Can't completely remove a virus

[Maniac]

Your database version is very old.

Database version: v2012.09.07.13

Please uninstall it your Malwarebytes' Anti-Malware and then download and install the latest version from here:

http://downloads.malwarebytes.org/mbam-download.php

Repeat the quick scan again.

[cycle1]

I uninstalled the version I had and reinstalled Malwarebytes from the link, then ran a quick scan, with the following results. Is there a way to get the updates manually? Nothing I try allows me to update them from within the program.

Malwarebytes Anti-Malware 1.65.0.1400

www.malwarebytes.org

Database version: v2012.09.07.13

Windows XP Service Pack 3 x86 NTFS (Safe Mode/Networking)

Internet Explorer 8.0.6001.18702

David :: DFG1FS91 [administrator]

10/4/2012 6:19:40 PM

mbam-log-2012-10-04 (18-19-40).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 278701

Time elapsed: 5 minute(s), 49 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 1

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_LANMANSERVER32 (Trojan.Tracur) -> Quarantined and deleted successfully.

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[Maniac]

Database version: v2012.09.07.13

Your database is stil very old. Check the version: v2012.09.07.13

v2012 - year

09 - month

07 - day

Launch Malwarebytes' Anti-Malware and then go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version. Let me know.

[cycle1]

I tried the Check for Updates button, and I still get that Invalid argument error I mentioned previously, even when I try to do so in Safe Mode with Networking. I think the bug went away though because my latest scan was clean. Should I try something else to be completely sure?

[Maniac]

Please do the following:

• 
  
• Download and run mbam-clean.exe from here
  
• It will ask to restart your computer, please allow it to do so very important
  
• After the computer restarts, temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here
  
  • 
    
  • Note: You will need to reactivate the program using the license you were sent via email if using the Pro version
    
  • Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.
    Restart the computer again and verify that MBAM is in the task tray if using the Pro version. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or ask and we'll explain how to do it.
    

[cycle1]

I ran mbam-clean.exe, and reinstalled Malwarebytes from the link given, and I still generate an error. I also tried updating through a proxy (as mentioned in the FAQs), and tried updating in Safe Mode with Networking to no avail. Is there something else I can do to update besides uninstalling and reinstalling the software?

[Maniac]

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

SecCenter::

AV: Trend Micro PC-cillin Internet Security *Disabled/Outdated* {7D2296BC-32CC-4519-917E-52E652474AF5}

Save this as CFScript.txt, in the same location as ComboFix.exe

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

[cycle1]

Below is the log that was generated from ComboFix. On a side note, I went snooping around the site, and I found a way to update Malwarebytes without using the Check for Updates option in the program, so I now have newer definition files for the program.

ComboFix 12-10-04.02 - David 10/07/2012 13:51:41.5.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.675 [GMT -4:00]

Running from: c:\documents and settings\David Colon-Smith\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\David Colon-Smith\Desktop\CFScript.txt

AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

.

((((((((((((((((((((((((( Files Created from 2012-09-07 to 2012-10-07 )))))))))))))))))))))))))))))))

.

.

2072-07-31 22:44 . 2004-08-24 19:27 375808 ----a-w- c:\program files\Microsoft Games\Halo\binkw32.dll

2012-10-06 22:10 . 2012-10-06 22:11 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-10-06 21:12 . 2012-10-06 21:12 -------- d-----w- c:\documents and settings\David Colon-Smith\Application Data\Malwarebytes

2012-10-06 21:12 . 2012-10-06 21:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-10-06 21:12 . 2012-09-07 21:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-10-06 21:12 . 2012-10-06 21:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-10-06 20:52 . 2012-08-30 05:17 6980552 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5D1F7F88-932B-4D76-B4CB-1FF2D66A2A79}\mpengine.dll

2012-10-04 22:33 . 2012-10-04 22:33 -------- d-----w- c:\program files\Common Files\XoftSpySE

2012-10-04 22:33 . 2012-10-04 22:33 -------- d-----w- c:\program files\XoftSpySE6

2012-10-04 22:33 . 2012-10-04 22:33 -------- d-----w- c:\documents and settings\All Users\Application Data\XoftSpySE

2012-10-01 00:12 . 2012-08-28 15:14 521728 ------w- c:\windows\system32\dllcache\jsdbgui.dll

2012-09-30 23:52 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll

2012-09-30 23:52 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\dllcache\iacenc.dll

2012-09-30 22:59 . 2012-09-30 22:59 -------- d-----w- c:\program files\ESET

2012-09-21 11:35 . 2012-09-21 11:35 -------- d-----w- c:\documents and settings\David Colon-Smith\Application Data\McAfee

2012-09-21 11:31 . 2012-09-21 11:29 75656 ----a-w- c:\windows\system32\MfeOtlkAddin.dll

2012-09-21 11:31 . 2012-09-21 11:29 23112 ----a-w- c:\windows\system32\MFEOtlk.dll

2012-09-21 11:28 . 2012-09-23 04:55 -------- d-----w- c:\program files\McAfee

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-30 05:17 . 2009-12-19 14:13 6980552 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-08-28 15:14 . 2004-08-11 22:00 916992 ----a-w- c:\windows\system32\wininet.dll

2012-08-28 15:14 . 2004-08-11 22:00 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-08-28 15:14 . 2004-08-11 22:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-08-28 12:07 . 2004-08-11 22:00 385024 ----a-w- c:\windows\system32\html.iec

2008-04-05 21:01 . 2008-04-05 21:01 3778594 ----a-w- c:\program files\bluejsetup-221.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-10 68856]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-15 77824]

"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-30 385024]

"SigmatelSysTrayApp"="stsystra.exe" [2005-09-10 393216]

"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]

"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]

"MPFEXE"="c:\program files\mcafee.com\personal firewall\MPFTray.exe" [2006-03-07 992808]

"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2006-11-01 1392640]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]

"DLCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [2005-06-07 69632]

"dlccmon.exe"="c:\program files\Dell Photo AIO Printer 924\dlccmon.exe" [2005-07-22 425984]

"XoftSpySE"="c:\program files\XoftSpySE6\XoftSpySE.exe" [2009-08-28 4853016]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"RunNarrator"="Narrator.exe" [2008-04-14 53760]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]

2004-09-07 21:08 110592 ----a-w- c:\program files\Intel\Wireless\Bin\LgNotify.dll

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, ntoskrnl.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk

backup=c:\windows\pss\America Online 9.0 Tray Icon.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk

backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CACHEWEB.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\CACHEWEB.lnk

backup=c:\windows\pss\CACHEWEB.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk

backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShowLOMControl]

[X]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2010-11-10 17:49 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]

2007-02-06 15:20 478800 ----a-w- c:\program files\CVS\CVS Photo Editor Plus\Corel Photo Downloader.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]

2005-12-15 15:44 839680 ----a-w- c:\program files\Dell\QuickSet\quickset.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]

2005-11-01 08:12 94208 ----a-w- c:\program files\Dell\Media Experience\DMXLauncher.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]

2007-11-15 13:24 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]

2006-04-11 02:21 169472 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2010-06-01 22:19 136176 ----atw- c:\documents and settings\David Colon-Smith\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]

2007-01-01 21:22 3739648 ----a-w- c:\program files\Google\Google Talk\googletalk.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]

2005-10-15 01:50 114688 ----a-w- c:\windows\system32\igfxpers.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]

2005-10-15 01:49 94208 ----a-w- c:\windows\system32\igfxtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2010-11-11 05:40 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]

2005-09-09 00:20 8192 ----a-w- c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]

2005-09-09 00:20 110592 ----a-w- c:\progra~1\MUSICM~1\MUSICM~3\mm_tray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ModemOnHold]

2003-09-10 07:24 20480 ------w- c:\program files\NetWaiting\netwaiting.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPFExe]

2006-03-07 20:05 992808 ----a-w- c:\program files\mcafee.com\personal firewall\MpfTray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 10:42 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMX Daemon]

2006-06-09 16:47 47104 ----a-w- c:\windows\system32\ico.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-09-08 16:17 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]

2006-04-11 02:12 26112 ----a-w- c:\program files\Real\RealPlayer\realplay.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2010-05-14 16:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2007-08-10 00:15 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]

2010-08-24 09:38 247144 ----a-w- c:\documents and settings\David Colon-Smith\My Documents\TomTom HOME 2\TomTomHOMERunner.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\WINDOWS\\system32\\dlcccoms.exe"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

"c:\\Documents and Settings\\David Colon-Smith\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=

"c:\\Program Files\\Microsoft Games\\Halo Trial\\halo.exe"=

"c:\\Program Files\\Microsoft Games\\Halo\\halo.exe"=

"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"6000:TCP"= 6000:TCP:test

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowInboundEchoRequest"= 0 (0x0)

.

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [10/6/2012 6:10 PM 40776]

R3 XoftSpyService;XoftSpyService;c:\program files\Common Files\XoftSpySE\6\xoftspyservice.exe [8/28/2009 5:15 PM 582424]

S1 MpKsl057b8bd2;MpKsl057b8bd2;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{83757166-BBD5-49EA-B802-834D557FA638}\MpKsl057b8bd2.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{83757166-BBD5-49EA-B802-834D557FA638}\MpKsl057b8bd2.sys [?]

S2 Cache_c-_intersystems_cache;Caché Controller for CACHEWEB;c:\intersystems\Cache\Bin\cservice.exe [8/18/2008 9:35 PM 73728]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [6/1/2010 6:19 PM 136176]

S2 hkmsvc32;Health Key and Certificate Management Service ;c:\windows\system32\cryptdlg32.exe --> c:\windows\system32\cryptdlg32.exe [?]

S2 HTTPFilter32;HTTP SSL ;c:\windows\system32\ATL7132.exe --> c:\windows\system32\ATL7132.exe [?]

S2 lanmanserver32;Server ;c:\windows\system32\POSTWPP32.exe --> c:\windows\system32\POSTWPP32.exe [?]

S2 NetTcpPortSharing32;Net.Tcp Port Sharing Service ;c:\windows\system32\rastls32.exe --> c:\windows\system32\rastls32.exe [?]

S2 RegSrvc32;RegSrvc ;c:\windows\system32\gcdef32.exe --> c:\windows\system32\gcdef32.exe [?]

S2 TomTomHOMEService;TomTomHOMEService;c:\documents and settings\David Colon-Smith\My Documents\TomTom HOME 2\TomTomHOMEService.exe [8/24/2010 5:38 AM 92008]

S2 VSS32;Volume Shadow Copy ;c:\windows\system32\dlccutil(3)32.exe --> c:\windows\system32\dlccutil(3)32.exe [?]

S2 xmlprov32;Network Provisioning Service ;c:\windows\system32\TosSndAPI32.exe --> c:\windows\system32\TosSndAPI32.exe [?]

S3 AlteraUSBBlaster;Altera USB-Blaster Device Driver;c:\windows\system32\drivers\usbblstr.sys [9/19/2011 5:11 PM 58960]

S3 AWINDIS5;AWINDIS5 Protocol Driver;c:\windows\system32\AWINDIS5.SYS [6/15/2007 8:59 PM 16194]

S3 CACHEWEBhttpd;Web Server for CACHEWEB;c:\intersystems\Cache\httpd\bin\httpd.exe [8/18/2008 9:35 PM 20541]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [6/1/2010 6:19 PM 136176]

S3 StumbleUponUpdateService;StumbleUponUpdateService;c:\program files\StumbleUpon\StumbleUponUpdateService.exe [6/3/2009 4:52 PM 120168]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - MBAMSWISSARMY

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

.

Contents of the 'Scheduled Tasks' folder

.

2012-10-04 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 16:50]

.

2012-10-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-01 22:19]

.

2012-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-01 22:19]

.

2012-10-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1705149355-52376669-1174297957-1006Core.job

- c:\documents and settings\David Colon-Smith\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-27 22:19]

.

2012-10-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1705149355-52376669-1174297957-1006UA.job

- c:\documents and settings\David Colon-Smith\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-27 22:19]

.

2012-08-18 c:\windows\Tasks\ParetoLogic Update Version3.job

- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2009-08-28 21:15]

.

2012-10-07 c:\windows\Tasks\User_Feed_Synchronization-{4DBF9887-0447-4DA1-8377-9B6F318E27D7}.job

- c:\windows\system32\msfeedssync.exe [2009-03-08 08:31]

.

2012-10-07 c:\windows\Tasks\XoftSpySE.job

- c:\program files\XoftSpySE6\XoftSpySELauncher.exe [2009-08-28 21:13]

.

.

------- Supplementary Scan -------

.

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

TCP: DhcpNameServer = 192.168.1.1

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-10-07 14:05

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

MPFEXE = "c:\program files\mcafee.com\personal firewall\MPFTray.exe"????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

DLCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(772)

c:\program files\Intel\Wireless\Bin\LgNotify.dll

c:\windows\system32\igfxdev.dll

.

- - - - - - - > 'explorer.exe'(1832)

c:\windows\system32\WININET.dll

c:\progra~1\WINDOW~2\wmpband.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

c:\windows\system32\msi.dll

.

Completion time: 2012-10-07 14:09:57

ComboFix-quarantined-files.txt 2012-10-07 18:09

ComboFix2.txt 2012-09-30 06:22

ComboFix3.txt 2011-04-13 02:14

.

Pre-Run: 3,172,528,128 bytes free

Post-Run: 3,249,520,640 bytes free

.

- - End Of File - - 23C1CCB9B0F1D470B8BB6BF20D6D6A32

[Maniac]

Now:

http://forums.malwarebytes.org/index.php?showtopic=10138&st=0&p=181018entry181018

Then try to update Malwarebytes' Anti-Malware again.

[cycle1]

After I did all the steps from the link, I tried to update Malwarebytes, but I still receive the same error. However, I used a post I found in the forums here, and I updated my database version so that it says the following:

Post link: http://forums.malwarebytes.org/index.php?showtopic=108769

(What it says in the Update Tab)

Current database information:

Date: 10/1/2012 9:58:11 AM

Database version: v2012.10.01.05

Fingerprints loaded: 324895

[Maniac]

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan

• Tick the box next to YES, I accept the Terms of Use
  
• Click Start
  
• When asked, allow the ActiveX control to install
  
• Click Start
  
• Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  
• Click Scan (This scan can take several hours, so please be patient)
  
• Once the scan is completed, you may close the window
  
• Use Notepad to open the logfile located at C:\Program Files\ESET\Eset Online Scanner\log.txt
  
• Copy and paste that log as a reply to this topic
  

[cycle1]

Below is the ESET scan log:

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

esets_scanner_update returned -1 esets_gle=1

esets_scanner_update returned -1 esets_gle=1

esets_scanner_update returned -1 esets_gle=1

esets_scanner_update returned -1 esets_gle=1

esets_scanner_update returned -1 esets_gle=1

esets_scanner_update returned -1 esets_gle=1

esets_scanner_update returned -1 esets_gle=49153

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=28d70e7ab708d94e92bb6a87df588e7c

# end=stopped

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-10-02 02:50:25

# local_time=2012-10-01 10:50:25 (-0500, Eastern Daylight Time)

# country="United States"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=1797 16774142 0 93 31153540 84731206 0 0

# compatibility_mode=5891 16776870 42 87 8926 45072727 0 0

# compatibility_mode=8192 67108863 100 0 9088 9088 0 0

# scanned=202201

# found=24

# cleaned=24

# scan_time=4769

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\4w4wi64f.default\extensions\{05265800-156e-4f00-be7b-8b35c197c3c3}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\4w4wi64f.default\extensions\{3904947b-eb75-4243-a525-81ff6bd20d68}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\4w4wi64f.default\extensions\{625bb00d-60c4-4fd7-aec9-9c883fb047f5}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\4w4wi64f.default\extensions\{6bb2cd86-a536-4fb6-b66b-296191996bca}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\4w4wi64f.default\extensions\{c2d6eb9e-3f0d-40fb-a0f4-5320bfeef36d}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\4w4wi64f.default\extensions\{c5005cab-02d9-4b66-926d-59692f1f2ea0}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\4w4wi64f.default\extensions\{de531cee-74b8-4f6a-878f-951c7fd94fa8}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\4w4wi64f.default\extensions\{f805377c-3cf5-453a-b90a-d6d00261a5de}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\acvp0y0d.default\extensions\{05265800-156e-4f00-be7b-8b35c197c3c3}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\acvp0y0d.default\extensions\{3904947b-eb75-4243-a525-81ff6bd20d68}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\acvp0y0d.default\extensions\{625bb00d-60c4-4fd7-aec9-9c883fb047f5}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\acvp0y0d.default\extensions\{6bb2cd86-a536-4fb6-b66b-296191996bca}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\acvp0y0d.default\extensions\{c2d6eb9e-3f0d-40fb-a0f4-5320bfeef36d}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\acvp0y0d.default\extensions\{c5005cab-02d9-4b66-926d-59692f1f2ea0}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\acvp0y0d.default\extensions\{de531cee-74b8-4f6a-878f-951c7fd94fa8}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\acvp0y0d.default\extensions\{f805377c-3cf5-453a-b90a-d6d00261a5de}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\qdt6y5bo.default\extensions\{05265800-156e-4f00-be7b-8b35c197c3c3}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\qdt6y5bo.default\extensions\{3904947b-eb75-4243-a525-81ff6bd20d68}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\qdt6y5bo.default\extensions\{625bb00d-60c4-4fd7-aec9-9c883fb047f5}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\qdt6y5bo.default\extensions\{6bb2cd86-a536-4fb6-b66b-296191996bca}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\qdt6y5bo.default\extensions\{c2d6eb9e-3f0d-40fb-a0f4-5320bfeef36d}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\qdt6y5bo.default\extensions\{c5005cab-02d9-4b66-926d-59692f1f2ea0}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\qdt6y5bo.default\extensions\{de531cee-74b8-4f6a-878f-951c7fd94fa8}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Documents and Settings\Ivy Colon\Application Data\Mozilla\Firefox\Profiles\qdt6y5bo.default\extensions\{f805377c-3cf5-453a-b90a-d6d00261a5de}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

esets_scanner_update returned -1 esets_gle=53251

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=28d70e7ab708d94e92bb6a87df588e7c

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-10-02 05:04:46

# local_time=2012-10-02 01:04:46 (-0500, Eastern Daylight Time)

# country="United States"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=1797 16774142 0 93 31161201 84738867 0 0

# compatibility_mode=5891 16776870 42 87 16587 45080388 0 0

# compatibility_mode=8192 67108863 100 0 16749 16749 0 0

# scanned=210462

# found=1

# cleaned=1

# scan_time=5168

C:\WINDOWS\system32\Improve Your PC.lnk LNK/URL.B trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=28d70e7ab708d94e92bb6a87df588e7c

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2012-10-09 06:50:55

# local_time=2012-10-09 02:50:55 (-0500, Eastern Daylight Time)

# country="United States"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=1797 16774142 0 93 31772480 85350146 0 0

# compatibility_mode=5891 16776870 42 87 0 45691667 0 0

# compatibility_mode=8192 67108863 100 0 628028 628028 0 0

# scanned=210705

# found=0

# cleaned=0

# scan_time=5059

[Maniac]

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named)

Click the cog in the upper right

Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan

Allow AVP to delete all infections found

Once it has finished select report tab (last tab)

Select Detected threads report from the left and press Save button

Save it to your desktop and post it in your next reply.

[cycle1]

Below is the log after running Kaspersky Virus Removal Tool:

Status: Deleted (events: 6)

10/9/2012 3:53:26 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\David Colon-Smith\Application Data\Sun\Java\Deployment\cache\6.0\45\6c075e2d-28335f07 High

10/9/2012 3:53:35 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\David Colon-Smith\Application Data\Sun\Java\Deployment\cache\6.0\45\6c075e2d-2e6c2d32 High

10/9/2012 3:53:43 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\David Colon-Smith\Application Data\Sun\Java\Deployment\cache\6.0\45\6c075e2d-3407ba14 High

10/9/2012 3:53:50 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\David Colon-Smith\Application Data\Sun\Java\Deployment\cache\6.0\45\6c075e2d-35d60ac8 High

10/9/2012 3:53:57 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\David Colon-Smith\Application Data\Sun\Java\Deployment\cache\6.0\45\6c075e2d-5c2388b4 High

10/9/2012 3:54:04 PM Deleted Trojan program Exploit.Java.CVE-2010-4452.a C:\Documents and Settings\David Colon-Smith\Application Data\Sun\Java\Deployment\cache\6.0\45\6c075e2d-7402ad10 High

[Maniac]

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older versions of Java components and upgrade the application.

Upgrading Java :

Please download JavaRa to your desktop and unzip it to its own folder

• Run JavaRa.exe, then click Remove JRE.
  
• Run the built-in uninstallers for all copies of java listed
  
• Click the Next button
  
• Click the Next button again
  
• Click the Java Manual Download link
  
• A browser window will open with the Java download page
  
• Click the Windows Offline (32-bit) or Windows Offline (64-bit) link to download Java (based on your browser type)
  
• Run the installer
  
• Close JavaRa

[cycle1]

I performed all of the steps above, and I now have a new version of Java. How should I proceed from here?

[Maniac]

Please try to update Malwarebytes' Anti-Malware again.

[cycle1]

I tried to update Malwarebytes again, but the Invalid Argument error reoccurred. I then went back to the forum post that I mentioned earlier, and now I have the definitions below:

Date: 10/8/2012 10:28:27 AM

Database version: v2012.10.08.05

Fingerprints loaded: 326408

[Maniac]

But you still couldn't update to the v2012.10.11?

[cycle1]

Not through Malwarebytes itself, I couldn't. I think my network settings are messed up, but it's another software program because issues like these have been happening from quite some time before this.

[Maniac]

Step 1

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

• Flush DNS
  
• Report IE Proxy Settings
  
• Reset IE Proxy Settings
  
• Report FF Proxy Settings
  
• Reset FF Proxy Settings
  
• List content of Hosts
  
• List IP configuration
  
• List Winsock Entries
  
• List last 10 Event Viewer log
  
• List Installed Programs
  
• List Devices
  
• List Users, Partitions and Memory size.
  
• List Minidump Files
  

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Step 2

Please download Farbar Service Scanner and run it on the computer with the issue.

• Make sure the following options are checked:
  • Internet Services
    
  • Windows Firewall
    
  • System Restore
    
  • Security Center
    
  • Windows Update

  [*]Press "Scan".

  [*]It will create a log (FSS.txt) in the same directory the tool is run.

  [*]Please copy and paste the log to your reply.

In your next reply, post the following log files:

• MiniToolBox log
  
• Farbar Service Scanner log

[cycle1]

I ran both programs, and below are their respective log files:

MiniToolBox by Farbar Version: 23-07-2012

Ran by David (administrator) on 12-10-2012 at 09:00:56

Microsoft Windows XP Professional Service Pack 3 (X86)

Boot Mode: Normal

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.

No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Disconnected)

1394 Net Adapter = 1394 Connection (Disconnected)

Intel® PRO/Wireless 2200BG Network Connection = Wireless Network Connection (Connected)

# ----------------------------------

# Interface IP Configuration

# ----------------------------------

pushd interface ip

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp

set dns name="Wireless Network Connection" source=dhcp register=PRIMARY

set wins name="Wireless Network Connection" source=dhcp

popd

# End of interface IP configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : DFG1FS91

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Peer-Peer

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Wireless Network Connection:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel® PRO/Wireless 2200BG Network Connection

Physical Address. . . . . . . . . : 00-16-6F-44-EC-55

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 10.190.20.168

Subnet Mask . . . . . . . . . . . : 255.255.248.0

Default Gateway . . . . . . . . . : 10.190.16.1

DHCP Server . . . . . . . . . . . : 1.1.1.5

DNS Servers . . . . . . . . . . . : 152.3.72.100

152.3.70.100

Lease Obtained. . . . . . . . . . : Friday, October 12, 2012 8:56:30 AM

Lease Expires . . . . . . . . . . : Friday, October 12, 2012 9:26:30 AM

Server: rsv-bc-fitzcachedns.oit.duke.edu

Address: 152.3.72.100

Name: google.com

Addresses: 74.125.140.139, 74.125.140.100, 74.125.140.101, 74.125.140.102

74.125.140.113, 74.125.140.138

Pinging google.com [74.125.137.101] with 32 bytes of data:

Reply from 74.125.137.101: bytes=32 time=18ms TTL=49

Reply from 74.125.137.101: bytes=32 time=21ms TTL=49

Ping statistics for 74.125.137.101:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 18ms, Maximum = 21ms, Average = 19ms

Server: rsv-bc-fitzcachedns.oit.duke.edu

Address: 152.3.72.100

Name: yahoo.com

Addresses: 98.138.253.109, 98.139.183.24, 72.30.38.140

Pinging yahoo.com [72.30.38.140] with 32 bytes of data:

Reply from 72.30.38.140: bytes=32 time=445ms TTL=52

Reply from 72.30.38.140: bytes=32 time=557ms TTL=52

Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 445ms, Maximum = 557ms, Average = 501ms

Server: rsv-bc-fitzcachedns.oit.duke.edu

Address: 152.3.72.100

Name: bleepingcomputer.com

Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Request timed out.

Request timed out.

Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================

Interface List

0x1 ........................... MS TCP Loopback interface

0x20002 ...00 16 6f 44 ec 55 ...... Intel® PRO/Wireless 2200BG Network Connection - Packet Scheduler Miniport

===========================================================================

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 10.190.16.1 10.190.20.168 25

10.190.16.0 255.255.248.0 10.190.20.168 10.190.20.168 25

10.190.20.168 255.255.255.255 127.0.0.1 127.0.0.1 25

10.255.255.255 255.255.255.255 10.190.20.168 10.190.20.168 25

127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1

169.254.0.0 255.255.0.0 10.190.20.168 10.190.20.168 20

224.0.0.0 240.0.0.0 10.190.20.168 10.190.20.168 25

255.255.255.255 255.255.255.255 10.190.20.168 10.190.20.168 1

Default Gateway: 10.190.16.1

===========================================================================

Persistent Routes:

None

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)

Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)

Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)

Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)

Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

Catalog9 18 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

Catalog9 19 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:

==================

Error: (10/12/2012 08:57:29 AM) (Source: NativeWrapper) (User: )

Description: visualstudio7x80updatemsiexec.exe1.0.1705.5046kb26563701033643finstallx865.1.2600.2.3.0.2560

Error: (10/12/2012 08:57:28 AM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY

Description: Product: Microsoft .NET Framework 1.1 - Update '{A38B334A-A0A2-436D-BAA0-34FE5E517E44}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2656370-X86\NDP1.1sp1-KB2656370-X86-msi.0.log.

Error: (10/12/2012 08:57:25 AM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY

Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.

Error: (10/12/2012 01:32:22 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2187

Error: (10/12/2012 01:32:22 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 2187

Error: (10/12/2012 01:32:22 AM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/11/2012 06:05:05 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 13406

Error: (10/11/2012 06:05:05 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 13406

Error: (10/11/2012 06:05:05 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/11/2012 08:51:44 AM) (Source: NativeWrapper) (User: )

Description: visualstudio7x80updatemsiexec.exe1.0.1705.5046kb26563701033643finstallx865.1.2600.2.3.0.2560

System errors:

=============

Error: (10/12/2012 08:58:41 AM) (Source: Windows Update Agent) (User: )

Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656370).

