arkhaan

Enable malicious website blocking box greys out and cannot be checked

6 posts in this topic

I am using Malwarebytes Anti-malware PRO with the latest defintions and my "Enable malicious website blocking" feature randomly disables itself when I am online(though never when I'm offline) Also I cannot check the "Enable malicious website blocking" box when this happens. Only when I reboot does the feature become re-enabled again. I have no way of telling if I have some kind of virus or malware or not. It happens randomly but only when I'm online. Have repartitioned, reformatted my hard drive numourous times and reinstalled windows, even put a new array of hard disks in and reinstalled Windows XP Pro SP3 but the problem persists. Have done numourous scans with Kaspersky 2013 and Malwarebytes Anti-malware software as well as Malwarebytes rootkit beta software and come up with a "clean bill of health" yet the problem persists.

Please someone help me determine what the problem is and if it -is- or is -not- a virus or malware. I am sick of this happening. :wacko::excl:

Share this post


Link to post
Share on other sites

Please run the Check Tool and DDS Logs tool below and ATTACH your results so someone can review them so we can see if we can tell what is going on...

Please post an mbam-check log:

Create an mbam-check log:

  • Download mbam-check.exe from here and save it to your desktop
  • Double-click on mbam-check.exe to run it, it should then open a log file
  • Please attach the CheckResults.txt file which should now be located on your desktop to your next reply

Next, Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop

dds.scr

dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr or dds.com to run the tool, on Vista or Win 7 right click and select Run as administrator

Click the Run button if prompted with an Open File - Security Warning dialog box.

A black DOS console should open and run for a moment.


  • When done, DDS will open two (2) logs:
  1. DDS.txt
  2. Attach.txt

  • Save both reports to your desktop
  • Please include the following logs in your next reply: DDS.txt and Attach.txt
    You can ignore the note about zipping the Attach.txt file in most cases.

Share this post


Link to post
Share on other sites

Please run the Check Tool and DDS Logs tool below and ATTACH your results so someone can review them so we can see if we can tell what is going on...

Please post an mbam-check log:

Create an mbam-check log:

  • Download mbam-check.exe from here and save it to your desktop
  • Double-click on mbam-check.exe to run it, it should then open a log file
  • Please attach the CheckResults.txt file which should now be located on your desktop to your next reply

Next, Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop

dds.scr

dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr or dds.com to run the tool, on Vista or Win 7 right click and select Run as administrator

Click the Run button if prompted with an Open File - Security Warning dialog box.

A black DOS console should open and run for a moment.


  • When done, DDS will open two (2) logs:

    1. DDS.txt
    2. Attach.txt



  • Save both reports to your desktop
  • Please include the following logs in your next reply: DDS.txt and Attach.txt
    You can ignore the note about zipping the Attach.txt file in most cases.

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702

Run by matolis at 9:25:47 on 2013-03-31

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1301 [GMT -5:00]

.

AV: Kaspersky Internet Security *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

AV: Lavasoft Ad-Aware *Disabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}

FW: Lavasoft Ad-Aware *Disabled*

FW: Kaspersky Internet Security *Disabled*

.

============== Running Processes ================

.

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Creative\Shared Files\CTAudSvc.exe

C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe

C:\WINDOWS\CTHELPER.EXE

C:\WINDOWS\system32\CTXFIHLP.EXE

C:\Program Files\Razer\razertra.exe

C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe

C:\Documents and Settings\All Users\Application Data\Search Protection\SearchProtection.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\WINDOWS\SYSTEM32\CTXFISPI.EXE

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe

C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

mStart Page = about:blank

uURLSearchHooks: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\contentblocker\ie_content_blocker_plugin.dll

BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll

BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll

BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\onlinebanking\online_banking_bho.dll

BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\urladvisor\klwtbbho.dll

TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll

mRun: [CTHelper] CTHELPER.EXE

mRun: [updReg] c:\windows\UpdReg.EXE

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k

mRun: [CTxfiHlp] CTXFIHLP.EXE

mRun: [razertra] c:\program files\razer\razertra.exe

mRun: [Ad-Aware Browsing Protection] "c:\documents and settings\all users\application data\ad-aware browsing protection\adawarebp.exe"

mRun: [searchProtection] c:\documents and settings\all users\application data\search protection\_run.bat

mRun: [Ad-Aware Antivirus] "c:\program files\ad-aware antivirus\AdAwareLauncher" --windows-run

mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2013\avp.exe"

mRunOnce: [Z1] cmd /c "e:\mbar-1.01.0.1021\mbar\mbar.exe" /cleanup /s

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoDriveTypeAutoRun = dword:28

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll

IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2013\ieext\urladvisor\klwtbbho.dll

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1363374798406

Notify: AtiExtEvent - Ati2evxx.dll

Notify: klogon - c:\windows\system32\klogon.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

============= SERVICES / DRIVERS ===============

.

R0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2013-3-25 13560]

R0 kl1;kl1;c:\windows\system32\drivers\kl1.sys [2012-6-19 136024]

R0 SI3112r;Silicon Image SiI 3512 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [2013-3-15 116264]

R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2013-3-15 586584]

R1 kltdi;kltdi;c:\windows\system32\drivers\kltdi.sys [2012-6-8 43608]

R1 kneps;kneps;c:\windows\system32\drivers\kneps.sys [2012-8-13 144344]

R2 Ad-Aware Service;Ad-Aware Service;c:\program files\ad-aware antivirus\AdAwareService.exe [2013-2-21 1236336]

R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [2010-5-5 171096]

R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [2010-5-5 1324120]

R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [2010-5-5 72792]

R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\dragon age\bin_ship\daupdatersvc.service.exe [2013-3-25 25832]

R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2012-6-27 35672]

R3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\drivers\klkbdflt.sys [2012-5-25 24408]

R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2012-7-25 24920]

R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-3-31 35144]

S1 1502209drv;1502209drv;c:\windows\system32\drivers\1502209drv.sys [2013-3-20 475736]

S2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky internet security 2013\avp.exe [2012-8-17 356376]

S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-3-15 682344]

S2 SBAMSvc;Ad-Aware;c:\program files\ad-aware antivirus\SBAMSvc.exe [2012-9-20 3677000]

S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [2013-3-17 99856]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2013-3-21 79360]

S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [2010-5-5 171096]

S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [2010-5-5 1324120]

S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [2010-5-5 72792]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-3-15 21104]

.

=============== Created Last 30 ================

.

2013-03-31 11:29:07 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2013-03-29 18:51:11 -------- d-----w- c:\documents and settings\all users\application data\EA Core

2013-03-29 18:51:06 -------- d-----w- c:\documents and settings\all users\application data\EA Logs

2013-03-29 18:02:42 -------- d--h--w- c:\program files\common files\EAInstaller

2013-03-29 18:02:22 -------- d-----w- c:\program files\NVIDIA Corporation

2013-03-29 15:37:47 107888 ----a-w- c:\windows\system32\CmdLineExt.dll

2013-03-29 09:43:44 -------- d-----w- c:\program files\Origin Games

2013-03-29 09:43:43 -------- d-----w- c:\documents and settings\matolis\local settings\application data\Origin

2013-03-29 09:43:42 -------- d-----w- c:\documents and settings\matolis\application data\Origin

2013-03-29 09:43:30 -------- d-----w- c:\documents and settings\all users\application data\Origin

2013-03-29 09:43:30 -------- d-----w- c:\documents and settings\all users\application data\Electronic Arts

2013-03-29 09:43:09 -------- d-----w- c:\program files\Origin

2013-03-29 07:52:46 -------- d-----w- c:\program files\MSXML 4.0

2013-03-29 07:38:01 -------- d-----w- c:\program files\Microsoft Games

2013-03-29 07:02:44 -------- d-----w- C:\Games

2013-03-29 06:43:03 -------- d-----w- c:\documents and settings\all users\application data\BioWare

2013-03-29 06:01:18 -------- d-----w- c:\program files\Mass Effect 2

2013-03-25 17:33:52 -------- d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP

2013-03-25 17:00:28 -------- d-----w- c:\program files\Dragon Age

2013-03-25 15:12:26 -------- d-----w- c:\program files\common files\BioWare

2013-03-25 14:54:24 -------- d-----w- c:\program files\Mass Effect

2013-03-25 07:47:23 -------- d-----w- c:\documents and settings\all users\application data\Ad-Aware Antivirus

2013-03-25 07:47:22 -------- d-----w- c:\documents and settings\matolis\application data\LavasoftStatistics

2013-03-25 07:42:35 -------- d-----w- c:\program files\Ad-Aware Antivirus

2013-03-25 07:41:55 -------- d-----w- c:\documents and settings\all users\application data\Downloaded Installations

2013-03-25 07:41:46 -------- d-----w- c:\documents and settings\matolis\local settings\application data\adawarebp

2013-03-25 07:41:46 -------- d-----w- c:\documents and settings\all users\application data\Search Protection

2013-03-25 07:41:45 -------- d-----w- c:\documents and settings\all users\application data\blekko toolbars

2013-03-25 07:41:45 -------- d-----w- c:\documents and settings\all users\application data\adawaretb

2013-03-25 07:41:43 -------- d-----w- c:\documents and settings\all users\application data\Ad-Aware Browsing Protection

2013-03-25 07:41:06 -------- d-----w- c:\program files\Toolbar Cleaner

2013-03-25 07:40:59 -------- d-----w- c:\documents and settings\matolis\application data\SecureSearch

2013-03-25 07:40:54 -------- d-----w- c:\program files\adawaretb

2013-03-25 07:40:54 -------- d-----w- c:\documents and settings\matolis\application data\adawaretb

2013-03-25 07:39:30 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys

2013-03-25 07:39:29 44424 ----a-w- c:\windows\system32\sbbd.exe

2013-03-25 07:39:19 -------- d-----w- c:\documents and settings\matolis\application data\Ad-Aware Antivirus

2013-03-21 19:31:39 -------- d-----w- c:\program files\common files\Wise Installation Wizard

2013-03-21 17:10:20 -------- d-----w- c:\documents and settings\matolis\local settings\application data\Adobe

2013-03-21 17:03:24 -------- d-----w- c:\documents and settings\matolis\local settings\application data\WMTools Downloaded Files

2013-03-21 16:51:45 57344 ----a-w- c:\windows\system32\razer.cpl

2013-03-21 16:51:45 38904 ----a-w- c:\windows\system32\drivers\razerusb.sys

2013-03-21 16:39:11 102400 ----a-w- c:\windows\system32\cttele32.dll

2013-03-21 16:39:03 -------- d-----w- c:\program files\OpenAL

2013-03-21 16:35:39 22691984 ----a-w- c:\windows\system32\AppSetup.exe

2013-03-21 16:32:07 -------- d-----w- c:\program files\common files\Creative Labs Shared

2013-03-21 07:23:19 -------- d--h--w- c:\windows\PIF

2013-03-21 03:43:37 475736 ----a-w- c:\windows\system32\drivers\1502209drv.sys

2013-03-21 02:17:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll

2013-03-21 02:17:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll

2013-03-21 02:17:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll

2013-03-21 02:17:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll

2013-03-21 02:17:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll

2013-03-21 02:17:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll

2013-03-21 02:17:23 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll

2013-03-21 02:16:48 -------- d-----w- c:\documents and settings\matolis\local settings\application data\Apple

2013-03-21 02:16:13 -------- d-----w- c:\documents and settings\matolis\local settings\application data\Apple Computer

2013-03-21 02:05:38 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-03-21 02:05:38 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-03-19 10:05:59 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll

2013-03-19 10:04:19 -------- d--h--w- c:\windows\msdownld.tmp

2013-03-19 10:04:04 -------- d-----w- c:\windows\Logs

2013-03-19 08:21:36 -------- d-----w- c:\windows\pss

2013-03-17 17:37:57 -------- d-----w- c:\documents and settings\matolis\local settings\application data\ATI

2013-03-17 17:35:23 99856 ----a-w- c:\windows\system32\drivers\AtihdXP3.sys

2013-03-17 17:33:27 -------- d-----w- C:\AMD

2013-03-17 16:48:05 -------- d-----w- c:\program files\CCleaner

2013-03-17 04:50:42 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys

2013-03-17 04:47:46 -------- d-----w- C:\USBVaccine

2013-03-16 22:19:12 -------- d-----w- c:\program files\Windows Media Connect 2

2013-03-16 22:17:59 -------- d-----w- c:\windows\system32\LogFiles

2013-03-16 03:55:05 -------- d-----w- c:\windows\system32\XPSViewer

2013-03-16 03:54:39 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll

2013-03-16 03:54:39 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2013-03-16 03:54:39 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

2013-03-16 03:54:39 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll

2013-03-16 03:54:39 575488 ------w- c:\windows\system32\xpsshhdr.dll

2013-03-16 03:54:39 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll

2013-03-16 03:54:39 1676288 ------w- c:\windows\system32\xpssvcs.dll

2013-03-16 03:54:39 117760 ------w- c:\windows\system32\prntvpt.dll

2013-03-16 03:54:38 -------- d-----w- C:\70a2473e871645d7e4

2013-03-15 21:13:51 -------- d-sh--w- c:\documents and settings\matolis\PrivacIE

2013-03-15 21:13:50 -------- d-sh--w- c:\documents and settings\matolis\IECompatCache

2013-03-15 21:05:26 -------- d-sh--w- c:\documents and settings\matolis\IETldCache

2013-03-15 19:48:31 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll

2013-03-15 19:48:02 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll

2013-03-15 19:47:43 -------- d-----w- c:\windows\ie8updates

2013-03-15 19:47:37 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

2013-03-15 19:47:37 630272 -c----w- c:\windows\system32\dllcache\msfeeds.dll

2013-03-15 19:47:37 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll

2013-03-15 19:47:37 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll

2013-03-15 19:47:37 2004992 -c----w- c:\windows\system32\dllcache\iertutil.dll

2013-03-15 19:47:37 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll

2013-03-15 19:47:37 11111424 -c----w- c:\windows\system32\dllcache\ieframe.dll

2013-03-15 19:46:34 -------- dc-h--w- c:\windows\ie8

2013-03-15 19:30:52 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys

2013-03-15 19:27:34 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll

2013-03-15 19:27:34 3072 ------w- c:\windows\system32\iacenc.dll

2013-03-15 19:25:54 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

2013-03-15 19:18:13 2193024 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe

2013-03-15 19:18:13 2148864 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe

2013-03-15 19:18:12 2027520 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe

2013-03-15 19:18:04 5120 ----a-w- c:\windows\system32\xpsp4res.dll

2013-03-15 19:17:18 272128 -c----w- c:\windows\system32\dllcache\bthport.sys

2013-03-15 19:17:18 272128 ------w- c:\windows\system32\drivers\bthport.sys

2013-03-15 19:15:53 26144 ----a-w- c:\windows\system32\spupdsvc.exe

2013-03-15 19:15:53 -------- d-----w- c:\windows\system32\PreInstall

2013-03-15 19:15:52 -------- d--h--w- c:\windows\$hf_mig$

2013-03-15 19:13:14 -------- d-sh--w- c:\documents and settings\matolis\UserData

2013-03-15 19:04:53 -------- d-----w- c:\windows\system32\SoftwareDistribution

2013-03-15 17:20:11 -------- d-----w- c:\documents and settings\matolis\application data\Malwarebytes

