Jump to content


Photo

Enable malicious website blocking box greys out and cannot be checked

malwarebytes PRO malacious website blocking

  • Please log in to reply
5 replies to this topic

#1 arkhaan

arkhaan

    New Member

  • Members
  • Pip
  • 31 posts
  • Gender:Male
  • Location:US
  • Interests:PC Gaming, cycling, gardening, taking stuff apart, METV

Posted 31 March 2013 - 07:38 AM

I am using Malwarebytes Anti-malware PRO with the latest defintions and my "Enable malicious website blocking" feature randomly disables itself when I am online(though never when I'm offline) Also I cannot check the "Enable malicious website blocking" box when this happens. Only when I reboot does the feature become re-enabled again. I have no way of telling if I have some kind of virus or malware or not. It happens randomly but only when I'm online. Have repartitioned, reformatted my hard drive numourous times and reinstalled windows, even put a new array of hard disks in and reinstalled Windows XP Pro SP3 but the problem persists. Have done numourous scans with Kaspersky 2013 and Malwarebytes Anti-malware software as well as Malwarebytes rootkit beta software and come up with a "clean bill of health" yet the problem persists.
Please someone help me determine what the problem is and if it -is- or is -not- a virus or malware. I am sick of this happening. :wacko: :excl:
signature, don't need no stinking signature!

#2 Firefox

Firefox

    Forum Deity

  • Trusted Advisors
  • PipPipPipPipPipPip
  • 9,920 posts
  • Gender:Male
  • Location:USA

Posted 31 March 2013 - 09:04 AM

Please run the Check Tool and DDS Logs tool below and ATTACH your results so someone can review them so we can see if we can tell what is going on...

Please post an mbam-check log:

Create an mbam-check log:

  • Download mbam-check.exe from here and save it to your desktop
  • Double-click on mbam-check.exe to run it, it should then open a log file
  • Please attach the CheckResults.txt file which should now be located on your desktop to your next reply


Next, Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop
dds.scr
dds.com


Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool, on Vista or Win 7 right click and select Run as administrator
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment.
  • When done, DDS will open two (2) logs:
  • DDS.txt
  • Attach.txt
  • Save both reports to your desktop
  • Please include the following logs in your next reply: DDS.txt and Attach.txt

    You can ignore the note about zipping the Attach.txt file in most cases.

post-2065-0-92797800-1392234217.jpg


Dell Precision T7500, Win7 Ultimate 64bit fully updated, McAfee Corp Edition v8.8,
Watchguard Firewall, Intel Xeon E5606CPU, Dual Quad Core Processors, 16GB Ram,
E5606 @ 2.13GHz, Nvidia Quadro NVS420, Raid-1 Dual 1TB Sata 10000 rpm Hard Drives
Dual DVD Burners, IE10, Opera, MBAM, MBSB, MBAE


#3 arkhaan

arkhaan

    New Member

  • Members
  • Pip
  • 31 posts
  • Gender:Male
  • Location:US
  • Interests:PC Gaming, cycling, gardening, taking stuff apart, METV

Posted 31 March 2013 - 09:49 AM

Please run the Check Tool and DDS Logs tool below and ATTACH your results so someone can review them so we can see if we can tell what is going on...

Please post an mbam-check log:

Create an mbam-check log:

  • Download mbam-check.exe from here and save it to your desktop
  • Double-click on mbam-check.exe to run it, it should then open a log file
  • Please attach the CheckResults.txt file which should now be located on your desktop to your next reply
Next, Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop
dds.scr
dds.com


Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool, on Vista or Win 7 right click and select Run as administrator
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment.
  • When done, DDS will open two (2) logs:

  • DDS.txt
  • Attach.txt




  • Save both reports to your desktop
  • Please include the following logs in your next reply: DDS.txt and Attach.txt

    You can ignore the note about zipping the Attach.txt file in most cases.


DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by matolis at 9:25:47 on 2013-03-31
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1301 [GMT -5:00]
.
AV: Kaspersky Internet Security *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AV: Lavasoft Ad-Aware *Disabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}
FW: Lavasoft Ad-Aware *Disabled*
FW: Kaspersky Internet Security *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Razer\razertra.exe
C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
C:\Documents and Settings\All Users\Application Data\Search Protection\SearchProtection.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe
C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
uURLSearchHooks: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\contentblocker\ie_content_blocker_plugin.dll
BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\onlinebanking\online_banking_bho.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\urladvisor\klwtbbho.dll
TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
mRun: [CTHelper] CTHELPER.EXE
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [razertra] c:\program files\razer\razertra.exe
mRun: [Ad-Aware Browsing Protection] "c:\documents and settings\all users\application data\ad-aware browsing protection\adawarebp.exe"
mRun: [SearchProtection] c:\documents and settings\all users\application data\search protection\_run.bat
mRun: [Ad-Aware Antivirus] "c:\program files\ad-aware antivirus\AdAwareLauncher" --windows-run
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2013\avp.exe"
mRunOnce: [Z1] cmd /c "e:\mbar-1.01.0.1021\mbar\mbar.exe" /cleanup /s
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:28
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\urladvisor\klwtbbho.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1363374798406
Notify: AtiExtEvent - Ati2evxx.dll
Notify: klogon - c:\windows\system32\klogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2013-3-25 13560]
R0 kl1;kl1;c:\windows\system32\drivers\kl1.sys [2012-6-19 136024]
R0 SI3112r;Silicon Image SiI 3512 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [2013-3-15 116264]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2013-3-15 586584]
R1 kltdi;kltdi;c:\windows\system32\drivers\kltdi.sys [2012-6-8 43608]
R1 kneps;kneps;c:\windows\system32\drivers\kneps.sys [2012-8-13 144344]
R2 Ad-Aware Service;Ad-Aware Service;c:\program files\ad-aware antivirus\AdAwareService.exe [2013-2-21 1236336]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [2010-5-5 171096]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [2010-5-5 1324120]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [2010-5-5 72792]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\dragon age\bin_ship\daupdatersvc.service.exe [2013-3-25 25832]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2012-6-27 35672]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\drivers\klkbdflt.sys [2012-5-25 24408]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2012-7-25 24920]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-3-31 35144]
S1 1502209drv;1502209drv;c:\windows\system32\drivers\1502209drv.sys [2013-3-20 475736]
S2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky internet security 2013\avp.exe [2012-8-17 356376]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-3-15 682344]
S2 SBAMSvc;Ad-Aware;c:\program files\ad-aware antivirus\SBAMSvc.exe [2012-9-20 3677000]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [2013-3-17 99856]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2013-3-21 79360]
S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [2010-5-5 171096]
S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [2010-5-5 1324120]
S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [2010-5-5 72792]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-3-15 21104]
.
=============== Created Last 30 ================
.
2013-03-31 11:29:07 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-03-29 18:51:11 -------- d-----w- c:\documents and settings\all users\application data\EA Core
2013-03-29 18:51:06 -------- d-----w- c:\documents and settings\all users\application data\EA Logs
2013-03-29 18:02:42 -------- d--h--w- c:\program files\common files\EAInstaller
2013-03-29 18:02:22 -------- d-----w- c:\program files\NVIDIA Corporation
2013-03-29 15:37:47 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2013-03-29 09:43:44 -------- d-----w- c:\program files\Origin Games
2013-03-29 09:43:43 -------- d-----w- c:\documents and settings\matolis\local settings\application data\Origin
2013-03-29 09:43:42 -------- d-----w- c:\documents and settings\matolis\application data\Origin
2013-03-29 09:43:30 -------- d-----w- c:\documents and settings\all users\application data\Origin
2013-03-29 09:43:30 -------- d-----w- c:\documents and settings\all users\application data\Electronic Arts
2013-03-29 09:43:09 -------- d-----w- c:\program files\Origin
2013-03-29 07:52:46 -------- d-----w- c:\program files\MSXML 4.0
2013-03-29 07:38:01 -------- d-----w- c:\program files\Microsoft Games
2013-03-29 07:02:44 -------- d-----w- C:\Games
2013-03-29 06:43:03 -------- d-----w- c:\documents and settings\all users\application data\BioWare
2013-03-29 06:01:18 -------- d-----w- c:\program files\Mass Effect 2
2013-03-25 17:33:52 -------- d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP
2013-03-25 17:00:28 -------- d-----w- c:\program files\Dragon Age
2013-03-25 15:12:26 -------- d-----w- c:\program files\common files\BioWare
2013-03-25 14:54:24 -------- d-----w- c:\program files\Mass Effect
2013-03-25 07:47:23 -------- d-----w- c:\documents and settings\all users\application data\Ad-Aware Antivirus
2013-03-25 07:47:22 -------- d-----w- c:\documents and settings\matolis\application data\LavasoftStatistics
2013-03-25 07:42:35 -------- d-----w- c:\program files\Ad-Aware Antivirus
2013-03-25 07:41:55 -------- d-----w- c:\documents and settings\all users\application data\Downloaded Installations
2013-03-25 07:41:46 -------- d-----w- c:\documents and settings\matolis\local settings\application data\adawarebp
2013-03-25 07:41:46 -------- d-----w- c:\documents and settings\all users\application data\Search Protection