Error: (10/12/2012 08:56:29 AM) (Source: Dhcp) (User: )

Description: The IP address lease 192.168.1.2 for the Network Card with network address 00166F44EC55 has been

denied by the DHCP server 1.1.1.5 (The DHCP Server sent a DHCPNACK message).

Error: (10/12/2012 08:56:11 AM) (Source: Service Control Manager) (User: )

Description: Timeout (30000 milliseconds) waiting for a transaction response from the WZCSVC service.

Error: (10/11/2012 10:13:35 PM) (Source: Dhcp) (User: )

Description: The IP address lease 192.168.1.2 for the Network Card with network address 00166F44EC55 has been

denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

Error: (10/11/2012 06:44:36 PM) (Source: Dhcp) (User: )

Description: The IP address lease 10.190.20.168 for the Network Card with network address 00166F44EC55 has been

denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

Error: (10/11/2012 06:04:47 PM) (Source: W32Time) (User: )

Description: The time provider NtpClient is configured to acquire time from one or more

time sources, however none of the sources are currently accessible.

No attempt to contact a source will be made for 14 minutes.

NtpClient has no source of accurate time.

Error: (10/11/2012 06:04:47 PM) (Source: W32Time) (User: )

Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually

configured peer 'time-a.nist.gov,0x1'. NtpClient will try the DNS lookup again in 15

minutes.

The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (10/11/2012 06:04:47 PM) (Source: W32Time) (User: )

Description: The time provider NtpClient is configured to acquire time from one or more

time sources, however none of the sources are currently accessible.

No attempt to contact a source will be made for 14 minutes.

NtpClient has no source of accurate time.

Error: (10/11/2012 06:04:47 PM) (Source: W32Time) (User: )

Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually

configured peer 'time-a.nist.gov,0x1'. NtpClient will try the DNS lookup again in 15

minutes.

The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (10/11/2012 03:21:49 PM) (Source: W32Time) (User: )

Description: The time provider NtpClient is configured to acquire time from one or more

time sources, however none of the sources are currently accessible.

No attempt to contact a source will be made for 14 minutes.

NtpClient has no source of accurate time.

Microsoft Office Sessions:

=========================

Error: (10/12/2012 08:57:29 AM) (Source: NativeWrapper)(User: )

Description: visualstudio7x80updatemsiexec.exe1.0.1705.5046kb26563701033643finstallx865.1.2600.2.3.0.2560

Error: (10/12/2012 08:57:28 AM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY

Description: Microsoft .NET Framework 1.1{A38B334A-A0A2-436D-BAA0-34FE5E517E44}1603C:\WINDOWS\TEMP\NDP1.1sp1-KB2656370-X86\NDP1.1sp1-KB2656370-X86-msi.0.log(NULL)

Error: (10/12/2012 08:57:25 AM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY

Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.(NULL)(NULL)(NULL)(NULL)

Error: (10/12/2012 01:32:22 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2187

Error: (10/12/2012 01:32:22 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 2187

Error: (10/12/2012 01:32:22 AM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/11/2012 06:05:05 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 13406

Error: (10/11/2012 06:05:05 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: m->NextScheduledEvent 13406

Error: (10/11/2012 06:05:05 PM) (Source: Bonjour Service)(User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/11/2012 08:51:44 AM) (Source: NativeWrapper)(User: )

Description: visualstudio7x80updatemsiexec.exe1.0.1705.5046kb26563701033643finstallx865.1.2600.2.3.0.2560

=========================== Installed Programs ============================

32 Bit HP BiDi Channel Components Installer (Version: 1.1.0.2)

7-Zip 4.65

924PLC32 (Version: 1.0.0)

ABBYY FineReader 6.0 Sprint (Version: 6.00.1395.41612)

Adobe Flash Player 10 Plugin (Version: 10.2.152.26)

Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)

Adobe Reader X (Version: 10.0.0)

Adobe SVG Viewer 3.0 (Version: 3.0)

AOLIcon (Version: 1.00.0000)

Apple Application Support (Version: 1.4.0)

Apple Mobile Device Support (Version: 3.3.0.69)

Apple Software Update (Version: 2.1.2.120)

Applian FLV Player (Version: 2.0.24)

Audacity 1.2.6

AutoCAD 2010 - English (Version: 18.0.55.0)

AutoCAD 2010 Language Pack - English (Version: 18.0.55.0)

BASIC Stamp Editor v2.2 (Version: 2.2.0.0)

BASIC Stamp Editor v2.5.2 (Version: 2.5.2)

Bejeweled 2 Deluxe (Version: 09/20/2005 11:53 AM)

Blackhawk Striker 2 (Version: 09/20/2005 11:54 AM)

BlueJ 2.2.1

Bluetooth Stack for Windows by Toshiba (Version: v3.03.02(D))

Bonjour (Version: 2.0.4.0)

Broadcom Management Programs (Version: 8.65.05)

Bryce 5.5c

Caché in C:\InterSystems\Cache (Version: 2008.1.0.401.0)

CCleaner (Version: 3.05)

CinepPlayer 30 Update

Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)

Conexant HDA D110 MDC V.92 Modem

Corel Paint Shop Pro X (Version: 10.0)

Corel Photo Album 6 (Version: 6.00)

CVS Photo Editor Plus (Version: 1.20.0000)

Dark GDK

DAZ|Studio1.8.1.5

Dell CinePlayer (Version: 3.0)

Dell Digital Jukebox Driver

Dell Driver Reset Tool (Version: 1.02.0000)

Dell Game Console

Dell Media Experience (Version: 3.1)

