\program files\videoscavenger_1e\bar\1.bin\1ebar.dllTB: Sopcast Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dllTB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dllTB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No FileTB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No FileTB: {00000000-0000-0000-0000-000000000000} - No FileuRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [DownloadAccelerator] "c:\program files\dap\DAP.EXE" /STARTUPmRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkeymRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallati...uot;ver=9.0.872dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -tIE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeLSP: c:\progra~1\speedb~2\sblsp.dllDPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1278447726937DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1278450861718DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabDPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://l.yimg.com/jh/games/web_games/popcap/bejeweled2/popcaploader_v6.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabName-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\dap\dapie.dllName-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\dap\dapie.dllNotify: igfxcui - igfxdev.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllSEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File============= SERVICES / DRIVERS ===============R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 151216]R1 MpKslf98a68ea;MpKslf98a68ea;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{10d1d70c-b047-4ba8-bdef-344eb890f321}\MpKslf98a68ea.sys [2011-1-24 28752]R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\speedb~2\videoacceleratorservice.exe -start -scm --> c:\progra~1\speedb~2\VideoAcceleratorService.exe -start -scm [?]R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2010-7-6 11520]S2 VideoScavenger_1eService;VideoScavenger Service;c:\progra~1\videos~2\bar\1.bin\1ebarsvc.exe [2010-10-22 28766]=============== Created Last 30 ================2011-01-24 17:59:53 28752 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{10d1d70c-b047-4ba8-bdef-344eb890f321}\MpKslf98a68ea.sys2011-01-24 17:58:24 -------- d-----w- c:\docume~1\owner\applic~1\Malwarebytes2011-01-24 17:54:00 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2011-01-24 17:53:59 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes2011-01-24 17:53:55 20952 ----a-w- c:\windows\system32\drivers\mbam.sys2011-01-24 17:53:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2011-01-24 16:54:18 5890896 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll2011-01-24 16:53:45 5890896 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{10d1d70c-b047-4ba8-bdef-344eb890f321}\mpengine.dll2011-01-23 01:00:56 222080 ------w- c:\windows\system32\MpSigStub.exe2011-01-23 00:57:38 -------- d-----w- c:\program files\Microsoft Security Essentials2011-01-22 18:04:16 -------- d-sh--w- C:\$RECYCLE.BIN2011-01-22 17:49:56 -------- d-----w- c:\windows\system32\CatRoot22011-01-21 20:47:52 -------- d-----w- c:\documents and settings\owner\Plugins2011-01-21 20:29:45 -------- d-sha-r- C:\cmdcons2011-01-21 20:25:51 98816 ----a-w- c:\windows\sed.exe2011-01-21 20:25:51 89088 ----a-w- c:\windows\MBR.exe2011-01-21 20:25:51 256512 ----a-w- c:\windows\PEV.exe2011-01-21 20:25:51 161792 ----a-w- c:\windows\SWREG.exe2011-01-21 20:25:46 -------- d-----w- C:\ComboFix2011-01-21 17:32:56 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com2011-01-21 07:24:55 -------- d-----w- c:\docume~1\alluse~1\applic~1\PC Tools2011-01-21 04:42:20 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\Real2011-01-21 04:41:37 -------- d-----w- c:\program files\common files\xing shared2011-01-21 03:30:50 -------- d-sh--w- c:\docume~1\alluse~1\applic~1\PIMQMOS2011-01-04 04:18:00 -------- d-----w- c:\windows\system32\wbem\repository\FS2011-01-04 04:18:00 -------- d-----w- c:\windows\system32\wbem\Repository2011-01-02 22:28:13 -------- d-----w- c:\docume~1\owner\applic~1\Sammsoft2011-01-02 22:28:03 -------- d-----w- c:\program files\MemTurbo 42011-01-02 22:27:39 -------- d-----w- c:\program files\Advanced Registry Optimizer==================== Find3M ====================2011-01-21 04:41:11 499712 ----a-w- c:\windows\system32\msvcp71.dll2011-01-21 04:41:11 348160 ----a-w- c:\windows\system32\msvcr71.dll2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll2010-11-15 16:28:20 0 ----a-w- c:\windows\system32\ConduitEngine.tmp2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll2010-11-06 00:26:58 43520 ----a-w- c:\windows\system32\licmgr10.dll2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll============= FINISH: 11:09:09.56 ===============Attach.zip Link to post Share on other sites More sharing options...
LDTate Posted January 24, 2011 ID:379002 Share Posted January 24, 2011 Please don't attach the scans / logs from these scans, use "copy/paste".DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.Vista and Windows 7 users:1. These tools MUST be run from the executable. (.exe) every time you run them 2. With Admin Rights (Right click, choose "Run as Administrator")Stay with this topic until I give you the all clean post.You might want to print these instructions out.Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.Please download ATF Cleaner by Atribune.Download - ATF Cleaner Link to post Share on other sites More sharing options...
ferris Posted January 26, 2011 Author ID:379914 Share Posted January 26, 2011 ok thanks ill give that a try. I must have read the instructions wrong I thought i was to upload as attatchment. thanks for response Link to post Share on other sites More sharing options...
LDTate Posted January 27, 2011 ID:380019 Share Posted January 27, 2011 uInternet Settings,ProxyServer = http=127.0.0.1:25425You have a proxy hijacker that we need to remove and the fix I posted should remove. Link to post Share on other sites More sharing options...
LDTate Posted January 31, 2011 ID:381955 Share Posted January 31, 2011 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts