Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

LOST Internet Connectivity


  • This topic is locked This topic is locked
25 replies to this topic

#1 srksami

srksami

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 30 December 2011 - 05:17 PM

hello, 1week ago, i browsed some website where one website said that i have no flash player and a flash player installation file was downloaded. while installing that file, my windows security essential found a virus and deleted it and i have to restart my computer. after that i lost any type of internet connectivity. my wimax modem says, failed to obtain IP. btw i have windows 7, 32bit. FYI "Broni" helped me to some extent to determine the problem and advised me to post in here. i have done so many things, like uninstalling ipv4 and reinstalling that again, reset winsock and ip etc. and then followed what Broni suggested. here is the link of my previous post.
i followed the Prep. log and now posting the results:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Rashed at 2:05:16 on 2011-12-31
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2036.897 [GMT 6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\crypserv.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\QUBEE WCM\GPCommonService.exe
C:\Windows\system32\svchost.exe -k bthaudiosvc
F:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
C:\Windows\system32\NLSSRV32.EXE
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\Program Files\Zoom\bin\MonServiceUDisk.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Freecorder\FLVSrvc.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
F:\Program Files\iTunes\iTunesHelper.exe
F:\Program Files\Internet Download Manager\IDMan.exe
C:\Users\Rashed\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\QUBEE WCM\QUBEE WCM.exe
C:\Users\Rashed\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\QUBEE WCM\wimax\WmMMgr.exe
C:\Windows\system32\conhost.exe
F:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\CometBird\cometbird.exe
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.msn.com
uSearch Bar = Preserve
mStart Page = hxxp://eis.esnips.com/page/search/?client_uuid=bda82ac0-85c3-4b48-b0d2-41fde8d1391d
mSearch Page = hxxp://www.msn.com
uInternet Settings,ProxyOverride = local;*.local
mURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFre0.dll
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit,
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - f:\program files\internet download manager\IDMIECC.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFre0.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - No File
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: ChromeFrame BHO: {ecb3c477-1a0a-44bd-bb57-78f9efe34fa7} - c:\program files\google\chrome frame\application\16.0.912.63\npchrome_frame.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFre0.dll
TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
uRun: [<NO NAME>]
uRun: [IDMan] f:\program files\internet download manager\IDMan.exe /onboot
uRun: [Google Update] "c:\users\rashed\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Facebook Update] "c:\users\rashed\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [HW_OPENEYE_OUC_PC Suite For Android Handset] "f:\program files\pc suite for android handset\updatedog\ouc.exe"
uRun: [QUBEE WCM] "c:\program files\qubee wcm\QUBEE WCM.exe" minimized
mRun: [StillImageMonitor] C:\W
mRun: [ScanRegistry] C:\W
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [WheelMouse] c:\program files\a4tech\mouse\Amoumain.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Freecorder FLV Service] "c:\program files\freecorder\FLVSrvc.exe" /run
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "f:\program files\itunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: c:\users\rashed\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\rashed\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\virtua~1.lnk - c:\windows\installer\{8db05f7e-1f7a-4cc0-882f-375b97f04cd4}\_E6D9769DD20AF384865041.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Download all links with IDM - f:\program files\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - f:\program files\internet download manager\IEGetVL.htm
IE: Download with IDM - f:\program files\internet download manager\IEExt.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - c:\program files\google\chrome frame\application\16.0.912.63\npchrome_frame.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-6-18 165648]
R1 MpKsl7ac6a362;MpKsl7ac6a362;c:\programdata\microsoft\microsoft antimalware\definition updates\{a7b9dc56-068b-4934-9dca-44327271e8a0}\MpKsl7ac6a362.sys [2011-12-30 29904]
R2 GPCommonService;GPCommonService;c:\program files\qubee wcm\GPCommonService.exe [2011-12-25 90112]
R2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe -k bthaudiosvc [2009-7-14 20992]
R2 MTKWMPROT;MediaTek WiMAX Modem Protocol Driver;c:\windows\system32\drivers\mtkwmptv.sys [2011-12-25 15360]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;f:\program files\nitro pdf\professional\NitroPDFDriverService.exe [2010-6-24 196928]
R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2010-6-24 65856]
R2 UDisk Monitor;UDisk Monitor;c:\program files\zoom\bin\MonServiceUDisk.exe [2011-12-23 266240]
R3 AVHybrid;AVHybrid service;c:\windows\system32\drivers\AVHybrid.sys [2005-4-29 999680]
R3 BthAudioHF;BthAudioHF Service;c:\windows\system32\drivers\BthAudioHF.sys [2009-12-21 43008]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\drivers\BthAvrcp.sys [2009-8-13 22528]
R3 btmhsf;btmhsf;c:\windows\system32\drivers\btmhsf.sys [2011-7-19 225280]
R3 csr_a2dp;Bluetooth AV Profile;c:\windows\system32\drivers\bthav.sys [2009-12-21 61952]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\drivers\iBtFltCoex.sys [2011-7-20 47104]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-29 20464]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]
S0 PCGenFAM;PCGenFAM;c:\windows\system32\drivers\PCGenFAM.sys [2011-1-11 181704]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-18 135664]
S2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2011-2-12 85768]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-12-29 652872]
S2 Virtual Router;VirtualRouterService;"f:\program files\virtual router\virtualrouterservice.exe" --> f:\program files\virtual router\VirtualRouterService.exe [?]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\smhwadb.sys [2011-6-21 25728]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\bitcomet\tools\bitcometservice.exe -service --> c:\program files\bitcomet\tools\BitCometService.exe -service [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-12-18 135664]
S3 IKFileSec;File Security Driver;c:\windows\system32\drivers\ikfilesec.sys [2011-12-23 40840]
S3 IKSysFlt;System Filter Driver;c:\windows\system32\drivers\iksysflt.sys [2011-12-23 66952]
S3 IKSysSec;System Security Driver;c:\windows\system32\drivers\iksyssec.sys [2011-12-23 81288]
S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [2010-3-10 25112]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2009-6-18 43392]
S3 MT7118VU;MediaTek MT7118 WiMAX USB Card Driver for VISTA;c:\windows\system32\drivers\mt7118vu.sys [2011-5-6 131072]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-2-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-2-26 8320]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2011-6-17 16472]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2011-6-17 11104]
S3 sdAuxService;PC Tools Auxiliary Service;f:\program files\spyware doctor\pctsAuxs.exe [2011-12-23 356920]
S3 sdCoreService;PC Tools Security Service;f:\program files\spyware doctor\pctsSvc.exe [2011-12-23 1079176]
S3 smhwdev;SmartPhone dummy USB PNP Device (Normal);c:\windows\system32\drivers\smhwdev.sys [2011-7-15 100864]
S3 smhwser;USB Device for Legacy Serial Communication (Normal);c:\windows\system32\drivers\smhwser.sys [2011-7-15 108032]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S3 ztemtusbser;ZTEMT Legacy Serial Communication;c:\windows\system32\drivers\CT_ZTEMT_U_USBSER.sys [2011-12-23 105472]
S4 SolutoService;Soluto PCGenome Core Service;c:\program files\soluto\SolutoService.exe [2010-11-1 331296]
.
=============== Created Last 30 ================
.
2011-12-30 17:48:04 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{a7b9dc56-068b-4934-9dca-44327271e8a0}\MpKsl7ac6a362.sys
2011-12-30 17:48:02 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{a7b9dc56-068b-4934-9dca-44327271e8a0}\offreg.dll
2011-12-28 19:57:55 6823496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{a7b9dc56-068b-4934-9dca-44327271e8a0}\mpengine.dll
2011-12-28 19:11:41 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-28 19:02:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-28 19:01:39 -------- d-----w- c:\users\rashed\appdata\roaming\Malwarebytes
2011-12-28 19:01:26 -------- d-----w- c:\programdata\Malwarebytes
2011-12-27 20:35:39 -------- d-----w- c:\program files\iPod
2011-12-27 20:31:45 -------- d-----w- c:\program files\Bonjour
2011-12-25 19:59:00 -------- d-----w- c:\users\rashed\appdata\roaming\foobar2000
2011-12-25 07:32:13 15360 ----a-w- c:\windows\system32\drivers\mtkwmptv.sys
2011-12-25 07:32:06 -------- d-----w- c:\program files\QUBEE WCM
2011-12-25 06:58:10 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-12-23 13:46:15 105472 ----a-w- c:\windows\system32\drivers\CT_ZTEMT_U_USBSER.sys
2011-12-23 13:46:02 -------- d-----w- c:\program files\Zoom
2011-12-23 06:30:05 81288 ----a-w- c:\windows\system32\drivers\iksyssec.sys
2011-12-23 06:30:05 66952 ----a-w- c:\windows\system32\drivers\iksysflt.sys
2011-12-23 06:30:05 40840 ----a-w- c:\windows\system32\drivers\ikfilesec.sys
2011-12-23 06:30:05 29576 ----a-w- c:\windows\system32\drivers\kcom.sys
2011-12-23 06:29:38 -------- d-----w- c:\users\rashed\appdata\roaming\PC Tools
2011-12-18 16:25:45 -------- d-----w- c:\program files\Trend Micro
2011-12-16 12:38:23 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-16 12:36:37 3901808 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-16 12:36:36 3957104 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-16 12:36:16 2340352 ----a-w- c:\windows\system32\win32k.sys
2011-12-16 12:36:15 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-16 12:35:46 38912 ----a-w- c:\windows\system32\csrsrv.dll
.
==================== Find3M ====================
.
2011-12-04 19:06:43 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-02 23:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll
.
============= FINISH: 2:06:01.51 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:53 AM

Posted 05 January 2012 - 05:30 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/435408 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:53 AM

Posted 06 January 2012 - 12:21 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

In order for me to see the status of the infection I will need a new set of logs to start with.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.

Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 srksami

srksami
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 07 January 2012 - 12:16 PM

here are the logs:
DDS
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Rashed at 15:40:04 on 2012-01-07
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2036.1053 [GMT 6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\crypserv.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\QUBEE WCM\GPCommonService.exe
C:\Windows\system32\svchost.exe -k bthaudiosvc
F:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
C:\Windows\system32\NLSSRV32.EXE
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Zoom\bin\MonServiceUDisk.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Freecorder\FLVSrvc.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
F:\Program Files\iTunes\iTunesHelper.exe
F:\Program Files\Internet Download Manager\IDMan.exe
C:\Users\Rashed\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Rashed\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\QUBEE WCM\QUBEE WCM.exe
C:\Users\Rashed\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
F:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\QUBEE WCM\wimax\WmMMgr.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.msn.com
uSearch Bar = Preserve
mStart Page = hxxp://eis.esnips.com/page/search/?client_uuid=bda82ac0-85c3-4b48-b0d2-41fde8d1391d
mSearch Page = hxxp://www.msn.com
uInternet Settings,ProxyOverride = local;*.local
mURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFre0.dll
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit,
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - f:\program files\internet download manager\IDMIECC.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFre0.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - No File
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: ChromeFrame BHO: {ecb3c477-1a0a-44bd-bb57-78f9efe34fa7} - c:\program files\google\chrome frame\application\16.0.912.63\npchrome_frame.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\prxtbFre0.dll
TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
uRun: [<NO NAME>]
uRun: [IDMan] f:\program files\internet download manager\IDMan.exe /onboot
uRun: [Google Update] "c:\users\rashed\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Facebook Update] "c:\users\rashed\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [HW_OPENEYE_OUC_PC Suite For Android Handset] "f:\program files\pc suite for android handset\updatedog\ouc.exe"
uRun: [QUBEE WCM] "c:\program files\qubee wcm\QUBEE WCM.exe" minimized
mRun: [StillImageMonitor] C:\W
mRun: [ScanRegistry] C:\W
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [WheelMouse] c:\program files\a4tech\mouse\Amoumain.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Freecorder FLV Service] "c:\program files\freecorder\FLVSrvc.exe" /run
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "f:\program files\itunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: c:\users\rashed\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\rashed\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\virtua~1.lnk - c:\windows\installer\{8db05f7e-1f7a-4cc0-882f-375b97f04cd4}\_E6D9769DD20AF384865041.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Download all links with IDM - f:\program files\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - f:\program files\internet download manager\IEGetVL.htm
IE: Download with IDM - f:\program files\internet download manager\IEExt.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - c:\program files\google\chrome frame\application\16.0.912.63\npchrome_frame.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PCGenFAM;PCGenFAM;c:\windows\system32\drivers\PCGenFAM.sys [2011-1-11 181704]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-6-18 165648]
R1 MpKsl395cad1d;MpKsl395cad1d;c:\programdata\microsoft\microsoft antimalware\definition updates\{a7b9dc56-068b-4934-9dca-44327271e8a0}\MpKsl395cad1d.sys [2012-1-6 29904]
R2 GPCommonService;GPCommonService;c:\program files\qubee wcm\GPCommonService.exe [2011-12-25 90112]
R2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe -k bthaudiosvc [2009-7-14 20992]
R2 MTKWMPROT;MediaTek WiMAX Modem Protocol Driver;c:\windows\system32\drivers\mtkwmptv.sys [2011-12-25 15360]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;f:\program files\nitro pdf\professional\NitroPDFDriverService.exe [2010-6-24 196928]
R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2010-6-24 65856]
R2 UDisk Monitor;UDisk Monitor;c:\program files\zoom\bin\MonServiceUDisk.exe [2011-12-23 266240]
R3 AVHybrid;AVHybrid service;c:\windows\system32\drivers\AVHybrid.sys [2005-4-29 999680]
R3 BthAudioHF;BthAudioHF Service;c:\windows\system32\drivers\BthAudioHF.sys [2009-12-21 43008]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\drivers\BthAvrcp.sys [2009-8-13 22528]
R3 btmhsf;btmhsf;c:\windows\system32\drivers\btmhsf.sys [2011-7-19 225280]
R3 csr_a2dp;Bluetooth AV Profile;c:\windows\system32\drivers\bthav.sys [2009-12-21 61952]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\drivers\iBtFltCoex.sys [2011-7-20 47104]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-29 20464]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-18 135664]
S2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2011-2-12 85768]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-12-29 652872]
S2 Virtual Router;VirtualRouterService;"f:\program files\virtual router\virtualrouterservice.exe" --> f:\program files\virtual router\VirtualRouterService.exe [?]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\smhwadb.sys [2011-6-21 25728]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\bitcomet\tools\bitcometservice.exe -service --> c:\program files\bitcomet\tools\BitCometService.exe -service [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-12-18 135664]
S3 IKFileSec;File Security Driver;c:\windows\system32\drivers\ikfilesec.sys [2011-12-23 40840]
S3 IKSysFlt;System Filter Driver;c:\windows\system32\drivers\iksysflt.sys [2011-12-23 66952]
S3 IKSysSec;System Security Driver;c:\windows\system32\drivers\iksyssec.sys [2011-12-23 81288]
S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [2010-3-10 25112]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2009-6-18 43392]
S3 MT7118VU;MediaTek MT7118 WiMAX USB Card Driver for VISTA;c:\windows\system32\drivers\mt7118vu.sys [2011-5-6 131072]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 65024]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-2-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-2-26 8320]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2011-6-17 16472]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2011-6-17 11104]
S3 sdAuxService;PC Tools Auxiliary Service;f:\program files\spyware doctor\pctsAuxs.exe [2011-12-23 356920]
S3 sdCoreService;PC Tools Security Service;f:\program files\spyware doctor\pctsSvc.exe [2011-12-23 1079176]
S3 smhwdev;SmartPhone dummy USB PNP Device (Normal);c:\windows\system32\drivers\smhwdev.sys [2011-7-15 100864]
S3 smhwser;USB Device for Legacy Serial Communication (Normal);c:\windows\system32\drivers\smhwser.sys [2011-7-15 108032]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S3 ztemtusbser;ZTEMT Legacy Serial Communication;c:\windows\system32\drivers\CT_ZTEMT_U_USBSER.sys [2011-12-23 105472]
S4 SolutoService;Soluto PCGenome Core Service;c:\program files\soluto\SolutoService.exe [2010-11-1 331296]
.
=============== Created Last 30 ================
.
2012-01-06 17:56:36 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{a7b9dc56-068b-4934-9dca-44327271e8a0}\MpKsl395cad1d.sys
2012-01-06 17:56:35 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{a7b9dc56-068b-4934-9dca-44327271e8a0}\offreg.dll
2011-12-28 19:57:55 6823496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{a7b9dc56-068b-4934-9dca-44327271e8a0}\mpengine.dll
2011-12-28 19:11:41 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-28 19:02:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-28 19:01:39 -------- d-----w- c:\users\rashed\appdata\roaming\Malwarebytes
2011-12-28 19:01:26 -------- d-----w- c:\programdata\Malwarebytes
2011-12-27 20:35:39 -------- d-----w- c:\program files\iPod
2011-12-27 20:31:45 -------- d-----w- c:\program files\Bonjour
2011-12-25 19:59:00 -------- d-----w- c:\users\rashed\appdata\roaming\foobar2000
2011-12-25 07:32:13 15360 ----a-w- c:\windows\system32\drivers\mtkwmptv.sys
2011-12-25 07:32:06 -------- d-----w- c:\program files\QUBEE WCM
2011-12-25 06:58:10 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-12-23 13:46:15 105472 ----a-w- c:\windows\system32\drivers\CT_ZTEMT_U_USBSER.sys
2011-12-23 13:46:02 -------- d-----w- c:\program files\Zoom
2011-12-23 06:30:05 81288 ----a-w- c:\windows\system32\drivers\iksyssec.sys
2011-12-23 06:30:05 66952 ----a-w- c:\windows\system32\drivers\iksysflt.sys
2011-12-23 06:30:05 40840 ----a-w- c:\windows\system32\drivers\ikfilesec.sys
2011-12-23 06:30:05 29576 ----a-w- c:\windows\system32\drivers\kcom.sys
2011-12-23 06:29:38 -------- d-----w- c:\users\rashed\appdata\roaming\PC Tools
2011-12-18 16:25:45 -------- d-----w- c:\program files\Trend Micro
2011-12-16 12:38:23 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-16 12:36:37 3901808 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-16 12:36:36 3957104 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-16 12:36:16 2340352 ----a-w- c:\windows\system32\win32k.sys
2011-12-16 12:36:15 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-16 12:35:46 38912 ----a-w- c:\windows\system32\csrsrv.dll
.
==================== Find3M ====================
.
2011-12-04 19:06:43 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 15:40:44.30 ===============

