Announcement

Announcement Module
Collapse
No announcement yet.

I need help!

Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • I need help!

    Hello, First post so Ill try to keep your attention

    Like a moron, I went to download a piece of music from a buddy's band and clicked the wrong download link. It was an ad and it's gone all downhill from there.

    At first I had
    Rogue:Win32/FakeRean
    but I believe my Security Essentials caught it and removed it but yet it is happening again.
    Another bogus antivirus trying to get me to accept a whole bunch of stuff

    This one was called
    Windows Security and Vista Internet security

    I've been through so much trouble trying to rid these things. My IObit malware fighter wont catch it and neither will my Microsoft Security Essentials.

    I'm also getting a PING.exe thing running my 6 core pc to death as well which isn't normal.

    Any advice on what to do? Please help. Would be greatly appreciated. Thanks everyone

  • #2
    Hi Jm Caldwell!

    Welcome to Iobit forum!:smile: You have our attention. First post or last that's up to you!

    Your machine definitely has malware. We can help! You must follow all instructions exactly!

    Please start by clicking on and following these instructions: Guidelines for requesting malware removal assistance . You can skip step # 2. then copy/paste the dds log here.

    Afterwards be patient and make no further changes to your system after you run the dds log as requested.(no downloads of software or uninstalls)
    to your system...:smile:

    Look for further instructions from Superdave!


    Sincerely,
    -Mel
    Live long and prosper!
    Last edited by Melvin_Deal; Dec. 13th, 2011, 05:43.


    Comment


    • #3
      Hello and welcome to IOBit Forums. My name is Dave. I will be helping you out with your particular problem on your computer.

      1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
      2. The fixes are specific to your problem and should only be used for this issue on this machine.
      3. If you don't know or understand something, please don't hesitate to ask.
      4. Please DO NOT run any other tools or scans while I am helping you.
      5. It is important that you reply to this thread. Do not start a new topic.
      6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
      7. Absence of symptoms does not mean that everything is clear.

      If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
      *************************************************************
      Please run these other scans along with the DDS also.

      SUPERAntiSpyware

      If you already have SUPERAntiSpyware be sure to check for updates before scanning!

      Download SuperAntispyware Free Edition (SAS)
      * Double-click the icon on your desktop to run the installer.
      * When asked to Update the program definitions, click Yes
      * If you encounter any problems while downloading the updates, manually download and unzip them from here
      * Next click the Preferences button.

      •Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
      * Click the Scanning Control tab.
      * Under Scanner Options make sure only the following are checked:

      •Close browsers before scanning
      •Scan for tracking cookies
      •Terminate memory threats before quarantining
      Please leave the others unchecked

      •Click the Close button to leave the control center screen.

      * On the main screen click Scan your computer
      * On the left check the box for the drive you are scanning.
      * On the right choose Perform Complete Scan
      * Click Next to start the scan. Please be patient while it scans your computer.
      * After the scan is complete a summary box will appear. Click OK
      * Make sure everything in the white box has a check next to it, then click Next
      * It will quarantine what it found and if it asks if you want to reboot, click Yes

      •To retrieve the removal information please do the following:
      •After reboot, double-click the SUPERAntiSpyware icon on your desktop.
      •Click Preferences. Click the Statistics/Logs tab.

      •Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

      •It will open in your default text editor (preferably Notepad).
      •Save the notepad file to your desktop by clicking (in notepad) File > Save As...

      * Save the log somewhere you can easily find it. (normally the desktop)
      * Click close and close again to exit the program.
      *Copy and Paste the log in your post.
      ***********************************************
      Please download Malwarebytes Anti-Malware from here.
      Double Click mbam-setup.exe to install the application.
      • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
      • If an update is found, it will download and install the latest version.
      • Once the program has loaded, select "Perform Full Scan", then click Scan.
      • The scan may take some time to finish,so please be patient.
      • When the scan is complete, click OK, then Show Results to view the results.
      • Make sure that everything is checked, and click Remove Selected.
      • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
      • Please save the log to a location you will remember.
      • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
      • Copy and paste the entire report in your next reply.
      Extra Note:

