Jump to content

jordo87

Members
  • Posts

    3
  • Joined

  • Last visited

Reputation

0 Neutral
  1. ending up reformatting. thanks anyways
  2. here are my dds files here's my previous post: Malwarebytes is not updating. This is the error message I'm receiving. PROGRAM_ERROR_UPDATING (0,0 DNS error) Internet works on IE but not chrome, when i try to reinstall chrome I get an error message saying it can't connect to the internet. Windows update works fine. I've scanned and deleted infected files with Malwarebytes and uninstalled all programs that infected file tried to install. I'm also running Microsoft Security Essentials OS: win 7 (64 bit) ****UPDATE. after running MSE scan it said i had: Trojan:win32/Rimecud.A Worm:VBS/Autorun.W VirTool: INF/Autorun.gen!F I fixed these with MSE, however Malwarebytes still isn't updating. i don't think everything is clean. I'm also running Microsoft Safety Scanner at the moment. waitin for results . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Jordan at 17:32:31 on 2012-09-23 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3966.2079 [GMT -4:00] . AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Zune\ZuneLauncher.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Users\Jordan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHOUDL10\msert.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: {F90A5A0D-CD98-49CC-9AA7-9CD11C7478BF} - No File mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe" mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL LSP: C:\Windows\system32\Sendori.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{4ED615F5-08E4-41F7-A332-5DACC8AB20B1} : DhcpNameServer = 209.18.47.61 209.18.47.62 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: {F90A5A0D-CD98-49CC-9AA7-9CD11C7478BF} - No File BHO-X64: BHO_PROJECT - No File mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [sendori Tray] "C:\Program Files (x86)\Sendori\SendoriTray.exe" mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 Sendori Interceptor;Sendori Interceptor;C:\Program Files (x86)\Sendori\Sendori.Service.exe --> C:\Program Files (x86)\Sendori\Sendori.Service.exe [?] S2 Sendoriv1;Sendoriv1;C:\Program Files (x86)\Sendori\SendoriSvc.exe --> C:\Program Files (x86)\Sendori\SendoriSvc.exe [?] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2011-8-5 306400] . =============== Created Last 30 ================ . 2014-09-25 04:07:07 142336 ----a-w- C:\Windows\System32\poqexec.exe 2014-09-25 04:07:07 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe 2012-09-23 20:30:58 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-09-23 20:30:58 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-09-23 19:26:54 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{941D2BDB-3EBB-4B3C-BAB6-EB48D328B672}\offreg.dll 2012-09-23 18:49:52 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{941D2BDB-3EBB-4B3C-BAB6-EB48D328B672}\mpengine.dll 2012-09-23 18:47:00 -------- d-----w- C:\Users\Jordan\.smplayer 2012-09-23 18:46:02 -------- d-----w- C:\ProgramData\Sendori 2012-09-23 18:46:00 -------- d-----w- C:\Program Files (x86)\Sendori 2012-09-23 18:45:49 -------- d-----w- C:\Program Files (x86)\SaveValet 2012-09-23 18:45:38 -------- d-----w- C:\Program Files (x86)\OApps 2012-09-21 23:50:11 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-09-13 11:52:03 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2012-09-13 11:52:03 366592 ----a-w- C:\Windows\System32\qdvd.dll 2012-09-13 00:05:47 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys 2012-09-13 00:05:47 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys 2012-09-13 00:05:45 574464 ----a-w- C:\Windows\System32\d3d10level9.dll 2012-09-13 00:05:45 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2012-09-13 00:05:44 376688 ----a-w- C:\Windows\System32\drivers\netio.sys 2012-09-13 00:05:44 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2012-09-13 00:05:44 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys . ==================== Find3M ==================== . 2012-08-29 00:24:56 477168 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2012-08-29 00:24:53 473072 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-04 22:13:27 59392 ----a-w- C:\Windows\System32\browcli.dll 2012-07-04 22:13:27 136704 ----a-w- C:\Windows\System32\browser.dll 2012-07-04 21:14:34 41984 ----a-w- C:\Windows\SysWow64\browcli.dll . ============= FINISH: 17:32:58.46 =============== Attach.txt DDS.txt
  3. Malwarebytes is not updating. This is the error message I'm receiving. PROGRAM_ERROR_UPDATING (0,0 DNS error) Internet works on IE but not chrome, when i try to reinstall chrome I get an error message saying it can't connect to the internet. Windows update works fine. I've scanned and deleted infected files with Malwarebytes and uninstalled all programs that infected file tried to install. I'm also running Microsoft Security Essentials OS: win 7 (64 bit)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.