Dell Photo AIO Printer 924

Dell Support Center (Version: 2.0.07311)

Dell System Restore (Version: 2.00.0000)

Dell Wireless WLAN Card (Version: 4.100.15.8)

DellSupport (Version: 6.0.3062)

Digital Line Detect (Version: 1.15)

DrawPlus 3.0

DyynoPlayer 0.8.6f (Version: 0.8.6f)

EarthLink setup files (Version: 2005.1.47.0)

ELIcon (Version: 1.00.0000)

ESET Online Scanner v3

Game Creators Dark GDK (Version: 1.0.0)

GameSpy Arcade

Get High Speed Internet! (Version: 1.00.0000)

Google Chrome (Version: 21.0.1180.89)

Google Desktop (Version: -)

Google Talk (remove only)

Google Talk Plugin (Version: 3.6.1.9117)

Google Toolbar for Internet Explorer (Version: 1.0.0)

Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)

Google Update Helper (Version: 1.3.21.123)

Graphical Analysis 3.2 (Version: 3.2)

Intel® Graphics Media Accelerator Driver for Mobile (Version: 6.14.10.4410)

Intel® PROSet/Wireless Software (Version: 9.00.0000)

Internal Network Card Power Management (Version: 1.7.2)

iTunes (Version: 10.1.0.54)

Java 2 Runtime Environment, SE v1.4.2_03 (Version: 1.4.2_03)

Java 7 Update 7 (Version: 7.0.70)

Java Auto Updater (Version: 2.1.9.0)

Java 6 Update 3 (Version: 1.6.0.30)

Java SE Development Kit 6 (Version: 1.6.0.0)

Java SE Runtime Environment 6 (Version: 1.6.0.0)

LAME v3.98.2 for Audacity

Lazer Tankz

Learn2 Player (Uninstall Only)

LoggerPro 3.2 (Version: 3.20.000)

Macromedia Shockwave Player

Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)

mCore (Version: 1.19.0000)

mDrWiFi (Version: 1.19.0000)

mHlpDell (Version: 1.19.0000)

Microsoft .NET Framework 1.1 (Version: 1.1.4322)

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)

Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft Antimalware (Version: 3.0.8402.2)

Microsoft Application Error Reporting (Version: 12.0.6012.5000)

Microsoft Base Smart Card Cryptographic Service Provider Package

Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)

Microsoft DirectX SDK (August 2007) (Version: 9.20.1057)

Microsoft Halo

Microsoft Halo Trial

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft National Language Support Downlevel APIs

Microsoft Office Basic Edition 2003 (Version: 11.0.8173.0)

Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)

Microsoft Office Publisher 2003 (Version: 11.0.8173.0)

Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)

Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)

Microsoft Security Client (Version: 2.1.1116.0)

Microsoft Security Essentials (Version: 2.1.1116.0)

Microsoft Silverlight (Version: 5.1.10411.0)

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Express Edition - ENU

Microsoft Visual C++ 2008 Express Edition - ENU (Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 8.0 Support DLLs (Version: 1.0.0)

Microsoft Web Publishing Wizard 1.52

Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework (Version: 3.5.21022)

Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 (Version: 6.1.5288.17011)

Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (Version: 6.1.5288.17011)

mIWA (Version: 1.19.0000)

mIWCA (Version: 1.19.0000)

mLogView (Version: 1.19.0000)

mMHouse (Version: 1.19.0000)

Modem Helper (Version: 3.01)

Mouse Suite for Laptop Computers (Version: 1.00.0000)

mPfMgr (Version: 1.19.0000)

mPfWiz (Version: 1.19.0000)

mProSafe (Version: 9.00.0000)

MSDN Library for Microsoft Visual Studio 2008 Express Editions

MSDN Library for Microsoft Visual Studio 2008 Express Editions (Version: 9.0.21022)

MSN

mSSO (Version: 1.19.0000)

MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)

MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)

MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)

MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)

MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)

msxml4 (Version: 1.0.0)

mToolkit (Version: 1.19.0000)

Musicmatch for Windows Media Player (Version: 0.00.000)

Musicmatch® Jukebox (Version: 10.10.0097)

mWlsSafe (Version: 9.00.0000)

mXML (Version: 1.19.0000)

MySQL Server 5.0 (Version: 5.0.51b)

mZConfig (Version: 1.19.0000)

NetBeans IDE 6.1

NetWaiting (Version: 2.5.23)

NetZeroInstallers (Version: 1.0.0)

Newsletter Tutorial - Space Invaders Part I (Version: )

Notepad App

OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)

Photo Click (Version: 1.0.0)

Prism Video Converter

PuTTY version 0.60 (Version: 0.60)

QtSpim (Version: 9.0.1)

Qualxserve Service Agreement (Version: 1.10.0000)

Quartus II 9.1sp2 Web Edition (Version: 9.1sp2)

QuickSet (Version: 7.0.10)

QuickTime (Version: 7.68.75.0)

RealPlayer Basic

Rhapsody Player Engine (Version: 1.0.2.636)

Rhinoceros 4.0 Evaluation (Version: 4.0.30827)

Roxio DLA (Version: 5.2.0)

Roxio Express Labeler (Version: 2.1.0)

Roxio MyDVD LE (Version: 6.1.6)

Roxio RecordNow Audio (Version: 2.0.4)

Roxio RecordNow Copy (Version: 2.0.4)

Roxio RecordNow Data (Version: 2.0.4)

Search Assist (Version: 1.00.0000)

Sentinel System Driver

Sonic Activation Module (Version: 1.0)

Sonic Update Manager (Version: 3.0.0)