      If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

      Comment


      • #4
        Attach

        .
        UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
        IF REQUESTED, ZIP IT UP & ATTACH IT
        .
        DDS (Ver_2011-08-26.01)
        .
        Microsoft® Windows Vista™ Home Premium
        Boot Device: \Device\HarddiskVolume1
        Install Date: 7/19/2011 9:12:01 PM
        System Uptime: 12/13/2011 2:18:33 PM (0 hours ago)
        .
        Motherboard: ASUSTeK Computer INC. | | M4A89GTD-PRO/USB3
        Processor: AMD Phenom(tm) II X6 1055T Processor | AM3 | 2800/200mhz
        .
        ==== Disk Partitions =========================
        .
        C: is FIXED (NTFS) - 466 GiB total, 243.675 GiB free.
        D: is CDROM ()
        .
        ==== Disabled Device Manager Items =============
        .
        Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
        Description: Microsoft ISATAP Adapter
        Device ID: ROOT\*ISATAP\0000
        Manufacturer: Microsoft
        Name: isatap.{57DA05C2-6D2C-4592-92DD-AD8D0CED5DC8}
        PNP Device ID: ROOT\*ISATAP\0000
        Service: tunnel
        .
        Class GUID:
        Description: Universal Serial Bus (USB) Controller
        Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_84131043&REV_03\4&1DFBC464&0&0048
        Manufacturer:
        Name: Universal Serial Bus (USB) Controller
        PNP Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_84131043&REV_03\4&1DFBC464&0&0048
        Service:
        .
        ==== System Restore Points ===================
        .
        .
        ==== Installed Programs ======================
        .
        Adobe AIR
        Adobe Anchor Service CS4
        Adobe Bridge CS4
        Adobe CMaps CS4
        Adobe Color - Photoshop Specific CS4
        Adobe Color EU Extra Settings CS4
        Adobe Color JA Extra Settings CS4
        Adobe Color NA Recommended Settings CS4
        Adobe Color Video Profiles CS CS4
        Adobe CSI CS4
        Adobe Default Language CS4
        Adobe Device Central CS4
        Adobe Drive CS4
        Adobe ExtendScript Toolkit CS4
        Adobe Extension Manager CS4
        Adobe Flash Player 10 ActiveX
        Adobe Flash Player 11 Plugin
        Adobe Fonts All
        Adobe Linguistics CS4
        Adobe Media Player
        Adobe Output Module
        Adobe PDF Library Files CS4
        Adobe Photoshop CS4
        Adobe Photoshop CS4 Support
        Adobe Reader X (10.1.1)
        Adobe Search for Help
        Adobe Service Manager Extension
        Adobe Setup
        Adobe Type Support CS4
        Adobe Update Manager CS4
        Adobe WinSoft Linguistics Plugin
        Adobe XMP Panels CS4
        AdobeColorCommonSetCMYK
        AdobeColorCommonSetRGB
        Advanced SystemCare 5
        AMD APP SDK Runtime
        AMD Catalyst Install Manager
        AMD Fuel
        AMD VISION Engine Control Center
        Apple Application Support
        Apple Mobile Device Support
        Apple Software Update
        ATI AVIVO Codecs
        ATI Problem Report Wizard
        Battlefield 3™ Open Beta
        Battlefield: Bad Company 2
        Battlelog Web Plugins
        BitTorrent
        Bonjour
        Call of Duty 2
        Call of Duty: Modern Warfare 3
        Call of Duty: Modern Warfare 3 - Multiplayer
        Catalyst Control Center - Branding
        Catalyst Control Center Graphics Previews Common
        Catalyst Control Center InstallProxy
        ccc-utility
        CCC Help English
        Connect
        Counter-Strike: Source
        dBpoweramp DSP Effects
        dBpoweramp Music Converter
        Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
        DiRT 3
        DivX Setup
        doubleTwist
        ESN Sonar
        Game Booster
        Google Calendar Sync
        Grand Theft Auto IV
        Grand Theft Auto: Episodes from Liberty City
        Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
        Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
        HydraVision
        IObit Malware Fighter
        iTunes
        Java Auto Updater
        Java(TM) 6 Update 26
        kuler
        Malwarebytes' Anti-Malware version 1.51.2.1300
        Microsoft .NET Framework 3.5 SP1
        Microsoft .NET Framework 4 Client Profile
        Microsoft Antimalware
        Microsoft Corporation
        Microsoft Games for Windows - LIVE Redistributable
        Microsoft Games for Windows Marketplace
        Microsoft LifeCam
        Microsoft Office 2010 Service Pack 1 (SP1)
        Microsoft Office Access MUI (English) 2010
        Microsoft Office Access Setup Metadata MUI (English) 2010
        Microsoft Office Excel MUI (English) 2010
        Microsoft Office Groove MUI (English) 2010
        Microsoft Office InfoPath MUI (English) 2010
        Microsoft Office OneNote MUI (English) 2010
        Microsoft Office Outlook MUI (English) 2010
        Microsoft Office PowerPoint MUI (English) 2010
        Microsoft Office Professional Plus 2010
        Microsoft Office Proof (English) 2010
        Microsoft Office Proof (French) 2010
        Microsoft Office Proof (Spanish) 2010
        Microsoft Office Proofing (English) 2010
        Microsoft Office Publisher MUI (English) 2010
        Microsoft Office Shared MUI (English) 2010
        Microsoft Office Shared Setup Metadata MUI (English) 2010
        Microsoft Office Word MUI (English) 2010
        Microsoft Security Client
        Microsoft Security Essentials
        Microsoft Silverlight
        Microsoft Visual C++ 2005 Redistributable
        Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
        Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
        Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
        Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
        Mozilla Firefox 6.0 (x86 en-US)
        Need For Speed™ World
        ObjectDock Free
        OpenAL
        Origin
        PDF Settings CS4
        Photoshop Camera Raw
        PunkBuster Services
        QuickTime
        Rapture3D 2.4.8 Game
        Razer DeathAdder(TM) Mouse
        Razer Lycosa
        Realtek Ethernet Controller All-In-One Windows Driver
        Realtek High Definition Audio Driver
        RtkDashClientInstaller
        Samsung Kies
        SAMSUNG USB Driver for Mobile Phones
        SanDiskSecureAccess_Manager.exe
        Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
        Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
        Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
        Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
        Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
        Security Update for Microsoft Excel 2010 (KB2553070)
        Security Update for Microsoft Office 2010 (KB2553091)
        Security Update for Microsoft Office 2010 (KB2553096)
        Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
        Shareaza
        Skype™ 5.6
        Smart Defrag 2
        Steam
        Suite Shared Configuration CS4
        SUPERAntiSpyware
        System Requirements Lab CYRI
        Team Fortress 2
        TeamSpeak 3 Client
        Uniblue RegistryBooster
        Uniblue SpeedUpMyPC
        Uniblue SystemTweaker
        Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
        Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
        Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
        Update for Microsoft Office 2010 (KB2553065)
        Update for Microsoft Office 2010 (KB2553092)
        Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
        Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
        Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition
        Update for Microsoft Office 2010 (KB2566458)
        Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
        Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
        Update for Microsoft Outlook Social Connector (KB2583935)
        VC80CRTRedist - 8.0.50727.6195
        Ventrilo Client
        Windows Live ID Sign-in Assistant
        Windows Media Player Firefox Plugin
        WinRAR 4.01 (32-bit)
        Xfire (remove only)
        .
        ==== Event Viewer Messages From Past Week ========
        .
        12/9/2011 3:31:17 AM, Error: Service Control Manager [7030] - The Advanced SystemCare Service 5 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
        12/9/2011 11:11:20 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
        12/9/2011 11:11:20 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
        12/9/2011 11:08:26 PM, Error: EventLog [6008] - The previous system shutdown at 12:52:47 PM on 12/9/2011 was unexpected.
        12/13/2011, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
        12/13/2011 2:34:04 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
        12/13/2011 2:21:11 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
        12/13/2011 2:20:56 PM, Error: Service Control Manager [7000] - The UrlFilter service failed to start due to the following error: There are no more endpoints available from the endpoint mapper.
        12/13/2011 2:20:32 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
        12/13/2011 2:20:32 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
        12/13/2011 2:20:32 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
        12/13/2011 2:20:32 PM, Error: Service Control Manager [7001] - The Windows Media Center Extender Service service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
        12/13/2011 2:19:09 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
        12/13/2011 2:18:53 PM, Error: volmgr [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
        12/13/2011 12:18:49 AM, Error: Service Control Manager [7034] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 3 time(s).
        12/13/2011 12:18:49 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
        12/13/2011 11:44:46 AM, Error: Service Control Manager [7000] - The DTSAudioService service failed to start due to the following error: The system cannot find the file specified.
        12/13/2011 11:43:46 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
        12/13/2011 11:43:22 AM, Error: EventLog [6008] - The previous system shutdown at 3:52:30 AM on 12/13/2011 was unexpected.
        12/12/2011 9:51:35 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC MpFilter NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr tdx Wanarpv6
        12/12/2011 9:51:35 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
        12/12/2011 9:51:35 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
        12/12/2011 9:51:35 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
        12/12/2011 9:51:35 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
        12/12/2011 9:51:35 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
        12/12/2011 9:51:35 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
        12/12/2011 9:51:35 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
        12/12/2011 9:51:35 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
        12/12/2011 9:51:35 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
        12/12/2011 9:51:35 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
        12/12/2011 9:51:35 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
        12/12/2011 9:50:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
        12/12/2011 9:50:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
        12/12/2011 9:50:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
        12/12/2011 9:50:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
        12/12/2011 9:50:24 PM, Error: Microsoft-Windows-TerminalServices-LocalSessionManager [1048] - Terminal Service start failed. The relevant status code was This service cannot be started in Safe Mode .
        12/12/2011 9:50:24 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}
        12/12/2011 9:50:18 PM, Error: EventLog [6008] - The previous system shutdown at 9:48:26 PM on 12/12/2011 was unexpected.
        12/12/2011 9:47:44 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
        12/12/2011 11:58:30 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
        12/12/2011 11:58:30 PM, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
        12/12/2011 11:40:45 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
        12/12/2011 11:37:28 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
        12/12/2011 11:37:28 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
        12/12/2011 11:37:28 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
        12/12/2011 11:23:52 PM, Error: Service Control Manager [7034] - The Advanced SystemCare Service 5 service terminated unexpectedly. It has done this 1 time(s).
        12/12/2011 10:27:39 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
        12/12/2011 10:25:12 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Microsoft Antimalware Service service, but this action failed with the following error: An instance of the service is already running.
        12/12/2011 10:25:10 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
        12/12/2011 10:24:57 PM, Error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
        12/12/2011 10:08:23 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
        12/12/2011 10:03:19 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
        12/12/2011 1:48:15 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer KEVIN-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{57DA05C2-6D2C-4592-92DD-AD8D0CED5. The master browser is stopping or an election is being forced.
        .
        ==== End Of File ===========================

