Sign in to follow this  
Followers 0
Andrew_Holding

Updating error PROGRAM_ERROR_UPDATING (404,0,HTTPStatusCode)

11 posts in this topic

It appears I have an infection - although there are a number of things that all happened in a short period of time.

A day or so after my McAfee subscription expired - my daughter tried to install service pack3 for windows XP (apparently the new I Pod Nano needs this to sync properly!

Windows wouldn't start up following this - and despite trying to reconfigure various .dll files etc. in the end I had to resort to the windows system disc - although I used the repair option - I went through the same process as re-installing windows. Although this got windows running - I couldn't open McAfee at all and had to remove it completely. That day my Netgear router died - and I have installed an old D-Link wireless router. Although I sometimes can get a browser connection this seems to be intermittent at best. The honest answer is I don't know if I have a windows issue, router issue / some kind of conflict - or a virus!

I posted on the link link below

http://forums.malwarebytes.org/index.php?showtopic=115213

I have run DDS and the logs are attached.

I have also run Roguekiller - report attached

Any help in resolving this issue will be gratefully received

Andrew

attach.txt

dds.txt

RKreport2.txt

Share this post


Link to post
Share on other sites

Hello Andrew! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Your system is infected, so let's take care for that.

Step 1

Please uninstall the following applications:

Ask Toolbar

Ask Toolbar Updater

Ask.com Search Assistant 1.0.2

BitTorrent

Conduit Engine

Viewpoint Media Player

Step 2

Please download Rkill to your desktop. There are two main different versions. If one of them won't run then download and try to run the other one. You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

  1. Double-click on the Rkill desktop icon to run the tool.
  2. If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  3. A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  4. If not, delete the file, then download and use the second RKill version. Do not reboot until instructed. If the tool does not run from any of the links provided, please let me know.
  5. When the scan is done Notepad will open with rKill log. Post it in your next reply.
    NOTE: rKill.txt log will also be present on your desktop.
    Step 3
    • Launch Malwarebytes' Anti-Malware
    • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
    • Go to Scanner tab and select Perform Quick Scan, then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 4

Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

aswMBR2-1.gif

On completion of the scan click save log, save it to your desktop and post in your next reply

aswMBR2.png

In your next reply, post the following log files:

  • RKill log
  • Malwarebytes' Anti-Malware log
  • aswMBR log
  • a new fresh DDS log

Share this post


Link to post
Share on other sites

Hi Maniac

RKill log

The second of the links provided allowed iExplore.exe to run and produce the following Rkill log:

Rkill 2.3.4 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2012 BleepingComputer.com

More Information about Rkill can be found at this link:

http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/03/2012 08:20:19 PM in x86 mode.

Windows Version: Microsoft Windows XP Service Pack 2

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* C:\WINDOWS\stsystra.exe (PID: 800) [WD-HEUR]

* C:\WINDOWS\System32\DLA\DLACTRLW.EXE (PID: 1464) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

* HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!

* HKCU\SOFTWARE\Classes\.exe has been deleted!

* HKCU\SOFTWARE\Classes\exefile has been deleted!

Performing miscellaneous checks.

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Background Intelligent Transfer Service (BITS) is not Running.

Startup Type set to: Manual

* atapi => \SystemRoot\system32\DRIVERS\atapi.sys [incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/03/2012 08:22:10 PM

Execution time: 0 hours(s), 1 minute(s), and 50 seconds(s)

Went to Malwarebytes update and got the following error message PROGRAM_ERROR_UPDATING (0,0, Timeout)

Got a more up to date copy of the database from another laptop and ran quick scan - log below

Malwarebytes Anti-Malware (Trial) 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.27.04

Windows XP Service Pack 2 x86 NTFS

Internet Explorer 6.0.2900.2180

Andrew :: BOB [administrator]

Protection: Enabled

03/09/2012 21:02:51

mbam-log-2012-09-03 (21-02-51).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 414865

Time elapsed: 1 hour(s), 31 minute(s), 20 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 3

C:\Documents and Settings\Becky\My Documents\Downloads\CCleaner_Setup (1).exe (PUP.Bundle.Installer.OI) -> Quarantined and deleted successfully.

C:\Documents and Settings\Becky\My Documents\Downloads\CCleaner_Setup (2).exe (PUP.Bundle.Installer.OI) -> Quarantined and deleted successfully.

C:\Documents and Settings\Becky\My Documents\Downloads\CCleaner_Setup.exe (PUP.Bundle.Installer.OI) -> Quarantined and deleted successfully.

(end)

Ran aswMBR - log below

swMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-09-03 23:41:17

-----------------------------

23:41:17.921 OS Version: Windows 5.1.2600 Service Pack 2

23:41:17.921 Number of processors: 2 586 0x604

23:41:17.921 ComputerName: BOB UserName:

23:41:18.562 Initialize success

23:41:43.015 AVAST engine download error: 0

23:41:43.171 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2

23:41:43.171 Disk 0 Vendor: WDC_WD16 10.0 Size: 152587MB BusType: 3

23:41:43.171 Disk 0 MBR read successfully

23:41:43.171 Disk 0 MBR scan

23:41:43.187 Disk 0 unknown MBR code

23:41:43.187 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63

23:41:43.187 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 109638 MB offset 112455

23:41:43.187 Disk 0 Partition - 00 0F Extended LBA 38130 MB offset 224669025

23:41:43.218 Disk 0 Partition 3 00 DB CP/M / CTOS MSDOS5.0 4753 MB offset 302760990

23:41:43.250 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 38130 MB offset 224669088

23:41:43.250 Disk 0 scanning sectors +312496380

23:41:43.312 Disk 0 scanning C:\WINDOWS\system32\drivers

23:41:54.812 Service scanning

23:42:09.703 Modules scanning

23:42:43.312 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Andrew\Desktop\MBR.dat"

23:42:43.312 The log file has been saved successfully to "C:\Documents and Settings\Andrew\Desktop\aswMBR.txt"

23:43:01.406 Module: C:\WINDOWS\System32\DLA\DLADResN.SYS **SUSPICIOUS**

23:43:17.375 Disk 0 trace - called modules:

23:43:17.375 ntkrnlpa.exe CLASSPNP.SYS disk.sys sfsync04.sys hal.dll iaStor.sys

23:43:17.390 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x871c9030]

23:43:17.390 3 CLASSPNP.SYS[f754505b] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-2[0x8715e030]

23:43:17.390 Scan finished successfully

23:43:38.843 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Andrew\Desktop\MBR.dat"

23:43:38.921 The log file has been saved successfully to "C:\Documents and Settings\Andrew\Desktop\aswMBR2.txt"

DDS log

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 6.0.2900.2180

Run by Andrew at 23:44:37 on 2012-09-03

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.333 [GMT 1:00]

.

.

============== Running Processes ===============

.

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\stsystra.exe

C:\WINDOWS\ehome\ehtray.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Real\RealPlayer\RealPlay.exe

C:\Program Files\Dell Photo AIO Printer 944\memcard.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe

C:\Program Files\Dell\Media Experience\DMXLauncher.exe

C:\Program Files\Dell Photo AIO Printer 944\dlcdmon.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe

C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

C:\Program Files\Common Files\AOL\1232904073\ee\AOLSoftware.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe

C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\dlcdcoms.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Documents and Settings\Andrew\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Andrew\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE

C:\Documents and Settings\Andrew\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

C:\Documents and Settings\Andrew\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

C:\Documents and Settings\Andrew\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Andrew\My Documents\Downloads\aswMBR.exe

C:\WINDOWS\system32\NOTEPAD.EXE

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=5061010

uSearch Page = hxxp://www.google.com

uDefault_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=5061010

uSearch Bar = hxxp://www.google.com/ie

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

mDefault_Search_URL = hxxp://www.google.com/ie

mSearch Page = hxxp://www.google.com

mSearch Bar = hxxp://www.google.com/ie

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mSearchAssistant = hxxp://www.google.com/ie

uURLSearchHooks: H - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll

BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No File

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: Brothersoft Toolbar: {e8de9422-3b2c-4243-bf6f-235da84d8ef8} - c:\program files\brothersoft\prxtbBro2.dll

TB: Brothersoft Toolbar: {e8de9422-3b2c-4243-bf6f-235da84d8ef8} - c:\program files\brothersoft\prxtbBro2.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [Google Update] "c:\documents and settings\becky\local settings\application data\google\update\GoogleUpdate.exe" /c

uRun: [Clownfish] "c:\program files\clownfish\Clownfish.exe"

uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

mRun: [DLCDCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCDtime.dll,_RunDLLEntry@16

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [sigmatelSysTrayApp] stsystra.exe

mRun: [ehTray] c:\windows\ehome\ehtray.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [speedTouch USB Diagnostics] "c:\program files\thomson\speedtouch usb\Dragdiag.exe" /icon

mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

mRun: [NPSStartup]

mRun: [MemoryCardManager] "c:\program files\dell photo aio printer 944\memcard.exe"

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [iSUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup

mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe

mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe

mRun: [dlcdmon.exe] "c:\program files\dell photo aio printer 944\dlcdmon.exe"

mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE

mRun: [Corel Photo Downloader] c:\program files\corel\corel photo album 6\MediaDetect.exe

mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [AOL Spyware Protection] "c:\progra~1\common~1\aol\aolspy~1\AOLSP Scheduler.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [Norton Ghost 10.0] "c:\program files\norton ghost\agent\GhostTray.exe"

mRun: [HostManager] c:\program files\common files\aol\1232904073\ee\AOLSoftware.exe

mRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exe

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [D-Link AirPlus G] c:\program files\d-link\airplus g\AirGCFG.exe

mRun: [ANIWZCS2Service] c:\program files\ani\aniwzcs2 service\WZCSLDR2.exe

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

dRunOnce: [RunNarrator] Narrator.exe

dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\aol90t~1.lnk - c:\program files\aol 9.0\aoltray.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\bdarem~1.lnk - c:\program files\usb tv\em28xx\BDARemote.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hdwrit~1.lnk - c:\program files\common files\panasonic\hd writer autostart\HDWriterAutoStart.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\runnin~1.lnk - c:\program files\wificonnector\NintendoWFCReg.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\servic~1.lnk - c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exe

IE: &Search

IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll

Trusted Zone: internet

Trusted Zone: mcafee.com

DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab

DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab

DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Peggle%20Nights/Images/stg_drm.ocx

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.srtest.com/srl_bin/sysreqlab_srl.cab

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab

DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} - hxxp://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab

DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}

DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1230296713453

DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} - hxxp://www.systemrequirementslab.com/sysreqlab2.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1345469201437

DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - hxxp://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab

DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Peggle%20Nights/Images/armhelper.ocx

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{593A063A-B756-4490-922A-E2B3026D0D63} : DhcpNameServer = 192.168.1.1

Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - c:\program files\tiscali\tiscali internet\dlls\tiscalifilter.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

AppInit_DLLs: whlphe.dll tfrexi.dll nyuqhx.dll ebdkpg.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

LSA: Notification Packages = scecli scecli

.

============= SERVICES / DRIVERS ===============

.

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-10-6 54752]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-9-2 655944]

R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]

R3 dlcd_device;dlcd_device;c:\windows\system32\dlcdcoms.exe -service --> c:\windows\system32\dlcdcoms.exe -service [?]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-9-2 22344]

S0 sppqy;sppqy;c:\windows\system32\drivers\vrfugrz.sys --> c:\windows\system32\drivers\vrfugrz.sys [?]

S2 Apache2.2;Remote Access Media Server;"c:\program files\common files\singleclick systems\apache\bin\httpd.exe" -k runservice --> c:\program files\common files\singleclick systems\apache\bin\httpd.exe [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 dsl-db;Remote Access DB;"c:\program files\common files\singleclick systems\mysql\bin\mysqld.exe" --defaults-file="c:\program files\common files\singleclick systems\mysql\my.ini" dsl-db --> c:\program files\common files\singleclick systems\mysql\bin\mysqld.exe [?]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-30 135664]

S3 ActionReplayDS;ActionReplayDS;c:\windows\system32\drivers\ActionReplayDS.sys [2011-4-15 29184]

S3 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [2011-6-21 4096]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]

S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-6-1 36608]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-30 135664]

S3 scrcap;scrcap;c:\windows\system32\drivers\scrcap.sys [2006-12-27 9006]

S3 vidcap;vidcap;c:\windows\system32\drivers\vidcap.sys [2006-12-27 9006]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2012-09-02 13:34:59 -------- d-----w- c:\documents and settings\andrew\application data\Malwarebytes

2012-09-02 13:34:53 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-09-02 13:34:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-09-02 13:34:53 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2012-08-28 20:42:35 -------- d-----w- c:\program files\common files\PC Utility Kit

2012-08-28 20:42:34 -------- d-----w- c:\program files\PC Utility Kit

2012-08-28 20:42:34 -------- d-----w- c:\documents and settings\all users\application data\PC Utility Kit

2012-08-26 16:40:29 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll

2012-08-26 16:40:29 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll

2012-08-26 16:40:29 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll

2012-08-26 16:40:28 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll

2012-08-26 16:40:28 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll

2012-08-26 16:40:28 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll

2012-08-26 16:40:28 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll

2012-08-21 22:38:59 76288 -c--a-w- c:\windows\system32\dllcache\uniime.dll

2012-08-21 22:37:59 53248 -c--a-w- c:\windows\system32\dllcache\nextlink.dll

2012-08-21 22:36:55 7680 -c--a-w- c:\windows\system32\dllcache\ftpctrs2.dll

2012-08-21 22:35:58 7168 -c--a-w- c:\windows\system32\dllcache\wamregps.dll

2012-08-21 22:32:33 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe

2012-08-21 22:32:33 16384 ----a-w- c:\program files\internet explorer\connection wizard\isignup.exe

2012-08-21 21:57:32 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll

2012-08-21 21:57:32 24661 ----a-w- c:\windows\system32\spxcoins.dll

2012-08-21 21:57:32 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll

2012-08-21 21:57:32 13312 ----a-w- c:\windows\system32\irclass.dll

2012-08-21 21:57:26 22339 ----a-r- c:\windows\SET282.tmp

2012-08-21 21:57:26 10559 ----a-r- c:\windows\SET283.tmp

2012-08-21 21:57:08 13753 ----a-r- c:\windows\SET23F.tmp

2012-08-21 21:57:06 1086058 ----a-r- c:\windows\SET233.tmp

2012-08-21 21:57:05 106147 ----a-r- c:\windows\SET230.tmp

2012-08-20 15:25:12 19569 ----a-w- c:\windows\000001_.tmp

2012-08-20 15:05:01 331805736 ----a-w- c:\windows\WindowsXP-KB936929-SP3-x86-ENU.exe

2012-08-19 20:42:31 -------- d-----w- c:\program files\iPod

2012-08-19 20:42:21 -------- d-----w- c:\program files\iTunes

2012-08-19 20:41:18 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll

2012-08-19 20:41:18 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys

2012-08-19 20:39:14 -------- d-----w- c:\program files\Bonjour

2012-08-12 22:53:45 -------- d-----w- c:\documents and settings\andrew\application data\Nectar Search Toolbar for Chrome

.

==================== Find3M ====================

.

2012-07-15 21:34:45 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-07-15 21:34:44 476976 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-07-15 21:34:44 472880 ----a-w- c:\windows\system32\deployJava1.dll

2012-07-15 21:34:23 0 ----a-w- c:\windows\system32\REN137.tmp

2012-07-15 21:34:23 0 ----a-w- c:\windows\system32\REN136.tmp

2012-07-15 21:34:23 0 ----a-w- c:\windows\system32\REN135.tmp

2012-07-15 10:41:46 4184 --sha-w- c:\windows\system32\KGyGaAvL.sys

2012-07-05 20:21:21 444952 ----a-w- c:\windows\system32\wrap_oal.dll

2012-07-05 20:21:20 109080 ----a-w- c:\windows\system32\OpenAL32.dll

2009-10-27 19:28:59 4727808 ----a-w- c:\program files\Works632_en-US.msi

2008-10-30 13:33:37 67167528 ----a-w- c:\program files\iTunes801Setup.exe

2008-10-26 16:34:46 183 ----a-w- c:\program files\run_mod.bat

2008-10-26 16:34:46 167 ----a-w- c:\program files\run_studiomdl.bat

2008-10-26 16:34:46 162 ----a-w- c:\program files\run_hlmv.bat

2008-10-26 16:34:46 105 ----a-w- c:\program files\run_hammer.bat

.

============= FINISH: 23:47:49.31 ===============

Attach log

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 21/08/2012 23:40:00

System Uptime: 03/09/2012 23:00:01 (0 hours ago)

.

Motherboard: Dell Inc. | | 0WG864

Processor: Intel® Pentium® D CPU 3.40GHz | Microprocessor | 3391/800mhz

Processor: Intel® Pentium® D CPU 3.40GHz | Microprocessor | 3391/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 107 GiB total, 30.2 GiB free.

D: is FIXED (NTFS) - 37 GiB total, 37.165 GiB free.

E: is CDROM ()

F: is CDROM ()

G: is Removable

H: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: D-Link AirPlus G DWL-G122 Wireless USB Adapter(rev.C)

Device ID: USB\VID_07D1&PID_3C03\5&FAE28C5&0&3

Manufacturer: D-Link

Name: D-Link AirPlus G DWL-G122 Wireless USB Adapter(rev.C)

PNP Device ID: USB\VID_07D1&PID_3C03\5&FAE28C5&0&3

Service: RT73

.

==== System Restore Points ===================

.

RP1: 22/08/2012 06:31:22 - System Checkpoint

RP2: 25/08/2012 11:49:01 - System Checkpoint

RP3: 26/08/2012 15:54:14 - System Checkpoint

RP4: 26/08/2012 17:18:36 - Removed CONNECT.

RP5: 26/08/2012 17:38:19 - Installed QuickTime

RP6: 27/08/2012 14:49:54 - Removed McAfee Virtual Technician

RP7: 28/08/2012 15:10:34 - System Checkpoint

RP8: 02/09/2012 13:02:48 - System Checkpoint

RP9: 03/09/2012 13:58:54 - System Checkpoint

RP10: 03/09/2012 19:12:00 - Removed Ask Toolbar.

RP11: 03/09/2012 19:52:27 - Installed AirPlus G

.

==== Installed Programs ======================

.

2 Player Chess

944plc32

ABBYY FineReader 6.0 Sprint

Acrobat.com

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.1.3

Adobe Shockwave Player 11.5

AirPlus G

angusScreenSaver

ANIO Service

ANIWZCS2 Service

AOL Spyware Protection

AOL Uninstaller (Choose which Products to Remove)

AOL You've Got Pictures Screensaver

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ARTEuro

ATI AVIVO Codecs

ATI Catalyst Control Center

ATI Display Driver

ATI Parental Control & Encoder

Audacity 1.2.6

AXIS Media Control Embedded

Blast Thru Special Edition

Bonjour

Catz 5

Clownfish for Skype

Compatibility Pack for the 2007 Office system

Conexant D850 56K V.9x DFVc Modem

Corel Photo Album 6

Counter-Strike 2D 0.1.2.0

Crispy Splasher 1.0

CustomPlay Golf 1.52

Dell CinePlayer

Dell Driver Reset Tool

Dell Photo AIO Printer 944

Dell Resource CD

Dell Support 3.2

Dell System Restore

Digital Line Detect

DirectX Media Runtime 5.1

doctor_who Screen Saver

Dominion

Dominoes Deluxe

Driving Test Success - All Tests (2008-2009)

Drone

eGames Galaxy of WinGames

eGames Mini Golf Master 2

Elmo Screen Saver Version 1.0

ESPNMotion

Frogger v1.1e

Galaxy Man

Game Chest

GemMaster Mystic

Geo Jump

getPlus®_ocx

Google Chrome

Google Earth

Google Earth Plug-in

Google Toolbar for Internet Explorer

Google Update Helper

Google Video Player

hairspray_screensaver

Harry Potter Order of the Phoenix Screen Saver

HD Writer AE 3.0

Hotel Giant

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

In The Night Garden Screen Saver

Indeo® software

Intel® Matrix Storage Manager

Intel® PRO Network Connections

iTunes

J2SE Runtime Environment 5.0 Update 10

Java Auto Updater

Java 6 Update 33

Junk Mail filter update

Juxto

LazyTown ScreenSaver 6000

Learn2 Player (Uninstall Only)

Lemmings Revolution

Lexicon Special Edition

LiveUpdate 2.6 (Symantec Corporation)

MahJongg Game of Four Winds SE

Malwarebytes Anti-Malware version 1.62.0.1300

Map Button (Windows Live Toolbar)

MCU

Medal of Honor Allied Assault

MetaFrame Presentation Server Web Client for Win32

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB2656370)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft MPEG-4 VKI Video Codec V1/V2/V3

Microsoft Office File Validation Add-In

Microsoft Office Live Add-in 1.5

Microsoft Office Outlook 2003 with Business Contact Manager Update

Microsoft Office Outlook Connector

Microsoft Office Professional Edition 2003

Microsoft Silverlight

Microsoft Speech API 3.0

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)

Microsoft Sync Framework Runtime Native v1.0 (x86)

Microsoft Sync Framework Services Native v1.0 (x86)

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Works 6-9 Converter

Microsoft XNA Framework Redistributable 4.0

MobileMe Control Panel

Modem Helper

MSN

MSVCRT

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

MSXML 6 Service Pack 2 (KB973686)

Nectar Search Toolbar for Chrome

NetWaiting

NVIDIA Drivers

NVIDIA PhysX

OneCare Advisor (Windows Live Toolbar)

OpenAL

OpenMG Limited Patch 4.4-06-13-19-01

OpenMG Secure Module 4.4.00

Otto

Pando Media Booster

PC Connectivity Solution

PC Utility Kit

Petz 3

Pirates Of The Caribbean At Worlds End Screen Saver

Pokemon Online 2.0.05d

Pokemon Online version 1.0.51

Popup Blocker (Windows Live Toolbar)

Puppy Luv

QuickTime

RealPlayer Basic

Roll

RollerCoaster Tycoon 2

RollerCoaster Tycoon 3

Roxio DLA

Roxio MyDVD LE

Roxio RecordNow Audio

Roxio RecordNow Copy

Roxio RecordNow Data

Safari

SAMSUNG CDMA Modem Driver Set

SAMSUNG Mobile Modem V2 Software

SAMSUNG Mobile USB Modem 1.0 Software

Screensavers Installer Version 2

SearchAssist

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Sega Smash Pack

Segoe UI

Skype Toolbars

Skype™ 5.1

Smart Menus (Windows Live Toolbar)

Sonic Activation Module

Sonic Encoders

Space Solitaire

SpeedTouch USB Software

System Requirements Lab

System Requirements Lab CYRI

The Oxbridge Reference Collection

The Simpsons Movie Screen Saver

The Sims Makin' Magic

Theme Hospital

Tiscali Internet

Tiscali Music Downloads

Total Recall

Tots TV Screen Saver

tunnel Screen Saver

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update Rollup 2 for Windows XP Media Center Edition 2005

URL Assistant

Ventrilo Client

VideoEgg Publisher

VirtualCom driver

WA Update v3.50 beta2

Wanadoo Europe Installer

WebFldrs XP

Windows Driver Package - Advanced Micro Devices, Inc. (USB28xxBGA) Media (08/31/2007 5.7.0831.0)

Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0)

Windows Driver Package - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)

Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)

Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)

Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Favorites for Windows Live Toolbar

Windows Live Mail

Windows Live Messenger

Windows Live Outlook Toolbar (Windows Live Toolbar)

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Sync

Windows Live Toolbar

Windows Live Toolbar Extension (Windows Live Toolbar)

Windows Live Toolbar Feed Detector (Windows Live Toolbar)

Windows Live Upload Tool

Windows Live Writer

Windows Media Format 11 runtime

Windows Media Format Runtime

Windows Media Player 11

Windows PowerShell 1.0

Windows XP Media Center Edition 2005 KB908246

Worms Armageddon

WWRY Screensaver

XviD MPEG-4 Video Codec

YouTube Downloader 2.5.3

.