2013-03-15 17:19:57 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2013-03-15 17:19:56 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-15 17:19:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-03-15 17:05:28 -------- d-----w- c:\program files\Kaspersky Lab

2013-03-15 17:05:28 -------- d-----w- c:\documents and settings\all users\application data\Kaspersky Lab

2013-03-15 17:05:22 74072 ----a-w- c:\windows\system32\drivers\klflt.sys

2013-03-15 16:54:46 7062 ----a-w- c:\windows\system32\audiopid.vxd

2013-03-15 16:54:35 647872 ------w- c:\windows\system32\Mscomct2.ocx

2013-03-15 16:54:35 41984 ------w- c:\windows\Ctregrun.exe

2013-03-15 16:54:22 90112 ------w- c:\windows\Updreg.EXE

2013-03-15 16:53:52 445016 ----a-w- c:\windows\system32\wrap_oal.dll

2013-03-15 16:53:52 109144 ----a-w- c:\windows\system32\OpenAL32.dll

2013-03-15 16:53:20 10240 ----a-w- c:\windows\CTDCRES.DLL

2013-03-15 16:53:20 -------- d-----w- c:\windows\system32\Data

2013-03-15 16:52:41 -------- d-----w- c:\program files\Creative

2013-03-15 14:25:00 -------- d-sh--r- C:\acroldr

2013-03-15 10:18:57 -------- d--h--w- c:\windows\system32\GroupPolicy

2013-03-15 09:19:52 0 ----a-w- c:\windows\ativpsrm.bin

2013-03-15 09:12:59 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll

2013-03-15 09:12:59 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll

2013-03-15 09:12:59 225280 ----a-w- c:\program files\common files\installshield\iscript\iscript.dll

2013-03-15 09:12:59 212992 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ILog.dll

2013-03-15 09:12:59 176128 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll

2013-03-15 09:03:45 -------- d-----w- c:\documents and settings\matolis\local settings\application data\ApplicationHistory

2013-03-15 09:02:50 -------- d-----w- c:\windows\system32\URTTemp

2013-03-15 08:55:46 19240 ----a-r- c:\windows\system32\drivers\SiWinAcc.sys

2013-03-15 08:55:46 118824 ----a-r- c:\windows\system32\SilSupp.dll

2013-03-15 08:55:46 116264 ----a-r- c:\windows\system32\drivers\SI3112r.sys

2013-03-15 08:35:32 117248 ----a-r- c:\windows\system32\drivers\viamraid.sys

2013-03-15 08:18:56 27904 ----a-w- c:\windows\system32\drivers\VIAAGP1.SYS

2013-03-15 08:18:52 -------- d-----w- c:\windows\system32\ReinstallBackups

2013-03-15 08:18:29 306688 ----a-w- c:\windows\IsUninst.exe

2013-03-15 08:18:21 -------- d-----w- c:\documents and settings\matolis\WINDOWS

2013-03-15 08:15:05 5824 ----a-w- c:\windows\system32\drivers\ASUSHWIO.SYS

.

==================== Find3M ====================

.

2013-03-15 16:35:09 43608 ----a-w- c:\windows\system32\drivers\kltdi.sys

2013-03-15 16:35:08 24920 ----a-w- c:\windows\system32\drivers\klmouflt.sys

2013-03-15 16:35:08 24408 ----a-w- c:\windows\system32\drivers\klkbdflt.sys

2013-02-12 00:32:23 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-02-06 10:48:44 81920 ------w- c:\windows\system32\ieencode.dll

2013-02-05 20:05:47 916480 ----a-w- c:\windows\system32\wininet.dll

2013-02-05 20:05:46 43520 ------w- c:\windows\system32\licmgr10.dll

2013-02-05 20:05:46 1469440 ------w- c:\windows\system32\inetcpl.cpl

2013-02-05 05:53:57 385024 ------w- c:\windows\system32\html.iec

2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll

2013-01-07 01:16:02 2193024 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-01-07 00:36:58 2069760 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-01-04 01:20:00 1867264 ----a-w- c:\windows\system32\win32k.sys

2013-01-02 06:49:10 148992 ----a-w- c:\windows\system32\mpg2splt.ax

2013-01-02 06:49:10 1292288 ----a-w- c:\windows\system32\quartz.dll

.