        Comment


        • #5
          Dds

          .
          DDS (Ver_2011-08-26.01) - NTFSx86
          Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
          Run by Jordan at 14:42:27 on 2011-12-13
          Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3325.1384 [GMT -5:00]
          .
          AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
          SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
          SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
          .
          ============== Running Processes ===============
          .
          C:\Windows\system32\wininit.exe
          C:\Windows\system32\lsm.exe
          C:\Windows\system32\svchost.exe -k DcomLaunch
          C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
          C:\Windows\system32\svchost.exe -k rpcss
          c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
          C:\Windows\system32\atiesrxx.exe
          C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
          C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
          C:\Windows\system32\svchost.exe -k netsvcs
          C:\Windows\system32\svchost.exe -k GPSvcGroup
          C:\Windows\system32\SLsvc.exe
          C:\Windows\system32\atieclxx.exe
          C:\Windows\system32\svchost.exe -k LocalService
          C:\Windows\system32\svchost.exe -k NetworkService
          C:\Windows\system32\svchost.exe -k netsvcs
          C:\Windows\System32\spoolsv.exe
          C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
          C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
          C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
          C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
          C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
          C:\Program Files\Bonjour\mDNSResponder.exe
          C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
          C:\Program Files\Realtek\Audio\HDA\DTSAudioService.exe
          C:\Program Files\Microsoft LifeCam\MSCamS32.exe
          C:\Windows\system32\PnkBstrA.exe
          C:\Windows\system32\svchost.exe -k imgsvc
          C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
          C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
          C:\Windows\system32\taskeng.exe
          C:\Windows\system32\Dwm.exe
          C:\Windows\system32\taskeng.exe
          C:\Windows\Explorer.EXE
          C:\Windows\system32\taskeng.exe
          C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe
          C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
          C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
          C:\Program Files\Realtek\RtkDashClientInstaller\RtkDashClient.exe
          C:\Program Files\Razer\DeathAdder\razerhid.exe
          C:\Program Files\Razer\Razer Lycosa\razerhid.exe
          C:\Program Files\Microsoft Security Client\msseces.exe
          C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
          C:\Program Files\SAMSUNG\Kies\KiesTrayAgent.exe
          C:\Program Files\DivX\DivX Update\DivXUpdate.exe
          C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
          C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
          C:\Windows\ehome\ehtray.exe
          C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
          C:\Windows\system32\SearchIndexer.exe
          C:\Program Files\Windows Media Player\wmpnscfg.exe
          C:\Windows\ehome\ehmsas.exe
          C:\Program Files\Razer\DeathAdder\razertra.exe
          C:\Program Files\Razer\DeathAdder\razerofa.exe
          C:\Program Files\Razer\DeathAdder\vdDaemon.exe
          C:\Program Files\Razer\Razer Lycosa\razertra.exe
          C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
          C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
          C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
          C:\Windows\system32\SearchProtocolHost.exe
          C:\Program Files\Mozilla Firefox\firefox.exe
          C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
          C:\Windows\servicing\TrustedInstaller.exe
          C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
          C:\Windows\system32\wbem\wmiprvse.exe
          C:\Windows\System32\ping.exe
          C:\Windows\system32\SearchFilterHost.exe
          C:\Windows\system32\wbem\wmiprvse.exe
          .
          ============== Pseudo HJT Report ===============
          .
          uInternet Settings,ProxyOverride = *.local
          BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
          BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
          BHO: PodcastBHO Class: {65134fdf-f8a5-4b3d-91d9-cdf273cfd578} - c:\program files\common files\doubletwist\IEPodcastPlugin.dll
          BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~4\office14\GROOVEEX.DLL
          BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
          BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~4\office14\URLREDIR.DLL
          BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
          TB: {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
          TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
          uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
          uRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart
          uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
          uRun: [SanDiskSecureAccess_Manager.exe] c:\users\jordan\appdata\roaming\sandisk\sandisksecureaccess_manager.exe
          uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\kiespdlr.exe
          uRun: [SpeedUpMyPC] "c:\program files\uniblue\speedupmypc\launcher.exe" -d 20000
          uRun: [RegistryBooster] "c:\program files\uniblue\registrybooster\launcher.exe" delay 20000
          mRun: [DeathAdder] c:\program files\razer\deathadder\razerhid.exe
          mRun: [Lycosa] "c:\program files\razer\razer lycosa\razerhid.exe"
          mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
          mRun: [RtHDVBg_DTS] c:\program files\realtek\audio\hda\RtHDVBg.exe /FORDTSUPTBT
          mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
          mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
          mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
          mRun: [VX3000] c:\windows\vvx3000.exe
          mRun: [LifeCam] c:\program files\microsoft lifecam\lifeexp.exe
          mRun: [KiesHelper] c:\program files\samsung\kies\kieshelper.exe /s
          mRun: [iTunesHelper] c:\program files\itunes\ituneshelper.exe
          mRun: [IObit Malware Fighter] "c:\program files\iobit\iobit malware fighter\IMF.exe" /autostart
          mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
          mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
          mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
          mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
          mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
          mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
          IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000
          IE: Se&nd to OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105
          IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
          IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
          LSP: mswsock.dll
          DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
          DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
          DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
          DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
          DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab
          TCP: DhcpNameServer = 24.159.64.23 24.217.201.67 66.189.0.100
          TCP: Interfaces\{45870B67-91B9-449F-B668-0092F43A2C1D} : DhcpNameServer = 192.168.42.129
          TCP: Interfaces\{57DA05C2-6D2C-4592-92DD-AD8D0CED5DC8} : DhcpNameServer = 24.159.64.23 24.217.201.67 66.189.0.100
          Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
          Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
          Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
          STS: ObjectDockShlExt Class: {1984d045-52cf-49cd-db77-08f378fea4db} - c:\program files\stardock\objectdockfree\ODMenu.dll
          SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~4\office14\GROOVEEX.DLL
          SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
          .
          ================= FIREFOX ===================
          .
          FF - ProfilePath - c:\users\jordan\appdata\roaming\mozilla\firefox\profiles\q2xow3rq.default\
          FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}
          FF - prefs.js: browser.search.selectedEngine - Swag Bucks Customized Web Search
          FF - prefs.js: browser.startup.homepage - www.google.com
          FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=2&q=
          FF - prefs.js: network.proxy.type - 0
          FF - plugin: c:\progra~1\micros~4\office14\NPAUTHZ.DLL
          FF - plugin: c:\progra~1\micros~4\office14\NPSPWRAP.DLL
          FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
          FF - plugin: c:\program files\battlelog web plugins\0.80.0\npesnlaunch.dll
          FF - plugin: c:\program files\battlelog web plugins\sonar\0.70.0\npesnsonar.dll
          FF - plugin: c:\program files\common files\doubletwist\NPPodcast.dll
          FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
          FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
          FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
          FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll
          .
          ---- FIREFOX POLICIES ----
          FF - user.js: browser.cache.memory.capacity - 65536
          FF - user.js: browser.chrome.favicons - false
          FF - user.js: browser.display.show_image_placeholders - true
          FF - user.js: browser.turbo.enabled - true
          FF - user.js: browser.urlbar.autocomplete.enabled - true
          FF - user.js: browser.urlbar.autofill - true
          FF - user.js: browser.xul.error_pages.enabled - true
          FF - user.js: content.interrupt.parsing - true
          FF - user.js: content.max.tokenizing.time - 3000000
          FF - user.js: content.maxtextrun - 8191
          FF - user.js: content.notify.backoffcount - 5
          FF - user.js: content.notify.interval - 750000
          FF - user.js: content.notify.ontimer - true
          FF - user.js: content.notify.ontimer - true
          FF - user.js: content.switch.threshold - 750000
          FF - user.js: network.http.max-connections - 32
          FF - user.js: network.http.max-connections-per-server - 8
          FF - user.js: network.http.max-persistent-connections-per-proxy - 8
          FF - user.js: network.http.max-persistent-connections-per-server - 4
          FF - user.js: network.http.pipelining - true
          FF - user.js: network.http.pipelining.maxrequests - 8
          FF - user.js: network.http.proxy.pipelining - true
          FF - user.js: network.http.request.max-start-delay - 0
          FF - user.js: nglayout.initialpaint.delay - 0
          FF - user.js: plugin.expose_full_path - true
          FF - user.js: ui.submenuDelay - 0
          .
          ============= SERVICES / DRIVERS ===============
          .
          R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-12-9 15672]
          R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
          R1 MpKsl18a4e9c1;MpKsl18a4e9c1;c:\programdata\microsoft\microsoft antimalware\definition updates\{30d8df51-629f-45fa-ab77-ff995a1b061a}\MpKsl18a4e9c1.sys [2011-12-13 29904]
          R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
          R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
          R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
          R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
          R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\iobit\advanced systemcare 5\ASCService.exe [2011-12-9 490840]
          R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-10-25 176128]
          R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2011-10-25 291840]
          R2 AODDriver4.01;AODDriver4.01;c:\program files\ati technologies\ati.ace\fuel\i386\aoddriver2.sys [2011-6-24 39424]
          R2 DTSAudioService;DTSAudioService;c:\program files\realtek\audio\hda\DTSAudioService.exe [2011-12-13 173672]
          R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2011-7-30 21504]
          R2 IMFservice;IMF Service;c:\program files\iobit\iobit malware fighter\IMFsrv.exe [2011-7-22 820568]
          R2 iPodDrv;iPodDrv;c:\windows\system32\drivers\iPodDrv.sys [2011-3-9 6656]
          R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-12-13 366152]
          R2 RtDashPt;Realtek DASH Protocol Driver;c:\windows\system32\drivers\RtDashPt.sys [2010-5-24 38912]
          R3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2011-7-20 37944]
          R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2011-10-25 8853504]
          R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-10-25 264192]
          R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH3.sys [2011-6-6 81936]
          R3 danewFltr;NewDeathAdder Mouse;c:\windows\system32\drivers\danew.sys [2011-7-19 11136]
          R3 FileMonitor;FileMonitor;c:\program files\iobit\iobit malware fighter\drivers\wlh_x86\FileMonitor.sys [2011-7-24 18768]
          R3 hidkmdf;Filter Driver Service for HID-KMDF Interface layer;c:\windows\system32\drivers\hidkmdf.sys [2011-7-19 6656]
          R3 LycoFltr;Lycosa Keyboard;c:\windows\system32\drivers\Lycosa.sys [2011-7-19 23680]
          R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-13 22216]
          R3 RegFilter;RegFilter;c:\program files\iobit\iobit malware fighter\drivers\wlh_x86\RegFilter.sys [2011-7-24 30600]
          R3 VKbms;Virtual HID Minidriver;c:\windows\system32\drivers\VKbms.sys [2011-7-19 10240]
          S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
          S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2011-10-26 77624]
          S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
          S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
          S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
          S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2011-10-26 181432]
          S3 UrlFilter;UrlFilter;c:\program files\iobit\iobit malware fighter\drivers\wlh_x86\UrlFilter.sys [2011-7-24 19792]
          S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
          S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
          .
          =============== Created Last 30 ================
          .
          2011-12-13 19:35:57 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
