Jump to content

Recommended Posts

Hello

Several programs have stopped working in 'normal' boot mode, though they do work in 'safe' mode.

These include IE9, Windows Mail, Google Earth, Spotify.

Flash will not work (though removed and reinstalled).

Firefox (and sometimes Chrome) crashes when attempting downloads. I could not for example, download DDS except in safe mode.

My previous anti-virus protection - McAfee - would not operate and I am now using Microsoft Security Essentials.

I have disabled start up programs and checked for any unwanted programs on the system.

I have run Malwarebytes.

My DDS files are attached below.

My HiJackThis file has been parsed by hjt.networktechs.com and can be viewed at:

http://hjt.networktechs.com/parse.php?log=938981

So ... I was wondering if anyone can advise what to do next.

Thanks

Les

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_27

Run by Leslie at 13:08:23 on 2011-10-22

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3006.2132 [GMT 1:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Google\Update\1.3.21.79\GoogleCrashHandler.exe

C:\Users\Leslie\AppData\Local\Google\Update\1.3.21.79\GoogleCrashHandler.exe

C:\Program Files\Common Files\Motive\McciCMService.exe

C:\Windows\system32\mfevtps.exe

C:\Program Files\Microsoft LifeCam\MSCamS32.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Windows\system32\STacSV.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Windows Media Player\wmplayer.exe

c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Windows\system32\msfeedssync.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uSearch Page = hxxp://www.google.com

uWindow Title = Microsoft Internet Explorer provided by BT Openworld

uStart Page = hxxp://www.bbc.co.uk/news/

mDefault_Search_URL = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/

mSearch Page = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sp/*http://uk.search.yahoo.com/

uInternet Settings,ProxyOverride = <local>;*.local

uInternet Settings,ProxyServer = http=127.0.0.1:6092

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mSearchAssistant = hxxp://www.google.com/ie

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll

BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\free desktop clock db toolbar\tbcore3.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll

TB: Free Desktop Clock DB Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - c:\program files\free desktop clock db toolbar\tbcore3.dll

TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

TB: {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No File

uRun: [<NO NAME>]

uRun: [Google Update] "c:\users\leslie\appdata\local\google\update\GoogleUpdate.exe" /c

mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\ssv.dll

IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll

IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll

LSP: c:\windows\system32\wpclsp.dll

DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.254 192.168.1.254

TCP: Interfaces\{415E46C2-7982-45DE-A495-14F5C4D9D0A3} : DhcpNameServer = 192.168.1.254 192.168.1.254

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

SEH: MarkAny Contents Safer Manager 1.0: {88485281-8b4b-4f8d-9ede-82e29a064277} - ShellHook Class

mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\leslie\appdata\roaming\mozilla\firefox\profiles\mxp97udq.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.bbc.co.uk/news/

FF - prefs.js: network.proxy.http - 127.0.0.1

FF - prefs.js: network.proxy.http_port - 6092

FF - prefs.js: network.proxy.type - 0

FF - plugin: c:\program files\common files\motive\npMotive.dll

FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll

FF - plugin: c:\program files\google\picasa3\npPicasa2.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\users\leslie\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll

FF - plugin: c:\users\leslie\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-3-13 459728]

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]

R1 MpKsl8e7ec64e;MpKsl8e7ec64e;c:\programdata\microsoft\microsoft antimalware\definition updates\{41294e36-c2dc-453b-9e07-ddba62e89a43}\MpKsl8e7ec64e.sys [2011-10-22 28752]

R1 RapportCerberus_29574;RapportCerberus_29574;c:\programdata\trusteer\rapport\store\exts\rapportcerberus\29574\RapportCerberus32_29574.sys [2011-8-3 216912]

R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2011-9-25 70416]

R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2011-9-25 161936]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-10-4 148520]

R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2011-9-25 919352]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]

R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-24 21504]

S2 gupdate1c90d02e9defad0;Google Update Service (gupdate1c90d02e9defad0);c:\program files\google\update\GoogleUpdate.exe [2008-9-2 133104]

S2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-10-4 271480]

S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-22 39272]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2008-9-2 133104]

S3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.4.0;c:\windows\system32\drivers\libusb0.sys [2011-10-7 21504]

S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2011-6-13 267568]

S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-4-14 34248]

S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-4-14 40552]

S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]

S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-12-30 137344]

S3 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2011-9-25 56336]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-10-22 12:06:31 28752 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{41294e36-c2dc-453b-9e07-ddba62e89a43}\MpKsl8e7ec64e.sys

2011-10-22 12:06:29 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{41294e36-c2dc-453b-9e07-ddba62e89a43}\offreg.dll

2011-10-22 10:36:57 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-10-22 07:54:38 6668624 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{41294e36-c2dc-453b-9e07-ddba62e89a43}\mpengine.dll

2011-10-14 17:40:02 388096 ----a-r- c:\users\leslie\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2011-10-14 17:40:00 -------- d-----w- c:\program files\Trend Micro

2011-10-12 21:44:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2011-10-12 21:44:00 194048 ----a-w- c:\program files\internet explorer\IEShims.dll