============= FINISH: 9:26:17.46 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 3/15/2013 2:16:14 AM

System Uptime: 3/31/2013 4:44:32 AM (5 hours ago)

.

Motherboard: ASUSTeK Computer Inc. | | K8V

Processor: AMD Athlon™ 64 Processor 3200+ | Socket 754 | 2002/200mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 932 GiB total, 842.117 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 75 GiB total, 73.998 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}

Description: AMD High Definition Audio Device

Device ID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1001\5&2D021E0F&0&0001

Manufacturer: Advanced Micro Devices

Name: AMD High Definition Audio Device

PNP Device ID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1001\5&2D021E0F&0&0001

Service: AtiHDAudioService

.

Class GUID: {4D36E97B-E325-11CE-BFC1-08002BE10318}

Description: VIA RAID Controller - 3149

Device ID: PCI\VEN_1106&DEV_3149&SUBSYS_80ED1043&REV_80\3&267A616A&0&78

Manufacturer: VIA Technologies, Inc.

Name: VIA RAID Controller - 3149

PNP Device ID: PCI\VEN_1106&DEV_3149&SUBSYS_80ED1043&REV_80\3&267A616A&0&78

Service: viamraid

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Ad-Aware Antivirus

Ad-Aware Security Add-on

Adobe Flash Player 11 ActiveX

Adobe Reader XI (11.0.02)

AMD Catalyst Install Manager

Apple Application Support

Apple Software Update

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

Creative Audio Control Panel

Creative Console Launcher

Creative Software AutoUpdate

Creative System Information

Creative WaveStudio 7

DARK VOID

Dragon Age: Origins

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB954550-v5)

Kaspersky Internet Security 2013

Malwarebytes Anti-Malware version 1.70.0.1100

Mass Effect

Mass Effect 2

Mass Effect™ 3

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2742597)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Flight Simulator X

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

NVIDIA PhysX

OpenAL

Origin

QuickTime

Razer

redist

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2744842)

Security Update for Windows Internet Explorer 8 (KB2797052)

Security Update for Windows Internet Explorer 8 (KB2809289)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows XP (KB923789)

Sound Blaster X-Fi

Two Worlds

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB2598845)

Update for Windows Internet Explorer 8 (KB2632503)

WebFldrs XP

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

.

==== Event Viewer Messages From Past Week ========

.

3/25/2013 8:13:41 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.

3/25/2013 8:13:41 AM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/25/2013 6:35:13 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Adobe Flash Player Update Service service to connect.

3/25/2013 6:35:13 AM, error: Service Control Manager [7000] - The Adobe Flash Player Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/25/2013 12:56:20 PM, error: Application Popup [877] - There was error [DATABASE OPEN FAILED] processing the driver database.

.

==== End Of File ===========================

CheckResults.txt

Share this post


Link to post
Share on other sites

I disabled mbam's realtime protection, as well as that of Kaspersky and Adaware before making these reports, as instructed, that is why the chekcResults.txt says everything is turned off, normally I keep everything fully enabled.

Share this post


Link to post
Share on other sites

The logs show that you've run MBAR and that it still has an entry for removal processing. As you continue to have issue please follow the information below.

I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue.

Thank you

Share this post


Link to post
Share on other sites

that entry for removal was from my Windows Security Center I disabled the alert for "Windows Updater" I am awair of this entry, it was a false positive, however, I will post this topic on the catagory you suggested, thank you.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.