          2011-12-13 19:32:29 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{30d8df51-629f-45fa-ab77-ff995a1b061a}\MpKsl18a4e9c1.sys
          2011-12-13 19:31:27 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{30d8df51-629f-45fa-ab77-ff995a1b061a}\offreg.dll
          2011-12-13 19:31:17 6823496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{30d8df51-629f-45fa-ab77-ff995a1b061a}\mpengine.dll
          2011-12-13 16:47:06 -------- d-----w- c:\windows\system32\RTCOM
          2011-12-13 16:44:57 252760 ----a-w- c:\windows\system32\MaxxVolumeSDAPO.dll
          2011-12-13 05:42:16 -------- d-----w- C:\_Backup.RC
          2011-12-13 05:35:50 -------- d-----w- c:\users\jordan\appdata\roaming\Malwarebytes
          2011-12-13 05:35:39 -------- d-----w- c:\programdata\Malwarebytes
          2011-12-13 05:35:35 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
          2011-12-13 05:35:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
          2011-12-13 05:32:46 -------- d-----w- c:\users\jordan\appdata\roaming\SUPERAntiSpyware.com
          2011-12-13 05:32:19 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
          2011-12-13 05:32:19 -------- d-----w- c:\program files\SUPERAntiSpyware
          2011-12-13 04:57:35 -------- dc-h--w- c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
          2011-12-13 04:51:57 -------- d-----w- c:\users\jordan\appdata\roaming\Uniblue
          2011-12-13 04:51:52 -------- d-----w- c:\program files\Uniblue
          2011-12-09 08:43:29 20312 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
          2011-12-09 08:30:38 25944 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
          2011-12-09 08:30:38 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
          2011-12-05 11:07:58 677136 ----a-w- c:\programdata\microsoft\ehome\packages\mcespotlight\mcespotlight\SpotlightResources.dll
          2011-12-04 23:36:17 -------- d-----w- c:\users\jordan\appdata\local\DDMSettings
          2011-12-04 23:33:30 -------- d-----w- c:\program files\common files\PX Storage Engine
          2011-12-04 23:32:24 -------- d-----w- c:\program files\common files\DivX Shared
          2011-12-04 23:31:22 -------- d-----w- c:\program files\DivX
          2011-12-04 23:30:59 -------- d-----w- c:\programdata\DivX
          2011-11-22 00:39:18 -------- d-----w- c:\program files\AMD APP
          .
          ==================== Find3M ====================
          .
          2011-12-13 16:45:59 319456 ----a-w- c:\windows\DIFxAPI.dll
          2011-12-11 04:33:27 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
          2011-12-11 04:33:27 214520 ----a-w- c:\windows\system32\PnkBstrB.ex0
          2011-12-11 04:19:06 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
          2011-12-11 04:18:45 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
          2011-11-20 18:02:41 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
          2011-10-26 03:03:48 8853504 ----a-w- c:\windows\system32\drivers\atikmdag.sys
          2011-10-26 02:21:48 56832 ----a-w- c:\windows\system32\OpenVideo.dll
          2011-10-26 02:21:34 56832 ----a-w- c:\windows\system32\OVDecoder.dll
          2011-10-26 02:20:42 13950464 ----a-w- c:\windows\system32\amdocl.dll
          2011-10-26 02:06:10 159744 ----a-w- c:\windows\system32\atiapfxx.exe
          2011-10-26 02:05:58 748544 ----a-w- c:\windows\system32\aticfx32.dll
          2011-10-26 02:01:46 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
          2011-10-26 02:01:18 417792 ----a-w- c:\windows\system32\atieclxx.exe
          2011-10-26 02:00:46 176128 ----a-w- c:\windows\system32\atiesrxx.exe
          2011-10-26 01:59:48 18757120 ----a-w- c:\windows\system32\atioglxx.dll
          2011-10-26 01:59:32 159744 ----a-w- c:\windows\system32\atitmmxx.dll
          2011-10-26 01:59:16 356352 ----a-w- c:\windows\system32\atipdlxx.dll
          2011-10-26 01:59:04 278528 ----a-w- c:\windows\system32\Oemdspif.dll
          2011-10-26 01:58:56 20992 ----a-w- c:\windows\system32\atimuixx.dll
          2011-10-26 01:58:48 43520 ----a-w- c:\windows\system32\ati2edxx.dll
          2011-10-26 01:55:48 4292096 ----a-w- c:\windows\system32\atidxx32.dll
          2011-10-26 01:43:24 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
          2011-10-26 01:38:30 46080 ----a-w- c:\windows\system32\aticalrt.dll
          2011-10-26 01:38:18 44032 ----a-w- c:\windows\system32\aticalcl.dll
          2011-10-26 01:35:38 4353536 ----a-w- c:\windows\system32\atiumdag.dll
          2011-10-26 01:34:56 8449024 ----a-w- c:\windows\system32\aticaldd.dll
          2011-10-26 01:32:30 4189184 ----a-w- c:\windows\system32\atiumdva.dll
          2011-10-26 01:29:22 52736 ----a-w- c:\windows\system32\coinst.dll
          2011-10-26 01:22:28 339968 ----a-w- c:\windows\system32\atiadlxx.dll
          2011-10-26 01:22:16 14336 ----a-w- c:\windows\system32\atiglpxx.dll
          2011-10-26 01:22:06 32768 ----a-w- c:\windows\system32\atigktxx.dll
          2011-10-26 01:21:36 264192 ----a-w- c:\windows\system32\drivers\atikmpag.sys
          2011-10-26 01:21:06 31744 ----a-w- c:\windows\system32\atiuxpag.dll
          2011-10-26 01:20:52 29184 ----a-w- c:\windows\system32\atiu9pag.dll
          2011-10-26 01:20:30 37376 ----a-w- c:\windows\system32\atitmpxx.dll
          2011-10-26 01:20:20 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
          2011-10-26 01:15:58 53760 ----a-w- c:\windows\system32\atimpc32.dll
          2011-10-26 01:15:58 53760 ----a-w- c:\windows\system32\amdpcom32.dll
          2011-10-24 18:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
          2011-10-24 18:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
          2011-10-20 23:26:22 94208 ----a-w- c:\windows\system32\dpl100.dll
          2011-10-19 00:53:14 3546664 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
          2011-10-18 23:10:30 83048 ----a-w- c:\windows\system32\RtkCoInst.dll
          2011-10-18 20:57:10 58264 ----a-w- c:\windows\system32\TepeqAPO.dll
          2011-10-18 18:47:22 1329768 ----a-w- c:\windows\system32\RtkApoApi.dll
          2011-10-18 16:05:00 2276968 ----a-w- c:\windows\system32\RtkPgExt.dll
          2011-10-17 22:30:38 4238440 ----a-w- c:\windows\system32\RtkAPO.dll
          2011-10-14 18:43:36 1873920 ----a-w- c:\windows\system32\RCoRes.dat
          2011-10-13 20:29:40 42392 ----a-w- c:\windows\system32\xfcodec.dll
          2011-10-12 01:45:27 563712 ----a-w- c:\windows\system32\oleaut32.dll
          2011-10-12 01:45:27 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
          2011-10-12 01:45:27 4096 ----a-w- c:\windows\system32\oleaccrc.dll
          2011-10-12 01:45:27 238080 ----a-w- c:\windows\system32\oleacc.dll
          2011-10-12 01:42:14 2043392 ----a-w- c:\windows\system32\win32k.sys
          2011-10-12 01:41:42 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
          2011-10-12 01:41:42 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
          2011-10-12 01:41:42 293376 ----a-w- c:\windows\system32\psisdecd.dll
          2011-10-12 01:41:42 217088 ----a-w- c:\windows\system32\psisrndr.ax
          2011-09-20 21:02:55 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
          2011-09-16 15:55:10 4659712 ----a-w- c:\windows\system32\Redemption.dll
          .
          ============= FINISH: 14:45:37.22 ===============