2011-10-12 21:44:00 141088 ----a-w- c:\program files\internet explorer\sqmapi.dll

2011-10-12 21:43:59 1126912 ----a-w- c:\windows\system32\wininet.dll

2011-10-12 21:43:58 678912 ----a-w- c:\program files\internet explorer\iedvtool.dll

2011-10-12 21:43:58 1798144 ----a-w- c:\windows\system32\jscript9.dll

2011-10-12 21:13:05 293376 ----a-w- c:\windows\system32\psisdecd.dll

2011-10-12 21:13:04 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax

2011-10-12 21:13:04 57856 ----a-w- c:\windows\system32\MSDvbNP.ax

2011-10-12 21:13:04 217088 ----a-w- c:\windows\system32\psisrndr.ax

2011-10-12 21:12:38 2043392 ----a-w- c:\windows\system32\win32k.sys

2011-10-12 21:12:33 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

2011-10-12 21:12:26 563712 ----a-w- c:\windows\system32\oleaut32.dll

2011-10-12 21:12:26 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll

2011-10-12 21:12:26 4096 ----a-w- c:\windows\system32\oleaccrc.dll

2011-10-12 21:12:26 238080 ----a-w- c:\windows\system32\oleacc.dll

2011-10-11 13:00:21 439632 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\nisbackup\gapaengine.dll

2011-10-11 13:00:15 703824 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{94bf7a71-60a9-40d6-9eaf-9d382b3ed394}\gapaengine.dll

2011-10-09 11:26:38 200976 ----a-w- c:\windows\system32\drivers\tmcomm.sys

2011-10-07 17:52:18 37376 ----a-w- c:\windows\system32\libusb0.dll

2011-10-07 17:52:18 21504 ----a-w- c:\windows\system32\drivers\libusb0.sys

2011-10-07 06:28:19 -------- d-----w- c:\users\leslie\appdata\local\Solid State Networks

2011-10-06 18:48:32 6668624 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2011-10-05 13:20:44 307200 ----a-w- c:\program files\internet explorer\iediagcmd.exe

2011-10-05 08:32:19 -------- d-----w- c:\program files\Microsoft Security Client

2011-10-05 08:31:10 221568 ----a-w- c:\windows\system32\drivers\netio.sys

2011-10-04 18:41:59 -------- d-----w- c:\users\leslie\appdata\local\Thunderbird

2011-10-04 13:40:03 -------- d-----w- c:\users\leslie\appdata\roaming\Malwarebytes

2011-10-04 13:39:54 -------- d-----w- c:\programdata\Malwarebytes

2011-10-04 13:39:51 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-10-04 13:39:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-10-04 13:23:04 -------- d-----w- c:\program files\common files\Mcafee

2011-10-04 13:23:03 -------- d-----w- c:\program files\McAfee.com

2011-10-04 13:14:51 148520 ----a-w- c:\windows\system32\mfevtps.exe

2011-10-04 10:38:39 7269712 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{440bb959-83f8-4d48-98ed-faf873ca8429}\mpengine.dll

2011-09-26 19:50:41 -------- d-----w- c:\users\leslie\appdata\roaming\Invodom

2011-09-25 18:00:08 56336 ----a-w- c:\windows\system32\drivers\RapportKELL.sys

2011-09-25 00:19:44 -------- d-----w- c:\users\leslie\appdata\roaming\OpenOffice.org

2011-09-25 00:16:48 -------- d-----w- c:\program files\OpenOffice.org 3

2011-09-23 14:37:14 -------- d-----w- c:\users\leslie\appdata\roaming\InfraRecorder

2011-09-23 14:24:09 -------- d-----w- c:\program files\InfraRecorder

.

==================== Find3M ====================

.

.

============= FINISH: 13:10:31.56 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume3

Install Date: 27/03/2007 02:13:11

System Uptime: 22/10/2011 13:06:13 (0 hours ago)

.

Motherboard: Dell Inc | | 0HY175

Processor: AMD Athlon 64 X2 Dual Core Processor 3800+ | Socket M2 | 2000/1000mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 139 GiB total, 46.072 GiB free.

D: is FIXED (NTFS) - 10 GiB total, 6.368 GiB free.

E: is CDROM ()

G: is Removable

H: is Removable

I: is Removable

J: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

.

==== Installed Programs ======================

.

7-Zip 9.20

Acrobat.com

Add-In Information Lister

Adobe Acrobat 4.0

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.3

Amazon Kindle

Apple Application Support

Apple Mobile Device Support

Apple Software Update

BBC iPlayer Desktop

Bonjour

Brother MFL Pro

BT Broadband Desktop Help

BT Home Hub

BT Yahoo! Applications

Cakewalk Express 8

Canon MP140 series

Canon MP140 series User Registration

Canon Utilities Easy-LayoutPrint

Canon Utilities Easy-PhotoPrint

CCleaner

CoffeeCup HTML Editor

CoffeeCup HTML Editor 2008

CoffeeCup Image Mapper

CoffeeCup StyleSheet Maker

Compatibility Pack for the 2007 Office system

Corel Paint Shop Pro Photo XI

Corel Snapfire Plus

D3DX10

Defraggler

Dell Driver Download Manager

Dell Support Center

Dell System Customization Wizard

DellSupport

DesignPro 5 Lite Edition

DHTML Editing Component

EPSON TWAIN 5

Facebook Video Calling 1.0.0.8714

Free Desktop Clock DB Toolbar

Google Chrome

Google Gears

Google Toolbar for Internet Explorer

Google Update Helper

Google Updater

Highlight Viewer (Windows Live Toolbar)