2013-03-25 07:41:45 -------- d-----w- c:\documents and settings\all users\application data\blekko toolbars
2013-03-25 07:41:45 -------- d-----w- c:\documents and settings\all users\application data\adawaretb
2013-03-25 07:41:43 -------- d-----w- c:\documents and settings\all users\application data\Ad-Aware Browsing Protection
2013-03-25 07:41:06 -------- d-----w- c:\program files\Toolbar Cleaner
2013-03-25 07:40:59 -------- d-----w- c:\documents and settings\matolis\application data\SecureSearch
2013-03-25 07:40:54 -------- d-----w- c:\program files\adawaretb
2013-03-25 07:40:54 -------- d-----w- c:\documents and settings\matolis\application data\adawaretb
2013-03-25 07:39:30 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys
2013-03-25 07:39:29 44424 ----a-w- c:\windows\system32\sbbd.exe
2013-03-25 07:39:19 -------- d-----w- c:\documents and settings\matolis\application data\Ad-Aware Antivirus
2013-03-21 19:31:39 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2013-03-21 17:10:20 -------- d-----w- c:\documents and settings\matolis\local settings\application data\Adobe
2013-03-21 17:03:24 -------- d-----w- c:\documents and settings\matolis\local settings\application data\WMTools Downloaded Files
2013-03-21 16:51:45 57344 ----a-w- c:\windows\system32\razer.cpl
2013-03-21 16:51:45 38904 ----a-w- c:\windows\system32\drivers\razerusb.sys
2013-03-21 16:39:11 102400 ----a-w- c:\windows\system32\cttele32.dll
2013-03-21 16:39:03 -------- d-----w- c:\program files\OpenAL
2013-03-21 16:35:39 22691984 ----a-w- c:\windows\system32\AppSetup.exe
2013-03-21 16:32:07 -------- d-----w- c:\program files\common files\Creative Labs Shared
2013-03-21 07:23:19 -------- d--h--w- c:\windows\PIF
2013-03-21 03:43:37 475736 ----a-w- c:\windows\system32\drivers\1502209drv.sys
2013-03-21 02:17:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2013-03-21 02:17:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2013-03-21 02:17:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2013-03-21 02:17:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2013-03-21 02:17:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2013-03-21 02:17:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2013-03-21 02:17:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2013-03-21 02:16:48 -------- d-----w- c:\documents and settings\matolis\local settings\application data\Apple
2013-03-21 02:16:13 -------- d-----w- c:\documents and settings\matolis\local settings\application data\Apple Computer
2013-03-21 02:05:38 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-21 02:05:38 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-19 10:05:59 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2013-03-19 10:04:19 -------- d--h--w- c:\windows\msdownld.tmp
2013-03-19 10:04:04 -------- d-----w- c:\windows\Logs
2013-03-19 08:21:36 -------- d-----w- c:\windows\pss
2013-03-17 17:37:57 -------- d-----w- c:\documents and settings\matolis\local settings\application data\ATI
2013-03-17 17:35:23 99856 ----a-w- c:\windows\system32\drivers\AtihdXP3.sys
2013-03-17 17:33:27 -------- d-----w- C:\AMD
2013-03-17 16:48:05 -------- d-----w- c:\program files\CCleaner
2013-03-17 04:50:42 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2013-03-17 04:47:46 -------- d-----w- C:\USBVaccine
2013-03-16 22:19:12 -------- d-----w- c:\program files\Windows Media Connect 2
2013-03-16 22:17:59 -------- d-----w- c:\windows\system32\LogFiles
2013-03-16 03:55:05 -------- d-----w- c:\windows\system32\XPSViewer
2013-03-16 03:54:39 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2013-03-16 03:54:39 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2013-03-16 03:54:39 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2013-03-16 03:54:39 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2013-03-16 03:54:39 575488 ------w- c:\windows\system32\xpsshhdr.dll
2013-03-16 03:54:39 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2013-03-16 03:54:39 1676288 ------w- c:\windows\system32\xpssvcs.dll
2013-03-16 03:54:39 117760 ------w- c:\windows\system32\prntvpt.dll
2013-03-16 03:54:38 -------- d-----w- C:\70a2473e871645d7e4
2013-03-15 21:13:51 -------- d-sh--w- c:\documents and settings\matolis\PrivacIE
2013-03-15 21:13:50 -------- d-sh--w- c:\documents and settings\matolis\IECompatCache
2013-03-15 21:05:26 -------- d-sh--w- c:\documents and settings\matolis\IETldCache
2013-03-15 19:48:31 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2013-03-15 19:48:02 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll
2013-03-15 19:47:43 -------- d-----w- c:\windows\ie8updates
2013-03-15 19:47:37 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2013-03-15 19:47:37 630272 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2013-03-15 19:47:37 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2013-03-15 19:47:37 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2013-03-15 19:47:37 2004992 -c----w- c:\windows\system32\dllcache\iertutil.dll
2013-03-15 19:47:37 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2013-03-15 19:47:37 11111424 -c----w- c:\windows\system32\dllcache\ieframe.dll
2013-03-15 19:46:34 -------- dc-h--w- c:\windows\ie8
2013-03-15 19:30:52 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
2013-03-15 19:27:34 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2013-03-15 19:27:34 3072 ------w- c:\windows\system32\iacenc.dll
2013-03-15 19:25:54 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2013-03-15 19:18:13 2193024 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2013-03-15 19:18:13 2148864 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2013-03-15 19:18:12 2027520 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2013-03-15 19:18:04 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2013-03-15 19:17:18 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2013-03-15 19:17:18 272128 ------w- c:\windows\system32\drivers\bthport.sys
2013-03-15 19:15:53 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2013-03-15 19:15:53 -------- d-----w- c:\windows\system32\PreInstall
2013-03-15 19:15:52 -------- d--h--w- c:\windows\$hf_mig$
2013-03-15 19:13:14 -------- d-sh--w- c:\documents and settings\matolis\UserData
2013-03-15 19:04:53 -------- d-----w- c:\windows\system32\SoftwareDistribution