          Comment


          • #6
            Please run the SAS and MBAM scans and post the logs.

            P2P - I see you have P2P software installed on your machine. (BitTorrent) We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It is certainly contributing to your current situation.

            Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

            I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.
            **************************************************
            Registry cleaners are extremely powerful applications and their potential for harming your OS far outweighs any small potential for improving your computer's performance.
            Uniblue RegistryBooster
            There are a number of them available and some are more safe than others. Keep in mind that no two registry cleaners work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad" entry. One cleaner may find entries on your system that will not cause a problem when removed, another may not find the same entries, and still another may want to remove entries required for a program to work. Without research into what the registry entry selected for deletion is, a registry cleaner can end up being an automated method to cause problems with the registry.

            For routine use by those not familiar with the registry, the benefits to your computer are negligible while the potential risks are great.

            Further reading: XP Fixes Myth #1: Registry Cleaners

            Comment


            • #7
              Sounds good Dave, I'll take your advice for the P2P sharing. I never use the thing much anyways.

              I downloaded the Registry cleaner not to long ago, I only used it once, I usually just use my IObit Toolbox for cleaning. I think thats a big problem with me. I download all these cleaners to ensure a safe PC and end up corrupting files and then this happens!

              I'l running the SAS and Malwarebytes right now

              Super AntiSpyware has found 4 adware.tracking.cookies so far. Malwarebytes hasn't found anything yet but I do have one problem Dave.

              I totally forgot to stop my Microsoft Security Essentials and since I started the Scans today it has found 4 things and removed them

              Trojan:Win32/SirefefJ
              Category: Trojan

              Description: This program is dangerous and executes commands from an attacker.

              Recommended action: Remove this software immediately.


              VirTool:JS/Obfuscator.CA
              Category: Tool

              Description: This program is used to create viruses, worms or other malware.

              Recommended action: Remove this software immediately.


              Trojan:Win32/Redirector.HQ
              Category: Trojan

              Description: This program is dangerous and executes commands from an attacker.

              Recommended action: Remove this software immediately.


              It's removed them from my computer and I exited out of it for the time being

              Comment


              • #8
                Download ComboFix by sUBs from one of the below links. Be sure to save it to the Desktop.

                link # 1
                Link # 2
                If you are using Firefox, make sure that your download settings are as follows:

                * Tools->Options->Main tab
                * Set to "Always ask me where to Save the files".

                Close any open web browsers (Firefox, Internet Explorer, etc) before starting ComboFix.

                Temporarily disable your anti-virus, and any anti-spyware real-time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

                Right-click combofix.exe and select Run as Administrator and follow the prompts.
                When finished, ComboFix will produce a log for you.
                Post the ComboFix login your next reply.

                NOTE: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

                Remember to re-enable your anti-virus and anti-spyware protection when ComboFix is complete.

                Comment


                • #9
                  I went to download ComboFix by sUBs and when I did I saved it to my downloads because even after changing the setting in Firefox it didn't promt me with where to download it at. When I went to open my documents it wouldn't open! So I tried it again and to drag it from my downloads to the desktop and it the program wouldn't run. So then I figured well Ill post what the SAS and Malwarebytes found and when I went to open them it came with the same pop-up. Also, another thing I've realized is that everytime I go to a website, a new tab is opened with a misc. website that is like a pop up. I'm guessing this is from the bug. But my SAS found I think 63 problems but I can't open neither scans even in administrator mode.

                  Comment


                  • #10
                    My pop up window says

                    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

                    A device attached to the system is not functioning.

                    Comment


                    • #11
                      Firefox is the only thing I can open. My computer wont open any .exe files or any other files for that matter. I can get to My Computer, My documents , My Pictures , My Music or nothing.

                      I was going to see if I could see my task manager and exit out of anything I didn't recognize such as the PING.exe program like I did before but when I alt-ctrl-del nothing happends except after a minute my screen turns black and then a pop-up comes and says

                      Logon process has failed to create the security options dialog
                      Failure-Security Options

                      Comment


                      • #12
                        I finally got SUPERAntiSpyware to open is my log

                        SUPERAntiSpyware Scan Log
                        http://www.superantispyware.com

                        Generated 12/13/2011 at 05:28 PM

                        Application Version : 5.0.1136

                        Core Rules Database Version : 8043
                        Trace Rules Database Version: 5855

                        Scan type : Complete Scan
                        Total Scan Time : 02:53:22

                        Operating System Information
                        Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
                        UAC On - Limited User (Administrator User)

                        Memory items scanned : 613
                        Memory threats detected : 0
                        Registry items scanned : 36532
                        Registry threats detected : 0
                        File items scanned : 179107
                        File threats detected : 63