ATTACH:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 06-Nov-09 10:36:48 AM
System Uptime: 06-Jan-12 11:56:04 PM (16 hours ago)
.
Motherboard: Intel Corporation | | DG31PR
Processor: Pentium® Dual-Core CPU E5300 @ 2.60GHz | J3E1 | 2599/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 40 GiB total, 10.1 GiB free.
D: is FIXED (NTFS) - 40 GiB total, 16.71 GiB free.
E: is FIXED (NTFS) - 40 GiB total, 9.527 GiB free.
F: is FIXED (NTFS) - 29 GiB total, 12.799 GiB free.
G: is FIXED (NTFS) - 29 GiB total, 26.529 GiB free.
H: is FIXED (FAT32) - 29 GiB total, 23.101 GiB free.
I: is FIXED (FAT32) - 30 GiB total, 13.176 GiB free.
J: is Removable
K: is FIXED (FAT32) - 31 GiB total, 10.905 GiB free.
L: is FIXED (FAT32) - 29 GiB total, 24.948 GiB free.
M: is FIXED (NTFS) - 1000 GiB total, 183.987 GiB free.
N: is CDROM ()
P: is FIXED (NTFS) - 397 GiB total, 167.329 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslec5ca013
Device ID: ROOT\LEGACY_MPKSLEC5CA013\0000
Manufacturer:
Name: MpKslec5ca013
PNP Device ID: ROOT\LEGACY_MPKSLEC5CA013\0000
Service: MpKslec5ca013
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslabe8dab8
Device ID: ROOT\LEGACY_MPKSLABE8DAB8\0000
Manufacturer:
Name: MpKslabe8dab8
PNP Device ID: ROOT\LEGACY_MPKSLABE8DAB8\0000
Service: MpKslabe8dab8
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl69d890bb
Device ID: ROOT\LEGACY_MPKSL69D890BB\0000
Manufacturer:
Name: MpKsl69d890bb
PNP Device ID: ROOT\LEGACY_MPKSL69D890BB\0000
Service: MpKsl69d890bb
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl5d1edbf2
Device ID: ROOT\LEGACY_MPKSL5D1EDBF2\0000
Manufacturer:
Name: MpKsl5d1edbf2
PNP Device ID: ROOT\LEGACY_MPKSL5D1EDBF2\0000
Service: MpKsl5d1edbf2
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl3dc306c5
Device ID: ROOT\LEGACY_MPKSL3DC306C5\0000
Manufacturer:
Name: MpKsl3dc306c5
PNP Device ID: ROOT\LEGACY_MPKSL3DC306C5\0000
Service: MpKsl3dc306c5
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl0c871ed4
Device ID: ROOT\LEGACY_MPKSL0C871ED4\0000
Manufacturer:
Name: MpKsl0c871ed4
PNP Device ID: ROOT\LEGACY_MPKSL0C871ED4\0000
Service: MpKsl0c871ed4
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00005601-0000-1000-8000-0002EE000001}_VID&00010001_PID&00A3\7&149057CB&0&00266953EDA1_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00005601-0000-1000-8000-0002EE000001}_VID&00010001_PID&00A3\7&149057CB&0&00266953EDA1_C00000000
Service:
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Bluetooth Device (Personal Area Network)
Device ID: BTH\MS_BTHPAN\6&32A08B10&0&2
Manufacturer: Microsoft
Name: Bluetooth Device (Personal Area Network) #2
PNP Device ID: BTH\MS_BTHPAN\6&32A08B10&0&2
Service: BthPan
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_VID&00010001_PID&0015\7&149057CB&0&001D983166D7_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_VID&00010001_PID&0015\7&149057CB&0&001D983166D7_C00000000
Service:
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsled259c09
Device ID: ROOT\LEGACY_MPKSLED259C09\0000
Manufacturer:
Name: MpKsled259c09
PNP Device ID: ROOT\LEGACY_MPKSLED259C09\0000
Service: MpKsled259c09
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl5224fe88
Device ID: ROOT\LEGACY_MPKSL5224FE88\0000
Manufacturer:
Name: MpKsl5224fe88
PNP Device ID: ROOT\LEGACY_MPKSL5224FE88\0000
Service: MpKsl5224fe88
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsle0aa4af0
Device ID: ROOT\LEGACY_MPKSLE0AA4AF0\0000
Manufacturer:
Name: MpKsle0aa4af0
PNP Device ID: ROOT\LEGACY_MPKSLE0AA4AF0\0000
Service: MpKsle0aa4af0
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslc14c04a4
Device ID: ROOT\LEGACY_MPKSLC14C04A4\0000
Manufacturer:
Name: MpKslc14c04a4
PNP Device ID: ROOT\LEGACY_MPKSLC14C04A4\0000
Service: MpKslc14c04a4
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl8939b4d5
Device ID: ROOT\LEGACY_MPKSL8939B4D5\0000
Manufacturer:
Name: MpKsl8939b4d5
PNP Device ID: ROOT\LEGACY_MPKSL8939B4D5\0000
Service: MpKsl8939b4d5
.
Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318}
Description: Bluetooth Hands-free Audio Device
Device ID: BTHENUM\{0000111E-0000-1000-8000-00805F9B34FB}_LOCALMFG&000A\7&149057CB&0&004152200352_C00000000
Manufacturer: CSR plc
Name: T909SD (Mono Audio)
PNP Device ID: BTHENUM\{0000111E-0000-1000-8000-00805F9B34FB}_LOCALMFG&000A\7&149057CB&0&004152200352_C00000000
Service: BthAudioHF
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00005557-0000-1000-8000-0002EE000001}_VID&00010001_PID&00A3\7&149057CB&0&00266953EDA1_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00005557-0000-1000-8000-0002EE000001}_VID&00010001_PID&00A3\7&149057CB&0&00266953EDA1_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_LOCALMFG&000A\7&149057CB&0&002547C199E9_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_LOCALMFG&000A\7&149057CB&0&002547C199E9_C00000000
Service:
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsle204033f
Device ID: ROOT\LEGACY_MPKSLE204033F\0000
Manufacturer:
Name: MpKsle204033f
PNP Device ID: ROOT\LEGACY_MPKSLE204033F\0000
Service: MpKsle204033f
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl8a82e24c
Device ID: ROOT\LEGACY_MPKSL8A82E24C\0000
Manufacturer:
Name: MpKsl8a82e24c
PNP Device ID: ROOT\LEGACY_MPKSL8A82E24C\0000
Service: MpKsl8a82e24c
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl7a4d03cf
Device ID: ROOT\LEGACY_MPKSL7A4D03CF\0000
Manufacturer:
Name: MpKsl7a4d03cf
PNP Device ID: ROOT\LEGACY_MPKSL7A4D03CF\0000
Service: MpKsl7a4d03cf
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl409a8fa5
Device ID: ROOT\LEGACY_MPKSL409A8FA5\0000
Manufacturer:
Name: MpKsl409a8fa5
PNP Device ID: ROOT\LEGACY_MPKSL409A8FA5\0000
Service: MpKsl409a8fa5
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl0ee5966e
Device ID: ROOT\LEGACY_MPKSL0EE5966E\0000
Manufacturer:
Name: MpKsl0ee5966e
PNP Device ID: ROOT\LEGACY_MPKSL0EE5966E\0000
Service: MpKsl0ee5966e
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsldbc3554a
Device ID: ROOT\LEGACY_MPKSLDBC3554A\0000
Manufacturer:
Name: MpKsldbc3554a
PNP Device ID: ROOT\LEGACY_MPKSLDBC3554A\0000
Service: MpKsldbc3554a
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslcd87fefd
Device ID: ROOT\LEGACY_MPKSLCD87FEFD\0000
Manufacturer:
Name: MpKslcd87fefd
PNP Device ID: ROOT\LEGACY_MPKSLCD87FEFD\0000
Service: MpKslcd87fefd
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl033c46a4
Device ID: ROOT\LEGACY_MPKSL033C46A4\0000
Manufacturer:
Name: MpKsl033c46a4
PNP Device ID: ROOT\LEGACY_MPKSL033C46A4\0000
Service: MpKsl033c46a4
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_VID&00010001_PID&00A3\7&149057CB&0&00266953EDA1_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_VID&00010001_PID&00A3\7&149057CB&0&00266953EDA1_C00000000
Service:
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslfc2bfa2d
Device ID: ROOT\LEGACY_MPKSLFC2BFA2D\0000
Manufacturer:
Name: MpKslfc2bfa2d
PNP Device ID: ROOT\LEGACY_MPKSLFC2BFA2D\0000
Service: MpKslfc2bfa2d
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslf081027e
Device ID: ROOT\LEGACY_MPKSLF081027E\0000
Manufacturer:
Name: MpKslf081027e
PNP Device ID: ROOT\LEGACY_MPKSLF081027E\0000
Service: MpKslf081027e
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsldc99b1cc
Device ID: ROOT\LEGACY_MPKSLDC99B1CC\0000
Manufacturer:
Name: MpKsldc99b1cc
PNP Device ID: ROOT\LEGACY_MPKSLDC99B1CC\0000
Service: MpKsldc99b1cc
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl6b0d1b87
Device ID: ROOT\LEGACY_MPKSL6B0D1B87\0000