2013-03-15 17:20:11 -------- d-----w- c:\documents and settings\matolis\application data\Malwarebytes
2013-03-15 17:19:57 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2013-03-15 17:19:56 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-15 17:19:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-03-15 17:05:28 -------- d-----w- c:\program files\Kaspersky Lab
2013-03-15 17:05:28 -------- d-----w- c:\documents and settings\all users\application data\Kaspersky Lab
2013-03-15 17:05:22 74072 ----a-w- c:\windows\system32\drivers\klflt.sys
2013-03-15 16:54:46 7062 ----a-w- c:\windows\system32\audiopid.vxd
2013-03-15 16:54:35 647872 ------w- c:\windows\system32\Mscomct2.ocx
2013-03-15 16:54:35 41984 ------w- c:\windows\Ctregrun.exe
2013-03-15 16:54:22 90112 ------w- c:\windows\Updreg.EXE
2013-03-15 16:53:52 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2013-03-15 16:53:52 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2013-03-15 16:53:20 10240 ----a-w- c:\windows\CTDCRES.DLL
2013-03-15 16:53:20 -------- d-----w- c:\windows\system32\Data
2013-03-15 16:52:41 -------- d-----w- c:\program files\Creative
2013-03-15 14:25:00 -------- d-sh--r- C:\acroldr
2013-03-15 10:18:57 -------- d--h--w- c:\windows\system32\GroupPolicy
2013-03-15 09:19:52 0 ----a-w- c:\windows\ativpsrm.bin
2013-03-15 09:12:59 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2013-03-15 09:12:59 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2013-03-15 09:12:59 225280 ----a-w- c:\program files\common files\installshield\iscript\iscript.dll
2013-03-15 09:12:59 212992 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ILog.dll
2013-03-15 09:12:59 176128 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
2013-03-15 09:03:45 -------- d-----w- c:\documents and settings\matolis\local settings\application data\ApplicationHistory
2013-03-15 09:02:50 -------- d-----w- c:\windows\system32\URTTemp
2013-03-15 08:55:46 19240 ----a-r- c:\windows\system32\drivers\SiWinAcc.sys
2013-03-15 08:55:46 118824 ----a-r- c:\windows\system32\SilSupp.dll
2013-03-15 08:55:46 116264 ----a-r- c:\windows\system32\drivers\SI3112r.sys
2013-03-15 08:35:32 117248 ----a-r- c:\windows\system32\drivers\viamraid.sys
2013-03-15 08:18:56 27904 ----a-w- c:\windows\system32\drivers\VIAAGP1.SYS
2013-03-15 08:18:52 -------- d-----w- c:\windows\system32\ReinstallBackups
2013-03-15 08:18:29 306688 ----a-w- c:\windows\IsUninst.exe
2013-03-15 08:18:21 -------- d-----w- c:\documents and settings\matolis\WINDOWS
2013-03-15 08:15:05 5824 ----a-w- c:\windows\system32\drivers\ASUSHWIO.SYS
.
==================== Find3M ====================
.
2013-03-15 16:35:09 43608 ----a-w- c:\windows\system32\drivers\kltdi.sys
2013-03-15 16:35:08 24920 ----a-w- c:\windows\system32\drivers\klmouflt.sys
2013-03-15 16:35:08 24408 ----a-w- c:\windows\system32\drivers\klkbdflt.sys
2013-02-12 00:32:23 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-02-06 10:48:44 81920 ------w- c:\windows\system32\ieencode.dll
2013-02-05 20:05:47 916480 ----a-w- c:\windows\system32\wininet.dll
2013-02-05 20:05:46 43520 ------w- c:\windows\system32\licmgr10.dll
2013-02-05 20:05:46 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-02-05 05:53:57 385024 ------w- c:\windows\system32\html.iec
2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 01:16:02 2193024 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 00:36:58 2069760 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49:10 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49:10 1292288 ----a-w- c:\windows\system32\quartz.dll
.
============= FINISH: 9:26:17.46 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 3/15/2013 2:16:14 AM
System Uptime: 3/31/2013 4:44:32 AM (5 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | K8V
Processor: AMD Athlon™ 64 Processor 3200+ | Socket 754 | 2002/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 932 GiB total, 842.117 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 75 GiB total, 73.998 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: AMD High Definition Audio Device
Device ID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1001\5&2D021E0F&0&0001
Manufacturer: Advanced Micro Devices
Name: AMD High Definition Audio Device
PNP Device ID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1001\5&2D021E0F&0&0001
Service: AtiHDAudioService
.
Class GUID: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Description: VIA RAID Controller - 3149
Device ID: PCI\VEN_1106&DEV_3149&SUBSYS_80ED1043&REV_80\3&267A616A&0&78
Manufacturer: VIA Technologies, Inc.
Name: VIA RAID Controller - 3149
PNP Device ID: PCI\VEN_1106&DEV_3149&SUBSYS_80ED1043&REV_80\3&267A616A&0&78
Service: viamraid
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Ad-Aware Antivirus
Ad-Aware Security Add-on
Adobe Flash Player 11 ActiveX
Adobe Reader XI (11.0.02)
AMD Catalyst Install Manager
Apple Application Support
Apple Software Update
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Creative Audio Control Panel
Creative Console Launcher
Creative Software AutoUpdate
Creative System Information
Creative WaveStudio 7
DARK VOID
Dragon Age: Origins
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
Kaspersky Internet Security 2013
Malwarebytes Anti-Malware version 1.70.0.1100
Mass Effect
Mass Effect 2
Mass Effect™ 3
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Flight Simulator X
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NVIDIA PhysX
OpenAL
Origin
QuickTime
Razer
redist
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows XP (KB923789)
Sound Blaster X-Fi
Two Worlds
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
.
==== Event Viewer Messages From Past Week ========
.
3/25/2013 8:13:41 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
3/25/2013 8:13:41 AM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/25/2013 6:35:13 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Adobe Flash Player Update Service service to connect.
3/25/2013 6:35:13 AM, error: Service Control Manager [7000] - The Adobe Flash Player Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/25/2013 12:56:20 PM, error: Application Popup [877] - There was error [DATABASE OPEN FAILED] processing the driver database.
.
==== End Of File ===========================