==== Event Viewer Messages From Past Week ========

.

27/08/2012 14:48:18, error: Service Control Manager [7038] - The Apache2.2 service was unable to log on as .\SingleClick Admin with the currently configured password due to the following error: Logon failure: unknown user name or bad password. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

27/08/2012 14:48:18, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

27/08/2012 14:48:18, error: Service Control Manager [7000] - The Remote Access Media Server service failed to start due to the following error: The service did not start due to a logon failure.

27/08/2012 14:48:18, error: Service Control Manager [7000] - The Remote Access DB service failed to start due to the following error: The system cannot find the path specified.

27/08/2012 11:00:19, error: PlugPlayManager [11] - The device Root\LEGACY_MFESMFK\0000 disappeared from the system without first being prepared for removal.

27/08/2012 11:00:19, error: PlugPlayManager [11] - The device Root\LEGACY_MFERKDK\0000 disappeared from the system without first being prepared for removal.

27/08/2012 11:00:18, error: PlugPlayManager [11] - The device Root\LEGACY_MFEHIDK\0000 disappeared from the system without first being prepared for removal.

27/08/2012 11:00:18, error: PlugPlayManager [11] - The device Root\LEGACY_MFEBOPK\0000 disappeared from the system without first being prepared for removal.

27/08/2012 11:00:18, error: PlugPlayManager [11] - The device Root\LEGACY_MFEAVFK\0000 disappeared from the system without first being prepared for removal.

27/08/2012 10:41:03, error: DCOM [10000] - Unable to start a DCOM Server: {CDECC4C3-7377-11D3-9A6C-00C04FF40D52}. The error: "%3" Happened while starting this command: c:\PROGRA~1\mcafee.com\shared\mghtml.exe -Embedding

03/09/2012 19:21:40, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the dlcd_device service to connect.

03/09/2012 19:21:40, error: Service Control Manager [7000] - The dlcd_device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

03/09/2012 19:21:40, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service dlcd_device with arguments "" in order to run the server: {323CE21C-A448-40AA-BA74-7FCF1E441067}

02/09/2012 23:23:26, error: DCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {D851F103-8C90-4321-AFF0-58BA5BD421C2} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.

02/09/2012 21:28:55, error: Dhcp [1002] - The IP address lease 192.168.1.5 for the Network Card with network address 001676CC4163 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

02/09/2012 20:53:07, error: ipnathlp [32003] - The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.

02/09/2012 20:53:05, error: Dhcp [1002] - The IP address lease 192.168.1.4 for the Network Card with network address 001676CC4163 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

.

==== End Of File ===========================

Best Regards

Andrew

Share this post


Link to post
Share on other sites

You still couldn't update Malwarebytes' Anti-Malware?

Share this post


Link to post
Share on other sites

Ran mbam-rules.exe on laptop & transferred from my laptop through USB memory stick and run = database is now 7 days out of date

On start up today got the following error messages

The procedure entry point appGetInterfacecount could not be located in the dynamic link library wlanapi.dll - clicked OK and got second message The procedure entry point apsinitialize could not be located in the dynamic link library wlanapi.dll

Getting an internet connection is difficult

Andrew

Share this post


Link to post
Share on other sites

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update

    [*]Press "Scan".

    [*]It will create a log (FSS.txt) in the same directory the tool is run.

    [*]Please copy and paste the log to your reply.

Share this post


Link to post
Share on other sites

Hi

Farbar log below

Farbar Service Scanner Version: 06-08-2012

Ran by Andrew (administrator) on 06-09-2012 at 19:26:47

Running from "C:\Documents and Settings\Andrew\My Documents\Downloads"

Microsoft Windows XP Professional Service Pack 2 (X86)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo IP is accessible.