Manufacturer:
Name: MpKsl6b0d1b87
PNP Device ID: ROOT\LEGACY_MPKSL6B0D1B87\0000
Service: MpKsl6b0d1b87
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl434c9664
Device ID: ROOT\LEGACY_MPKSL434C9664\0000
Manufacturer:
Name: MpKsl434c9664
PNP Device ID: ROOT\LEGACY_MPKSL434C9664\0000
Service: MpKsl434c9664
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00000004-0000-1000-8000-0002EE000002}_LOCALMFG&000A\7&149057CB&0&002547C199E9_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00000004-0000-1000-8000-0002EE000002}_LOCALMFG&000A\7&149057CB&0&002547C199E9_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00005005-0000-1000-8000-0002EE000001}_LOCALMFG&000A\7&149057CB&0&002547C199E9_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00005005-0000-1000-8000-0002EE000001}_LOCALMFG&000A\7&149057CB&0&002547C199E9_C00000000
Service:
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslf176336a
Device ID: ROOT\LEGACY_MPKSLF176336A\0000
Manufacturer:
Name: MpKslf176336a
PNP Device ID: ROOT\LEGACY_MPKSLF176336A\0000
Service: MpKslf176336a
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsldcd453cc
Device ID: ROOT\LEGACY_MPKSLDCD453CC\0000
Manufacturer:
Name: MpKsldcd453cc
PNP Device ID: ROOT\LEGACY_MPKSLDCD453CC\0000
Service: MpKsldcd453cc
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslc4a5fef1
Device ID: ROOT\LEGACY_MPKSLC4A5FEF1\0000
Manufacturer:
Name: MpKslc4a5fef1
PNP Device ID: ROOT\LEGACY_MPKSLC4A5FEF1\0000
Service: MpKslc4a5fef1
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl580767dd
Device ID: ROOT\LEGACY_MPKSL580767DD\0000
Manufacturer:
Name: MpKsl580767dd
PNP Device ID: ROOT\LEGACY_MPKSL580767DD\0000
Service: MpKsl580767dd
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_VID&00010001_PID&0038\7&149057CB&0&001FDF569480_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_VID&00010001_PID&0038\7&149057CB&0&001FDF569480_C00000000
Service:
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl6b6f57a6
Device ID: ROOT\LEGACY_MPKSL6B6F57A6\0000
Manufacturer:
Name: MpKsl6b6f57a6
PNP Device ID: ROOT\LEGACY_MPKSL6B6F57A6\0000
Service: MpKsl6b6f57a6
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl4505b7e2
Device ID: ROOT\LEGACY_MPKSL4505B7E2\0000
Manufacturer:
Name: MpKsl4505b7e2
PNP Device ID: ROOT\LEGACY_MPKSL4505B7E2\0000
Service: MpKsl4505b7e2
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl36ebe847
Device ID: ROOT\LEGACY_MPKSL36EBE847\0000
Manufacturer:
Name: MpKsl36ebe847
PNP Device ID: ROOT\LEGACY_MPKSL36EBE847\0000
Service: MpKsl36ebe847
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslddf03de0
Device ID: ROOT\LEGACY_MPKSLDDF03DE0\0000
Manufacturer:
Name: MpKslddf03de0
PNP Device ID: ROOT\LEGACY_MPKSLDDF03DE0\0000
Service: MpKslddf03de0
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl8d8ea414
Device ID: ROOT\LEGACY_MPKSL8D8EA414\0000
Manufacturer:
Name: MpKsl8d8ea414
PNP Device ID: ROOT\LEGACY_MPKSL8D8EA414\0000
Service: MpKsl8d8ea414
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl64c78cde
Device ID: ROOT\LEGACY_MPKSL64C78CDE\0000
Manufacturer:
Name: MpKsl64c78cde
PNP Device ID: ROOT\LEGACY_MPKSL64C78CDE\0000
Service: MpKsl64c78cde
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_VID&00000000_PID&C039\7&149057CB&0&001FE4D83558_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_VID&00000000_PID&C039\7&149057CB&0&001FE4D83558_C00000000
Service:
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslc6f16ada
Device ID: ROOT\LEGACY_MPKSLC6F16ADA\0000
Manufacturer:
Name: MpKslc6f16ada
PNP Device ID: ROOT\LEGACY_MPKSLC6F16ADA\0000
Service: MpKslc6f16ada
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslb7c5de61
Device ID: ROOT\LEGACY_MPKSLB7C5DE61\0000
Manufacturer:
Name: MpKslb7c5de61
PNP Device ID: ROOT\LEGACY_MPKSLB7C5DE61\0000
Service: MpKslb7c5de61
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsla3287824
Device ID: ROOT\LEGACY_MPKSLA3287824\0000
Manufacturer:
Name: MpKsla3287824
PNP Device ID: ROOT\LEGACY_MPKSLA3287824\0000
Service: MpKsla3287824
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl5a6889ba
Device ID: ROOT\LEGACY_MPKSL5A6889BA\0000
Manufacturer:
Name: MpKsl5a6889ba
PNP Device ID: ROOT\LEGACY_MPKSL5A6889BA\0000
Service: MpKsl5a6889ba
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00005601-0000-1000-8000-0002EE000001}_LOCALMFG&000A\7&149057CB&0&002547C199E9_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00005601-0000-1000-8000-0002EE000001}_LOCALMFG&000A\7&149057CB&0&002547C199E9_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_VID&00010001_PID&0038\7&149057CB&0&002265BC5783_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_VID&00010001_PID&0038\7&149057CB&0&002265BC5783_C00000000
Service:
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslc6fac3b9
Device ID: ROOT\LEGACY_MPKSLC6FAC3B9\0000
Manufacturer:
Name: MpKslc6fac3b9
PNP Device ID: ROOT\LEGACY_MPKSLC6FAC3B9\0000
Service: MpKslc6fac3b9
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl91192285
Device ID: ROOT\LEGACY_MPKSL91192285\0000
Manufacturer:
Name: MpKsl91192285
PNP Device ID: ROOT\LEGACY_MPKSL91192285\0000
Service: MpKsl91192285
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl66ae12d7
Device ID: ROOT\LEGACY_MPKSL66AE12D7\0000
Manufacturer:
Name: MpKsl66ae12d7
PNP Device ID: ROOT\LEGACY_MPKSL66AE12D7\0000
Service: MpKsl66ae12d7
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl39e8c82b
Device ID: ROOT\LEGACY_MPKSL39E8C82B\0000
Manufacturer:
Name: MpKsl39e8c82b
PNP Device ID: ROOT\LEGACY_MPKSL39E8C82B\0000
Service: MpKsl39e8c82b
.
Class GUID:
Description:
Device ID: AVSTREAM\LVTUNER#PCI#VEN_1131&DEV_7130&SUBSYS_210118D0\5&1DA620C9&0&0
Manufacturer:
Name:
PNP Device ID: AVSTREAM\LVTUNER#PCI#VEN_1131&DEV_7130&SUBSYS_210118D0\5&1DA620C9&0&0
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_VID&00010001_PID&00CF\7&149057CB&0&0CDDEFCAEB6E_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_VID&00010001_PID&00CF\7&149057CB&0&0CDDEFCAEB6E_C00000000
Service:
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslde6deb0c
Device ID: ROOT\LEGACY_MPKSLDE6DEB0C\0000
Manufacturer:
Name: MpKslde6deb0c
PNP Device ID: ROOT\LEGACY_MPKSLDE6DEB0C\0000
Service: MpKslde6deb0c
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl816d421a
Device ID: ROOT\LEGACY_MPKSL816D421A\0000
Manufacturer:
Name: MpKsl816d421a
PNP Device ID: ROOT\LEGACY_MPKSL816D421A\0000
Service: MpKsl816d421a
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl15b2a820
Device ID: ROOT\LEGACY_MPKSL15B2A820\0000
Manufacturer:
Name: MpKsl15b2a820
PNP Device ID: ROOT\LEGACY_MPKSL15B2A820\0000
Service: MpKsl15b2a820
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00005005-0000-1000-8000-0002EE000001}_VID&00010001_PID&00A3\7&149057CB&0&00266953EDA1_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00005005-0000-1000-8000-0002EE000001}_VID&00010001_PID&00A3\7&149057CB&0&00266953EDA1_C00000000
Service:
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl69030903
Device ID: ROOT\LEGACY_MPKSL69030903\0000
Manufacturer:
Name: MpKsl69030903
PNP Device ID: ROOT\LEGACY_MPKSL69030903\0000
Service: MpKsl69030903
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl3c0ff98d
Device ID: ROOT\LEGACY_MPKSL3C0FF98D\0000
Manufacturer:
Name: MpKsl3c0ff98d
PNP Device ID: ROOT\LEGACY_MPKSL3C0FF98D\0000
Service: MpKsl3c0ff98d
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl092fc65d
Device ID: ROOT\LEGACY_MPKSL092FC65D\0000
Manufacturer:
Name: MpKsl092fc65d