Spybot - Search & Destroy 1.4 (Version: 1.4)

Streamripper (Remove only)

StumbleUpon IE Toolbar (Version: 3.23)

Synaptics Pointing Device Driver (Version: 14.0.3.0)

TabbedPaneDemo

TabComponentsDemo

The Print Shop 12

TomTom HOME 2.7.6.2056 (Version: 2.7.6.2056)

TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)

Try Corel Snapfire muvee autoProducer add on (Version: 1.00.0000)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)

Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)

Update for Windows Internet Explorer 8 (KB973874) (Version: 1)

Update for Windows Internet Explorer 8 (KB976662) (Version: 1)

Update for Windows Internet Explorer 8 (KB976749) (Version: 1)

Update for Windows Internet Explorer 8 (KB980182) (Version: 1)

Update for Windows XP (KB2541763) (Version: 1)

Update for Windows XP (KB2607712) (Version: 1)

Update for Windows XP (KB2616676) (Version: 1)

Update for Windows XP (KB2641690) (Version: 1)

Update for Windows XP (KB2661254-v2) (Version: 2)

Update for Windows XP (KB2718704) (Version: 1)

Update for Windows XP (KB2736233) (Version: 1)

Update for Windows XP (KB2749655) (Version: 1)

URL Assistant

VLC media player 1.1.5 (Version: 1.1.5)

Watchtower Library 2011 - English (Version: 13.0)

WebEx

WebFldrs XP (Version: 9.50.7523)

WildTangent Web Driver

Windows Driver Package - FTDI CDM Driver Package (07/12/2010 2.08.02) (Version: 07/12/2010 2.08.02)

Windows Driver Package - Parallax Inc CDM Driver Package - Bus & VCP Driver (07/12/2010 2.08.02) (Version: 07/12/2010 2.08.02)

Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)

Windows Imaging Component (Version: 3.0.0.0)

Windows Installer 3.1 (KB893803)

Windows Internet Explorer 8 (Version: 20090308.140743)

Windows Management Framework Core

Windows Media Encoder 9 Series

Windows Media Encoder 9 Series (Version: 9.00.2980)

Windows Media Format 11 runtime

Windows Media Player 10 (Version: 9.00.3636)

Windows Media Player 11

Windows XP Service Pack 3 (Version: 20080414.031525)

WinRAR archiver

XML Paper Specification Shared Components Pack 1.0

XoftSpySE (Version: 6.0.0.0)

========================= Devices: ================================

Name: Broadcom 440x 10/100 Integrated Controller

Description: Broadcom 440x 10/100 Integrated Controller

Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}

Manufacturer: Broadcom

Service: bcm4sbxp

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 1394 Net Adapter

Description: 1394 Net Adapter

Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}

Manufacturer: Microsoft

Service: NIC1394

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Synaptics PS/2 Port Pointing Device

Description: Synaptics PS/2 Port Pointing Device

Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}

Manufacturer: Synaptics

Service: i8042prt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.

========================= Memory info: ===================================

Percentage of memory in use: 65%

Total physical RAM: 1015.37 MB

Available physical RAM: 348.85 MB

Total Pagefile: 2436.86 MB

Available Pagefile: 1640.31 MB

Total Virtual: 2047.88 MB

Available Virtual: 1970.95 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:50.83 GB) (Free:3.35 GB) NTFS

========================= Users: ========================================

User accounts for \\DFG1FS91

Administrator D2 David

Guest HelpAssistant Ivy

SUPPORT_388945a0

========================= Minidump Files ==================================

C:\WINDOWS\Minidump\Mini060712-01.dmp

C:\WINDOWS\Minidump\Mini083112-01.dmp

C:\WINDOWS\Minidump\Mini100112-01.dmp

C:\WINDOWS\Minidump\Mini101112-01.dmp

**** End of log ****

Farbar Service Scanner Version: 07-10-2012

Ran by David (administrator) on 12-10-2012 at 09:02:23

Running from "C:\Documents and Settings\David Colon-Smith\Desktop"

Microsoft Windows XP Professional Service Pack 3 (X86)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo IP is accessible.

Yahoo.com is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

System Restore:

============

System Restore Disabled Policy:

========================

Security Center:

============

Windows Update:

============

Windows Autoupdate Disabled Policy:

============================

File Check:

========

C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit

C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit

C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit

C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit

C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit

C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit

C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit

C:\WINDOWS\system32\netman.dll => MD5 is legit

C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit

C:\WINDOWS\system32\srsvc.dll => MD5 is legit

C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit

C:\WINDOWS\system32\wscsvc.dll => MD5 is legit

C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit

C:\WINDOWS\system32\wuauserv.dll => MD5 is legit

C:\WINDOWS\system32\qmgr.dll => MD5 is legit

C:\WINDOWS\system32\es.dll => MD5 is legit

C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit

C:\WINDOWS\system32\svchost.exe => MD5 is legit

C:\WINDOWS\system32\rpcss.dll => MD5 is legit

C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:

=======

Bridge(14) BridgeMP(13) Gpc(6) IPSec(4) IWCA(10) MPFIREWL(3) NetBT(5) PSched(7) s24trans(8) Tcpip(3)

0x0F000000040000000100000002000000030000000F00000005000000060000000700000008000000090000000A0000000B0000000C0000000D0000000E000000

IpSec Tag value is correct.

**** End of log ****

[Maniac]

They looks correct. Is there any progress after them?

[cycle1]

I'm still unable to update Malwarebytes after running the two programs from before. Should I try something else?

[Maniac]

That's very strange, so my suggestion is to contact the help desk at Consumer Support. Let them know about this thread, so they could find more information.