Attached Files


signature, don't need no stinking signature!

#4 arkhaan

arkhaan

    New Member

  • Members
  • Pip
  • 31 posts
  • Gender:Male
  • Location:US
  • Interests:PC Gaming, cycling, gardening, taking stuff apart, METV

Posted 31 March 2013 - 08:31 PM

I disabled mbam's realtime protection, as well as that of Kaspersky and Adaware before making these reports, as instructed, that is why the chekcResults.txt says everything is turned off, normally I keep everything fully enabled.
signature, don't need no stinking signature!

#5 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 40,900 posts
  • Gender:Male
  • Location:US

Posted 01 April 2013 - 12:17 AM

The logs show that you've run MBAR and that it still has an entry for removal processing. As you continue to have issue please follow the information below.

I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue.

Thank you

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#6 arkhaan

arkhaan

    New Member

  • Members
  • Pip
  • 31 posts
  • Gender:Male
  • Location:US
  • Interests:PC Gaming, cycling, gardening, taking stuff apart, METV

Posted 01 April 2013 - 11:06 AM

that entry for removal was from my Windows Security Center I disabled the alert for "Windows Updater" I am awair of this entry, it was a false positive, however, I will post this topic on the catagory you suggested, thank you.
signature, don't need no stinking signature!





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users