PNP Device ID: ROOT\LEGACY_MPKSL092FC65D\0000
Service: MpKsl092fc65d
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslbd64db1a
Device ID: ROOT\LEGACY_MPKSLBD64DB1A\0000
Manufacturer:
Name: MpKslbd64db1a
PNP Device ID: ROOT\LEGACY_MPKSLBD64DB1A\0000
Service: MpKslbd64db1a
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl967d77e2
Device ID: ROOT\LEGACY_MPKSL967D77E2\0000
Manufacturer:
Name: MpKsl967d77e2
PNP Device ID: ROOT\LEGACY_MPKSL967D77E2\0000
Service: MpKsl967d77e2
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl3db81b93
Device ID: ROOT\LEGACY_MPKSL3DB81B93\0000
Manufacturer:
Name: MpKsl3db81b93
PNP Device ID: ROOT\LEGACY_MPKSL3DB81B93\0000
Service: MpKsl3db81b93
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsldf639f8f
Device ID: ROOT\LEGACY_MPKSLDF639F8F\0000
Manufacturer:
Name: MpKsldf639f8f
PNP Device ID: ROOT\LEGACY_MPKSLDF639F8F\0000
Service: MpKsldf639f8f
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKslc834adb3
Device ID: ROOT\LEGACY_MPKSLC834ADB3\0000
Manufacturer:
Name: MpKslc834adb3
PNP Device ID: ROOT\LEGACY_MPKSLC834ADB3\0000
Service: MpKslc834adb3
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl87545773
Device ID: ROOT\LEGACY_MPKSL87545773\0000
Manufacturer:
Name: MpKsl87545773
PNP Device ID: ROOT\LEGACY_MPKSL87545773\0000
Service: MpKsl87545773
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl75e8a00b
Device ID: ROOT\LEGACY_MPKSL75E8A00B\0000
Manufacturer:
Name: MpKsl75e8a00b
PNP Device ID: ROOT\LEGACY_MPKSL75E8A00B\0000
Service: MpKsl75e8a00b
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl17be2c11
Device ID: ROOT\LEGACY_MPKSL17BE2C11\0000
Manufacturer:
Name: MpKsl17be2c11
PNP Device ID: ROOT\LEGACY_MPKSL17BE2C11\0000
Service: MpKsl17be2c11
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: MpKsl0c85d9ea
Device ID: ROOT\LEGACY_MPKSL0C85D9EA\0000
Manufacturer:
Name: MpKsl0c85d9ea
PNP Device ID: ROOT\LEGACY_MPKSL0C85D9EA\0000
Service: MpKsl0c85d9ea
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00001204-0000-1000-8000-00805F9B34FB}_LOCALMFG&000A\7&149057CB&0&002491DB78E5_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00001204-0000-1000-8000-00805F9B34FB}_LOCALMFG&000A\7&149057CB&0&002491DB78E5_C00000000
Service:
.
==== System Restore Points ===================
.
RP1042: 05-Jan-12 6:21:37 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
2X-Office 7.80
7-Zip 9.10 beta
A² Studios' ICC Cricket World Cup 2011 Patch
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop Lightroom 3.2
Adobe Shockwave Player 11.5
Aiseesoft DVD Converter Suite
All My Movies 6.3 FULL (GOTD)
AmiBroker 5.20
Angry Birds
Angry Birds Rio
Angry Birds Seasons
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AviSynth 2.5
BitComet 1.27
Bonjour
CCleaner
Code of Honor 2 (1.0)
CometBird 7.0.1 (x86 en-US)
Conduit Engine
ConvertXtoDVD 4.0.3.304
CuteFTP 8 Professional
D3DX10
Document Express DjVu Plug-in
Dropbox
Dziobas Rar Player 0.009.39
Facebook Plug-In
Facebook Video Calling 1.0.0.8953
foobar2000 v1.1.9
Foxit Reader 5.0
Foxit Toolbar
Freecorder 4.0 Application
Freecorder 5
Freecorder Toolbar
GoldWave v5.25
GOM Player
Google Book Downloader
Google Chrome
Google Chrome Frame
Google Earth Plug-in
Google Talk Plugin
Google Update Helper
HashCheck Shell Extension (x86-32)
HijackThis 2.0.2
HP USB Disk Storage Format Tool
Intel® Graphics Media Accelerator Driver
Intel® TV Wizard
Internet Download Manager
iTunes
Java Auto Updater
Java DB 10.6.2.1
Java™ 6 Update 29
Java™ 6 Update 5
Java™ SE Development Kit 6 Update 25
Junk Mail filter update
K-Lite Codec Pack 7.0.0 (Full)
LG USB Modem driver
Lyrics Plugin for Windows Media Player
MagicTunePremium
Malwarebytes Anti-Malware version 1.60.0.1800
MCCI®Firmware Update Driver for MTK
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MiniTool Partition Wizard Home Edition 6.0
MKVtoolnix 2.9.8
Movie Label 2011 v6.0.1
MSVC80_x86
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MultiScreen
neroxml
Nitro PDF Professional
Nokia Connectivity Cable Driver
Nokia Ovi Suite
Nokia Ovi Suite Software Updater
Nokia Software Updater
Ovi Desktop Sync Engine
OviMPlatform
PC Connectivity Solution
Phone Remote Control
Photodex Presenter
PhotoFiltre Studio
Picasa 3
PlayReady PC Runtime x86
Profita 2.1.1
ProShow Producer
QUBEE WiMAX Connection Manager
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealUpgrade 1.1
Recover My Files
Samsung_MonSetup
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB982135)
Skype™ 5.1
Soluto
Speccy
Spyware Doctor 6.0
Subtitle Edit v3.0
Switch Uninstall
Terrorist Takedown: War in Colombia
TextPad 4.7
The Complete CR Patch
think-cell
ThinkVD Android Video Converter
UltraISO Premium V9.36
Universal Document Converter (Demo)
Uno - Undercover
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Virtua Tennis 4™
VLC media player 1.1.5
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Winrar 3.93
WinRAR archiver
Xilisoft HD Video Converter
XMedia Recode 1.0.1.1
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Zoom
.
==== Event Viewer Messages From Past Week ========
.
31-Dec-11 2:38:11 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
31-Dec-11 2:38:11 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
31-Dec-11 2:38:11 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
31-Dec-11 2:38:11 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
31-Dec-11 2:38:11 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
31-Dec-11 2:38:11 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
31-Dec-11 2:38:11 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
31-Dec-11 2:38:11 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
31-Dec-11 2:38:11 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
07-Jan-12 3:24:10 PM, Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The account specified for this service is different from the account specified for other services running in the same process.
07-Jan-12 3:24:10 PM, Error: Service Control Manager [7000] - The DHCP Client service failed to start due to the following error: The account specified for this service is different from the account specified for other services running in the same process.
07-Jan-12 2:46:35 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
07-Jan-12 2:46:35 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
07-Jan-12 2:46:35 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
07-Jan-12 2:46:35 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
07-Jan-12 2:46:34 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
07-Jan-12 2:46:34 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
07-Jan-12 2:46:34 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
07-Jan-12 2:46:34 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
07-Jan-12 2:46:34 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
07-Jan-12 12:06:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
07-Jan-12 12:06:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
07-Jan-12 12:06:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
07-Jan-12 12:06:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
07-Jan-12 12:06:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
07-Jan-12 12:06:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
07-Jan-12 12:06:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
07-Jan-12 12:06:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
07-Jan-12 12:06:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