                        Adware.Tracking Cookie
                        C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Cookies\jordan@server.cpmstar[1].txt [ /server.cpmstar ]
                        C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Cookies\jordan@server.cpmstar[2].txt [ /server.cpmstar ]
                        C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Cookies\jordan@server.cpmstar[4].txt [ /server.cpmstar ]
                        C:\Users\Jordan\AppData\Roaming\Microsoft\Windows\Cookies\jordan@server.cpmstar[5].txt [ /server.cpmstar ]
                        konac.kontera.com [ C:\USERS\JORDAN\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DLP2XVC6 ]
                        vhss-d.oddcast.com [ C:\USERS\JORDAN\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DLP2XVC6 ]
                        C:\USERS\JORDAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JORDAN@ACCOUNTS.YOUTUBE[1].TXT [ /ACCOUNTS.YOUTUBE ]
                        C:\USERS\JORDAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JORDAN@AD.WSOD[2].TXT [ /AD.WSOD ]
                        C:\USERS\JORDAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JORDAN@AD.WSOD[3].TXT [ /AD.WSOD ]
                        C:\USERS\JORDAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JORDAN@AD.WSOD[4].TXT [ /AD.WSOD ]
                        C:\USERS\JORDAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JORDAN@AD.YIELDMANAGER[1].TXT [ /AD.YIELDMANAGER ]
                        C:\USERS\JORDAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JORDAN@ADLEGEND[2].TXT [ /ADLEGEND ]
                        C:\USERS\JORDAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JORDAN@ADS.INTERGI[1].TXT [ /ADS.INTERGI ]
                        C:\USERS\JORDAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JORDAN@ADSERVER2.EXGFNETWORK[1].TXT [ /ADSERVER2.EXGFNETWORK ]
                        C:\USERS\JORDAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JORDAN@ADULTFRIENDFINDER[1].TXT [ /ADULTFRIENDFINDER ]
                        C:\USERS\JORDAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JORDAN@AR.ATWOLA[1].TXT [ /AR.ATWOLA ]
                        C:\USERS\JORDAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JORDAN@AT.ATWOLA[2].TXT [ /AT.ATWOLA ]
                        C:\USERS\JORDAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JORDAN@INTERCLICK[2].TXT [ /INTERCLICK ]
                        C:\USERS\JORDAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JORDAN@INVITEMEDIA[1].TXT [ /INVITEMEDIA ]
                        C:\USERS\JORDAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JORDAN@MEDIA6DEGREES[2].TXT [ /MEDIA6DEGREES ]
                        C:\USERS\JORDAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JORDAN@MICROSOFTGAMESTUDIO.112.2O7[1].TXT [ /MICROSOFTGAMESTUDIO.112.2O7 ]
                        C:\USERS\JORDAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JORDAN@PORNHUB[2].TXT [ /PORNHUB ]
                        C:\USERS\JORDAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JORDAN@REALMEDIA[1].TXT [ /REALMEDIA ]
                        C:\USERS\JORDAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JORDAN@TACODA.AT.ATWOLA[2].TXT [ /TACODA.AT.ATWOLA ]
                        C:\USERS\JORDAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JORDAN@TRACKER.DOMINOS[2].TXT [ /TRACKER.DOMINOS ]
                        C:\USERS\JORDAN\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\JORDAN@WWW.PORNHUB[1].TXT [ /WWW.PORNHUB ]
                        .liveperson.net [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        .accounts.google.com [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        .accounts.google.com [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        .accounts.google.com [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        accounts.google.com [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        .invitemedia.com [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        .invitemedia.com [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        ad.yieldmanager.com [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        .mediatraffic.com [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        www.googleadservices.com [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        .imrworldwide.com [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        .imrworldwide.com [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        .collective-media.net [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        .collective-media.net [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        .collective-media.net [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        .collective-media.net [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        .collective-media.net [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        .collective-media.net [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        ad.yieldmanager.com [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        ad.yieldmanager.com [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        .realmedia.com [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        .adxpose.com [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        ad.yieldmanager.com [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        ad.yieldmanager.com [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        .realmedia.com [ C:\USERS\JORDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q2XOW3RQ.DEFAULT\COOKIES.SQLITE ]
                        ad.insightexpressai.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5AMXQQ6Q ]
                        art.aim4media.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5AMXQQ6Q ]
                        cdn.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5AMXQQ6Q ]
                        crackle.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5AMXQQ6Q ]
                        media.heavy.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5AMXQQ6Q ]
                        media1.break.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5AMXQQ6Q ]
                        objects.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5AMXQQ6Q ]
                        s0.2mdn.net [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5AMXQQ6Q ]
                        secure-uk.imrworldwide.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5AMXQQ6Q ]
                        secure-us.imrworldwide.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5AMXQQ6Q ]
                        tag.2bluemedia.hiro.tv [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5AMXQQ6Q ]
                        www.goodcholesterolcount.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5AMXQQ6Q ]

                        Along with this
                        -=--=-=-=-

                        SUPERAntiSpyware Scan Log
                        http://www.superantispyware.com

                        Generated 12/13/2011 at 01:38 PM

                        Application Version : 5.0.1136

                        Core Rules Database Version : 8043
                        Trace Rules Database Version: 5855

                        Scan type : Complete Scan
                        Total Scan Time : 01:49:42

                        Operating System Information
                        Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
                        UAC On - Limited User (Administrator User)

                        Memory items scanned : 565
                        Memory threats detected : 0
                        Registry items scanned : 36540
                        Registry threats detected : 1
                        File items scanned : 123493
                        File threats detected : 0

                        System.BrokenFileAssociation
                        HKCR\.exe

                        Comment


                        • #13
                          Please check your Device Manager to see if there are any yellow markers on the system that would give you that error.
                          Could you please try downloading CombFix with Internet Explorer?

                          Comment


                          • #14
                            Now my computer won't boot up. It get to where i can choose safe mode or normal but after that the screen goes black when the login screen for windows should appear. Before that I tried to download itcombo fix in IE but no .exe programs would open. I can't even get it to boot now

                            Can i start command promt with something?

                            Im stuck Dave! Please help! Im at work now until 930 est anything i do will have to be tonight.

                            Comment


                            • #15
                              Can you boot in Safe Mode?

                              Comment

                              Working...
                              X