HiJackThis

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Driver Diagnostics

InfraRecorder

Internet Explorer (Enable DEP)

iPhone Configuration Utility

iTunes

Java Auto Updater

Java 6 Update 22

Java 6 Update 27

Junk Mail filter update

Kobo

Lame ACM MP3 Codec

LibreOffice 3.3

LibreOffice 3.3 Help Pack (English)

Macromedia Dreamweaver MX

Macromedia Extension Manager

Macromedia Fireworks MX 2004

Malwarebytes' Anti-Malware version 1.51.2.1300

Map Button (Windows Live Toolbar)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2572067)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Antimalware

Microsoft Application Error Reporting

Microsoft Automated Troubleshooting Services Shim

Microsoft AutoRoute 2001

Microsoft Corporation

Microsoft Fix it Center

Microsoft LifeCam

Microsoft Office 2000 SR-1 Disc 2

Microsoft Office 2000 SR-1 Professional

Microsoft Office 2000 Web Archive Add-On

Microsoft Search Enhancement Pack

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Word Web Archive Converter

Microsoft Works

MobileMe Control Panel

Mozilla Firefox 7.0.1 (x86 en-GB)

Mozilla Thunderbird (7.0.1)

MSVC80_x86_v2

MSVC90_x86

MSVCRT

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Musicnotes Player V1.23.1

Nokia Connectivity Cable Driver

Nokia Ovi Player

Nokia Ovi Suite

Nokia Ovi Suite Software Updater

Nokia_Multimedia_Common_Components_2_5

NVIDIA Drivers

NWAT

OGA Notifier 2.0.0048.0

OpenOffice.org 3.3

Ovi Desktop Sync Engine

OviMPlatform

Paint Shop Pro 7

PC Connectivity Solution

PerformanceTest v7.0

Picasa 3

PIXMA Extended Survey Program

QuickTime

Rapport

Safari

Samsung Media Studio

ScanSoft OmniPage SE 4

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Segoe UI

SigmaTel Audio

Skype web features

Skype™ 4.1

Smart Menus (Windows Live Toolbar)

Sonic Activation Module

Speccy

Spelling Dictionaries Support For Adobe Reader 9

Spotify

Time Saving Excel Solutions

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)

Windows Installer Clean Up

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Favorites for Windows Live Toolbar

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live Toolbar Extension (Windows Live Toolbar)

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinZip

XviD MPEG-4 Video Codec

.

==== Event Viewer Messages From Past Week ========

.

22/10/2011 13:08:58, Error: Service Control Manager [7003] - The McAfee Network Agent service depends the following service: mfefire. This service might not be installed.

22/10/2011 13:07:04, Error: Service Control Manager [7003] - The McAfee Proxy Service service depends the following service: mfefire. This service might not be installed.

22/10/2011 13:07:04, Error: Service Control Manager [7000] - The SupportSoft Sprocket Service (dellsupportcenter) service failed to start due to the following error: The system cannot find the file specified.

22/10/2011 13:07:01, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

22/10/2011 12:50:10, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: MpFilter spldr Wanarpv6

22/10/2011 12:50:10, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

22/10/2011 12:49:59, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

22/10/2011 12:49:58, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

22/10/2011 12:49:54, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

22/10/2011 12:49:51, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

22/10/2011 12:49:41, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

22/10/2011 12:41:00, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

22/10/2011 11:39:55, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

22/10/2011 08:43:25, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

21/10/2011 07:59:48, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

20/10/2011 09:03:25, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

20/10/2011 09:01:19, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

20/10/2011 08:59:40, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.115.68.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7801.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

20/10/2011 08:59:40, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

20/10/2011 07:30:49, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

19/10/2011 19:00:18, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {F706B4B5-72BC-49D5-967C-05194FA83446} to the user Leslie-PC\Leslie SID (S-1-5-21-2155982950-3057843811-3124903850-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

19/10/2011 10:28:35, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

19/10/2011 08:06:04, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

19/10/2011 07:51:00, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

18/10/2011 07:35:59, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

16/10/2011 07:57:38, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

15/10/2011 19:46:39, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

15/10/2011 16:31:36, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

15/10/2011 11:02:24, Error: Microsoft-Windows-PrintSpooler [6161] - The document A guide to London in Tudor times YR8, owned by Guest, failed to print on printer Colour. Try to print the document again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 646536. Number of bytes printed: 641452. Total number of pages in the document: 2. Number of pages printed: 0. Client computer: \\BEVERLEY. Win32 error code returned by the print processor: 1. Incorrect function.

15/10/2011 00:12:30, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

.

==== End Of File ===========================

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.