07-Jan-12 12:01:10 AM, Error: Service Control Manager [7023] - The DHCP Client service terminated with the following error: The specified procedure could not be found.
07-Jan-12 12:01:10 AM, Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The specified procedure could not be found.
06-Jan-12 3:07:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
06-Jan-12 3:07:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
06-Jan-12 3:07:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
06-Jan-12 3:07:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
06-Jan-12 3:07:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
06-Jan-12 3:07:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
06-Jan-12 3:07:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
06-Jan-12 3:07:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
06-Jan-12 3:07:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
06-Jan-12 3:07:37 AM, Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The service has not been started.
06-Jan-12 11:57:00 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
06-Jan-12 11:56:43 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
06-Jan-12 11:56:43 PM, Error: Service Control Manager [7000] - The VirtualRouterService service failed to start due to the following error: The system cannot find the file specified.
06-Jan-12 11:56:39 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
06-Jan-12 11:56:39 PM, Error: Service Control Manager [7000] - The OMSCAN service failed to start due to the following error: The system cannot find the file specified.
06-Jan-12 11:56:38 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
06-Jan-12 11:56:35 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
06-Jan-12 11:56:28 PM, Error: Service Control Manager [7003] - The TCP/IP NetBIOS Helper service depends the following service: NetBT. This service might not be installed.
06-Jan-12 11:56:13 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 1 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
06-Jan-12 11:56:13 PM, Error: Microsoft-Windows-Kernel-Processor-Power [35] - Performance power management features on processor 0 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
06-Jan-12 11:46:52 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
05-Jan-12 6:19:52 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
05-Jan-12 3:13:11 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
05-Jan-12 3:13:11 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
05-Jan-12 3:13:11 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
05-Jan-12 3:13:11 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
05-Jan-12 3:13:11 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
05-Jan-12 3:13:11 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
05-Jan-12 3:13:11 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
05-Jan-12 3:13:11 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
05-Jan-12 3:13:11 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
05-Jan-12 3:03:59 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
04-Jan-12 9:47:13 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
04-Jan-12 9:47:13 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
04-Jan-12 9:47:13 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
04-Jan-12 9:47:13 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
04-Jan-12 9:47:13 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
04-Jan-12 9:47:13 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
04-Jan-12 9:47:13 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
04-Jan-12 9:47:13 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
04-Jan-12 9:47:13 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
04-Jan-12 9:36:46 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
03-Jan-12 2:29:57 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
03-Jan-12 2:29:57 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
03-Jan-12 2:29:57 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
03-Jan-12 2:29:57 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
03-Jan-12 2:29:57 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
03-Jan-12 2:29:57 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
03-Jan-12 2:29:57 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
03-Jan-12 2:29:57 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
03-Jan-12 2:29:56 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
02-Jan-12 3:45:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
02-Jan-12 3:45:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 3:45:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 3:45:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 3:45:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 3:45:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 3:45:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 3:45:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 3:45:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 3:35:53 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
02-Jan-12 3:07:01 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
02-Jan-12 3:07:01 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 3:07:01 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 3:07:01 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 3:07:01 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 3:07:01 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 3:07:01 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 3:07:01 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 3:07:01 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 2:57:10 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
02-Jan-12 2:57:06 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom PCGenFAM
02-Jan-12 2:21:59 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
02-Jan-12 2:21:59 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 2:21:59 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 2:21:59 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 2:21:59 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 2:21:59 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 2:21:59 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 2:21:59 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
02-Jan-12 2:21:59 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
01-Jan-12 11:18:30 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
01-Jan-12 11:18:30 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
01-Jan-12 11:18:30 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
01-Jan-12 11:18:30 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
01-Jan-12 11:18:30 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=187316&clcid=0x409&arch=x86&eng=2.0.7707.0&sig=10.7.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
01-Jan-12 11:18:30 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
01-Jan-12 11:18:30 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
01-Jan-12 11:18:30 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
01-Jan-12 11:18:30 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.117.1215.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=1.1.7903.0&avdelta=1.117.1215.0&asdelta=1.117.1215.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.7903.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved
01-Jan-12 11:08:41 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
.
==== End Of File ===========================