Yahoo.com is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall"=DWORD:0

System Restore:

============

System Restore Disabled Policy:

========================

Security Center:

============

Windows Update:

============

Windows Autoupdate Disabled Policy:

============================

File Check:

========

C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit

C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit

C:\WINDOWS\system32\Drivers\netbt.sys

[2004-08-10 12:00] - [2004-08-10 12:00] - 0162816 ____A (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B

C:\WINDOWS\system32\Drivers\tcpip.sys

[2004-08-10 12:00] - [2004-08-10 12:00] - 0359040 ____A (Microsoft Corporation) 9F4B36614A0FC234525BA224957DE55C

C:\WINDOWS\system32\Drivers\ipsec.sys

[2004-08-10 12:00] - [2004-08-10 12:00] - 0074752 ____A (Microsoft Corporation) 64537AA5C003A6AFEEE1DF819062D0D1

C:\WINDOWS\system32\dnsrslvr.dll

[2004-08-10 12:00] - [2004-08-10 12:00] - 0045568 ____A (Microsoft Corporation) 7379DE06FD196E396A00AA97B990C00D

C:\WINDOWS\system32\ipnathlp.dll

[2004-08-10 12:00] - [2004-08-10 12:00] - 0331264 ____A (Microsoft Corporation) 36CC8C01B5E50163037BEF56CB96DEFF

C:\WINDOWS\system32\netman.dll

[2004-08-10 12:00] - [2004-08-10 12:00] - 0198144 ____A (Microsoft Corporation) DAB9E6C7105D2EF49876FE92C524F565

C:\WINDOWS\system32\wbem\WMIsvc.dll

[2005-08-16 04:37] - [2004-08-10 12:00] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\srsvc.dll

[2005-08-16 04:40] - [2004-08-10 12:00] - 0170496 ____A (Microsoft Corporation) 92BDF74F12D6CBEC43C94D4B7F804838

C:\WINDOWS\system32\Drivers\sr.sys

[2010-02-13 15:09] - [2004-08-10 12:00] - 0073472 ____A (Microsoft Corporation) E41B6D037D6CD08461470AF04500DC24

C:\WINDOWS\system32\wscsvc.dll

[2004-08-10 12:00] - [2004-08-10 12:00] - 0081408 ____A (Microsoft Corporation) 4D59DAA66C60858CDF4F67A900F42D4A

C:\WINDOWS\system32\wbem\WMIsvc.dll

[2005-08-16 04:37] - [2004-08-10 12:00] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\wuauserv.dll

[2005-08-16 04:40] - [2004-08-10 12:00] - 0006656 ____A (Microsoft Corporation) 13D72740963CBA12D9FF76A7F218BCD8

C:\WINDOWS\system32\qmgr.dll

[2010-02-13 15:11] - [2004-08-10 12:00] - 0382464 ____A (Microsoft Corporation) 2C69EC7E5A311334D10DD95F338FCCEA

C:\WINDOWS\system32\es.dll

[2004-08-10 12:00] - [2004-08-10 12:00] - 0243200 ____A (Microsoft Corporation) ACD36A2DD7D1E9D8A060AA651DC07E63

C:\WINDOWS\system32\cryptsvc.dll

[2004-08-10 12:00] - [2004-08-10 12:00] - 0060416 ____A (Microsoft Corporation) 10654F9DDCEA9C46CFB77554231BE73B

C:\WINDOWS\system32\svchost.exe

[2004-08-10 12:00] - [2004-08-10 12:00] - 0014336 ____A (Microsoft Corporation) 8F078AE4ED187AAABC0A305146DE6716

C:\WINDOWS\system32\rpcss.dll

[2004-08-10 12:00] - [2004-08-10 12:00] - 0395776 ____A (Microsoft Corporation) 5C83A4408604F737717AB96371201680

C:\WINDOWS\system32\services.exe

[2004-08-10 12:00] - [2004-08-10 12:00] - 0108032 ____A (Microsoft Corporation) C6CE6EEC82F187615D1002BB3BB50ED4

Extra List:

=======

fssfltr(13) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3) Tcpip6(14)

0x0F000000040000000100000002000000030000000B00000005000000060000000700000008000000090000000A0000000C0000000D0000000E0000000F000000

IpSec Tag value is correct.

**** End of log ****

Andrew

Share this post


Link to post
Share on other sites

@ Andrew_Holding

Are you still with us? Kindly provide status update, otherwise this thread is subject to being closed.

Share this post


Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.