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:53 AM

Posted 07 January 2012 - 02:02 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notpade of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 srksami

srksami
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 09 January 2012 - 02:59 PM

hello, i turned of the protection of my microsoft security essencial accordingly but combofix notified that, MSE was still running. i took my own risk and continue the operation of combofix. it found a rootkit malware i think regarding TCP/IP and rebooted and finished all other operations.
1. here is the log from combofix:
ComboFix 12-01-07.03 - Rashed 08-Jan-12 23:23:25.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2036.1192 [GMT 6:00]
Running from: c:\users\Rashed\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Abbu\AppData\Roaming\IDM\idmmzcc3
c:\users\Abbu\AppData\Roaming\IDM\idmmzcc3\chrome.manifest
c:\users\Abbu\AppData\Roaming\IDM\idmmzcc3\chrome\idmmzcc.jar
c:\users\Abbu\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll
c:\users\Abbu\AppData\Roaming\IDM\idmmzcc3\components\iIDMMzCC.xpt
c:\users\Abbu\AppData\Roaming\IDM\idmmzcc3\components2\idmhelper.js
c:\users\Abbu\AppData\Roaming\IDM\idmmzcc3\components2\idmhelper2.js
c:\users\Abbu\AppData\Roaming\IDM\idmmzcc3\components2\idmmzcc.dll
c:\users\Abbu\AppData\Roaming\IDM\idmmzcc3\components2\idmmzcc64.dll
c:\users\Abbu\AppData\Roaming\IDM\idmmzcc3\components2\iIDMHelper.xpt
c:\users\Abbu\AppData\Roaming\IDM\idmmzcc3\components2\iIDMHelper2.xpt
c:\users\Abbu\AppData\Roaming\IDM\idmmzcc3\components2\iIDMMzCC.xpt
c:\users\Abbu\AppData\Roaming\IDM\idmmzcc3\install.js
c:\users\Abbu\AppData\Roaming\IDM\idmmzcc3\install.rdf
c:\users\Abbu\AppData\Roaming\IDM\idmmzcc3\META-INF\manifest.mf
c:\users\Abbu\AppData\Roaming\IDM\idmmzcc3\META-INF\zigbert.rsa
c:\users\Abbu\AppData\Roaming\IDM\idmmzcc3\META-INF\zigbert.sf
c:\users\Rashed\AppData\Local\bloson.bmp
c:\users\Rashed\AppData\Local\Bloson.exe
c:\users\Rashed\AppData\Local\ConduitInstaller.exe
c:\users\Rashed\AppData\Local\lateral1.bmp
c:\users\Rashed\AppData\Local\lateral2.bmp
c:\users\Rashed\AppData\Local\lateral3.bmp
c:\users\Rashed\AppData\Local\toolbar3.bmp
c:\users\Rashed\AppData\Roaming\FFSJ
c:\users\Rashed\AppData\Roaming\FFSJ\FFSJ.cfg
c:\users\Rashed\AppData\Roaming\IDM\idmmzcc3
c:\users\Rashed\AppData\Roaming\IDM\idmmzcc3\chrome.manifest
c:\users\Rashed\AppData\Roaming\IDM\idmmzcc3\chrome\idmmzcc.jar
c:\users\Rashed\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll
c:\users\Rashed\AppData\Roaming\IDM\idmmzcc3\components\iIDMMzCC.xpt
c:\users\Rashed\AppData\Roaming\IDM\idmmzcc3\components2\idmhelper.js
c:\users\Rashed\AppData\Roaming\IDM\idmmzcc3\components2\idmhelper2.js
c:\users\Rashed\AppData\Roaming\IDM\idmmzcc3\components2\idmmzcc.dll
c:\users\Rashed\AppData\Roaming\IDM\idmmzcc3\components2\idmmzcc64.dll
c:\users\Rashed\AppData\Roaming\IDM\idmmzcc3\components2\iIDMHelper.xpt
c:\users\Rashed\AppData\Roaming\IDM\idmmzcc3\components2\iIDMHelper2.xpt
c:\users\Rashed\AppData\Roaming\IDM\idmmzcc3\components2\iIDMMzCC.xpt
c:\users\Rashed\AppData\Roaming\IDM\idmmzcc3\install.js
c:\users\Rashed\AppData\Roaming\IDM\idmmzcc3\install.rdf
c:\users\Rashed\AppData\Roaming\IDM\idmmzcc3\META-INF\manifest.mf
c:\users\Rashed\AppData\Roaming\IDM\idmmzcc3\META-INF\zigbert.rsa
c:\users\Rashed\AppData\Roaming\IDM\idmmzcc3\META-INF\zigbert.sf
c:\users\Rashed\AppData\Roaming\inst.exe
c:\users\Rashed\AppData\Roaming\Rashed3SQLite3.dll
c:\users\Rashed\AppData\Roaming\Rashedlog.dat
c:\users\Rashed\AppData\Roaming\system32
c:\users\Rashed\AppData\Roaming\vso_ts_preview.xml
c:\windows\$NtUninstallKB39362$
c:\windows\$NtUninstallKB39362$\2746718449
c:\windows\security\Database\tmp.edb
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\wmm_cur.log
c:\windows\system32\wmm_old.log
c:\windows\XSxS
D:\resycled
E:\resycled
F:\resycled
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_.afd
.
.
((((((((((((((((((((((((( Files Created from 2011-12-08 to 2012-01-08 )))))))))))))))))))))))))))))))
.
.
2012-01-08 17:32 . 2012-01-08 17:36 -------- d-----w- c:\users\Rashed\AppData\Local\temp
2012-01-08 17:32 . 2012-01-08 17:32 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-01-08 17:32 . 2012-01-08 17:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-08 13:50 . 2011-10-11 19:49 703824 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EFE86669-41F9-4529-A1D9-D37E5D22C6B6}\gapaengine.dll
2012-01-08 13:49 . 2012-01-08 17:34 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{152FB117-0F85-49FC-BD4B-91BF56F1A8F6}\offreg.dll
2012-01-08 13:49 . 2011-11-21 10:47 6823496 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{152FB117-0F85-49FC-BD4B-91BF56F1A8F6}\mpengine.dll
2011-12-28 19:02 . 2012-01-08 13:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-12-28 19:01 . 2011-12-28 19:01 -------- d-----w- c:\users\Rashed\AppData\Roaming\Malwarebytes
2011-12-28 19:01 . 2011-12-28 19:01 -------- d-----w- c:\programdata\Malwarebytes
2011-12-27 20:35 . 2011-12-27 20:35 -------- d-----w- c:\program files\iPod
2011-12-27 20:33 . 2011-12-27 20:33 -------- d-----w- c:\program files\Apple Software Update
2011-12-27 20:31 . 2011-12-27 20:31 -------- d-----w- c:\program files\Bonjour
2011-12-25 19:59 . 2011-12-27 09:37 -------- d-----w- c:\users\Rashed\AppData\Roaming\foobar2000
2011-12-25 07:32 . 2010-05-06 05:27 15360 ----a-w- c:\windows\system32\drivers\mtkwmptv.sys
2011-12-25 07:32 . 2012-01-05 17:37 -------- d-----w- c:\program files\QUBEE WCM
2011-12-25 06:58 . 2009-07-13 23:12 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-12-23 13:46 . 2009-11-25 12:49 105472 ----a-w- c:\windows\system32\drivers\CT_ZTEMT_U_USBSER.sys
2011-12-23 13:46 . 2011-12-23 13:46 -------- d-----w- c:\program files\Zoom
2011-12-23 06:30 . 2008-08-25 05:36 81288 ----a-w- c:\windows\system32\drivers\iksyssec.sys
2011-12-23 06:30 . 2008-08-25 05:36 66952 ----a-w- c:\windows\system32\drivers\iksysflt.sys
2011-12-23 06:30 . 2008-08-25 05:36 40840 ----a-w- c:\windows\system32\drivers\ikfilesec.sys
2011-12-23 06:30 . 2008-06-02 09:19 29576 ----a-w- c:\windows\system32\drivers\kcom.sys
2011-12-23 06:29 . 2011-12-23 06:29 -------- d-----w- c:\users\Rashed\AppData\Roaming\PC Tools
2011-12-18 16:25 . 2011-12-18 16:25 -------- d-----w- c:\program files\Trend Micro
2011-12-16 12:38 . 2011-11-05 04:30 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-16 12:36 . 2011-10-26 04:42 3901808 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-16 12:36 . 2011-10-26 04:42 3957104 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-16 12:36 . 2011-11-24 04:23 2340352 ----a-w- c:\windows\system32\win32k.sys
2011-12-16 12:36 . 2011-10-15 05:48 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-16 12:35 . 2011-10-26 04:25 38912 ----a-w- c:\windows\system32\csrsrv.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-04 19:06 . 2011-07-04 19:11 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-21 10:47 . 2011-05-26 20:47 6823496 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-10-11 19:49 . 2011-08-12 09:00 703824 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
2011-01-17 14:54 175912 ----a-w- c:\program files\Freecorder\prxtbFre0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Rashed\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Rashed\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Rashed\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Rashed\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-01-25 10:40 67680 ----a-w- f:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="f:\program files\Internet Download Manager\IDMan.exe" [2011-02-11 3270040]
"Facebook Update"="c:\users\Rashed\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-07-18 137536]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"QUBEE WCM"="c:\program files\QUBEE WCM\QUBEE WCM.exe" [2010-06-25 798720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StillImageMonitor"="C:\W" [X]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2007-02-10 241664]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Freecorder FLV Service"="c:\program files\Freecorder\FLVSrvc.exe" [2011-03-24 167936]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-07-20 273544]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"iTunesHelper"="f:\program files\iTunes\iTunesHelper.exe" [2011-12-07 421736]
.
c:\users\Rashed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Rashed\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-5-26 24176560]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Virtual Router Manager.lnk - c:\windows\Installer\{8DB05F7E-1F7A-4CC0-882F-375B97F04CD4}\_E6D9769DD20AF384865041.exe [2011-6-13 22486]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GammaTray.lnk]
backup=c:\windows\pss\GammaTray.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OfficeSAS.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\OfficeSAS.lnk
backup=c:\windows\pss\OfficeSAS.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Rashed^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\Rashed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freecorder FLV Service]
2011-03-24 07:11 167936 ----a-w- c:\program files\Freecorder\FLVSrvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
2011-02-11 03:10 3270040 ----a-w- f:\program files\Internet Download Manager\IDMan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MagicTuneEngine]
2009-05-08 10:28 58368 ----a-w- c:\program files\MagicTune Premium\MagicTuneEngine.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2009-11-10 09:39 5244216 ----a-w- c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2009-09-23 13:30 150552 ----a-w- c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-07-14 01:14 1173504 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
R0 PCGenFAM;PCGenFAM;c:\windows\system32\DRIVERS\PCGenFAM.sys [2010-11-01 181704]
R1 MpKsl033c46a4;MpKsl033c46a4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{59AE2EED-8A15-45EA-8EFE-D019A4BB0B16}\MpKsl033c46a4.sys [x]
R1 MpKsl092fc65d;MpKsl092fc65d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{93D5BDB4-E7C5-4156-A4F8-5F9FBE694F45}\MpKsl092fc65d.sys [x]
R1 MpKsl0c85d9ea;MpKsl0c85d9ea;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D589F375-B170-4C43-8891-3016CB4CABF6}\MpKsl0c85d9ea.sys [x]
R1 MpKsl0c871ed4;MpKsl0c871ed4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CAA570D2-0FB2-4675-983D-A965CBD507E3}\MpKsl0c871ed4.sys [x]
R1 MpKsl0ee5966e;MpKsl0ee5966e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0BFFE880-DFC8-414F-8DFF-E19968EAE648}\MpKsl0ee5966e.sys [x]
R1 MpKsl15b2a820;MpKsl15b2a820;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{73C290FE-5752-477F-898A-885938C5A622}\MpKsl15b2a820.sys [x]
R1 MpKsl17be2c11;MpKsl17be2c11;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E0B2525A-D2EE-40B6-B442-A5B44DA556D8}\MpKsl17be2c11.sys [x]
R1 MpKsl36ebe847;MpKsl36ebe847;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0FD0228A-EC73-4ABC-A35A-E9EE952232AA}\MpKsl36ebe847.sys [x]
R1 MpKsl39e8c82b;MpKsl39e8c82b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BC5B869B-62DE-462C-9D95-415FB96BBF7F}\MpKsl39e8c82b.sys [x]
R1 MpKsl3c0ff98d;MpKsl3c0ff98d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F59C8D8C-C0D5-49F7-853E-E7214AEA9036}\MpKsl3c0ff98d.sys [x]
R1 MpKsl3db81b93;MpKsl3db81b93;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F7314D0D-70F9-46D3-A06C-DB760D85A0D8}\MpKsl3db81b93.sys [x]
R1 MpKsl3dc306c5;MpKsl3dc306c5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{012D3DB2-A3A7-41FB-99A0-E8E43D3F6D8F}\MpKsl3dc306c5.sys [x]
R1 MpKsl409a8fa5;MpKsl409a8fa5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B8F20AC5-0CF8-49C9-81B0-07403D208207}\MpKsl409a8fa5.sys [x]
R1 MpKsl434c9664;MpKsl434c9664;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8CB10B1C-4C3A-4314-915C-A1D4381FECED}\MpKsl434c9664.sys [x]
R1 MpKsl4505b7e2;MpKsl4505b7e2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E0CE4419-551E-4328-8495-FD4BC4F0EC8F}\MpKsl4505b7e2.sys [x]
R1 MpKsl5224fe88;MpKsl5224fe88;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BC5B869B-62DE-462C-9D95-415FB96BBF7F}\MpKsl5224fe88.sys [x]
R1 MpKsl580767dd;MpKsl580767dd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E73E7351-204D-425E-9C2B-DC1A59D5B830}\MpKsl580767dd.sys [x]
R1 MpKsl5a6889ba;MpKsl5a6889ba;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{999B06B1-39E0-4BBD-84B8-E4ADEBC322A3}\MpKsl5a6889ba.sys [x]
R1 MpKsl5d1edbf2;MpKsl5d1edbf2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5BAE0A85-4769-4BD6-AD45-D3E6244DBD67}\MpKsl5d1edbf2.sys [x]
R1 MpKsl5fe6ec7a;MpKsl5fe6ec7a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{152FB117-0F85-49FC-BD4B-91BF56F1A8F6}\MpKsl5fe6ec7a.sys [x]
R1 MpKsl64c78cde;MpKsl64c78cde;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{735BF1C1-4C55-4952-82EA-A016429DFCAA}\MpKsl64c78cde.sys [x]
R1 MpKsl66ae12d7;MpKsl66ae12d7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{713909F0-3EE9-43D3-8AE5-5663D7066D98}\MpKsl66ae12d7.sys [x]
R1 MpKsl69030903;MpKsl69030903;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{762CBCAB-279E-472A-BB2E-0F391EF85C22}\MpKsl69030903.sys [x]
R1 MpKsl69d890bb;MpKsl69d890bb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8A4EF466-3929-42BA-A0FD-C18109EF148C}\MpKsl69d890bb.sys [x]
R1 MpKsl6b0d1b87;MpKsl6b0d1b87;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{44E1E0CE-BB68-489B-8B89-4C19E127A30E}\MpKsl6b0d1b87.sys [x]
R1 MpKsl6b6f57a6;MpKsl6b6f57a6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3B10640A-57F6-41FA-97C1-A7D0EF100863}\MpKsl6b6f57a6.sys [x]
R1 MpKsl75e8a00b;MpKsl75e8a00b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3B10640A-57F6-41FA-97C1-A7D0EF100863}\MpKsl75e8a00b.sys [x]
R1 MpKsl7a4d03cf;MpKsl7a4d03cf;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8A4EF466-3929-42BA-A0FD-C18109EF148C}\MpKsl7a4d03cf.sys [x]
R1 MpKsl816d421a;MpKsl816d421a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{39BC6259-A57C-4A86-9AFF-174CB32152EB}\MpKsl816d421a.sys [x]
R1 MpKsl87545773;MpKsl87545773;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EDE2FC49-952E-4F4D-9FB1-31BE9B27607F}\MpKsl87545773.sys [x]
R1 MpKsl8939b4d5;MpKsl8939b4d5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{39BC6259-A57C-4A86-9AFF-174CB32152EB}\MpKsl8939b4d5.sys [x]
R1 MpKsl8a82e24c;MpKsl8a82e24c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{012D3DB2-A3A7-41FB-99A0-E8E43D3F6D8F}\MpKsl8a82e24c.sys [x]
R1 MpKsl8d8ea414;MpKsl8d8ea414;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{931A96BE-3608-43BA-B1FC-BDCEF99F4B90}\MpKsl8d8ea414.sys [x]
R1 MpKsl91192285;MpKsl91192285;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{30EBDB68-6DDC-4D0C-9087-5564FE945EC0}\MpKsl91192285.sys [x]
R1 MpKsl967d77e2;MpKsl967d77e2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3B10640A-57F6-41FA-97C1-A7D0EF100863}\MpKsl967d77e2.sys [x]
R1 MpKsla3287824;MpKsla3287824;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8CB10B1C-4C3A-4314-915C-A1D4381FECED}\MpKsla3287824.sys [x]
R1 MpKslabe8dab8;MpKslabe8dab8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A3DED321-8CD3-4511-A2FA-4289F05B177D}\MpKslabe8dab8.sys [x]
R1 MpKslb7c5de61;MpKslb7c5de61;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E76DB005-04F7-40A9-909D-CE29D64D5535}\MpKslb7c5de61.sys [x]
R1 MpKslbd64db1a;MpKslbd64db1a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5EA869FE-11E7-465B-B7D8-17DE00D5DAF1}\MpKslbd64db1a.sys [x]
R1 MpKslc14c04a4;MpKslc14c04a4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ACC04B5B-98F4-400E-A407-6760493D513D}\MpKslc14c04a4.sys [x]
R1 MpKslc4a5fef1;MpKslc4a5fef1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{012D3DB2-A3A7-41FB-99A0-E8E43D3F6D8F}\MpKslc4a5fef1.sys [x]
R1 MpKslc6f16ada;MpKslc6f16ada;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{132C6E64-272A-4042-8391-627F7EBAA9A5}\MpKslc6f16ada.sys [x]
R1 MpKslc6fac3b9;MpKslc6fac3b9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6C1C4224-8D98-4C03-B615-61B8BAC74B7B}\MpKslc6fac3b9.sys [x]
R1 MpKslc834adb3;MpKslc834adb3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{931A96BE-3608-43BA-B1FC-BDCEF99F4B90}\MpKslc834adb3.sys [x]
R1 MpKslcd87fefd;MpKslcd87fefd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0209E4D2-0CD0-466B-B0F4-249038A56654}\MpKslcd87fefd.sys [x]
R1 MpKsldbc3554a;MpKsldbc3554a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{30EBDB68-6DDC-4D0C-9087-5564FE945EC0}\MpKsldbc3554a.sys [x]
R1 MpKsldc99b1cc;MpKsldc99b1cc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C38F90CD-B240-437F-8C7E-79C70AF472EF}\MpKsldc99b1cc.sys [x]
R1 MpKsldcd453cc;MpKsldcd453cc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{45A05021-7070-4D3B-AB5C-5D0FEE6D0A4B}\MpKsldcd453cc.sys [x]
R1 MpKslddf03de0;MpKslddf03de0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{45A05021-7070-4D3B-AB5C-5D0FEE6D0A4B}\MpKslddf03de0.sys [x]
R1 MpKslde6deb0c;MpKslde6deb0c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{44E1E0CE-BB68-489B-8B89-4C19E127A30E}\MpKslde6deb0c.sys [x]
R1 MpKsldf639f8f;MpKsldf639f8f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{93D5BDB4-E7C5-4156-A4F8-5F9FBE694F45}\MpKsldf639f8f.sys [x]
R1 MpKsle0aa4af0;MpKsle0aa4af0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0FD0228A-EC73-4ABC-A35A-E9EE952232AA}\MpKsle0aa4af0.sys [x]
R1 MpKsle204033f;MpKsle204033f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B0A57C1A-EA7C-4DCF-B895-3C3143440FB6}\MpKsle204033f.sys [x]
R1 MpKslec5ca013;MpKslec5ca013;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E19D0E73-59B9-45F0-87D9-DFDB37FEE6D9}\MpKslec5ca013.sys [x]
R1 MpKsled259c09;MpKsled259c09;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A62AF5CE-6423-4660-8C4D-DB53A4B53BCC}\MpKsled259c09.sys [x]
R1 MpKsledb98d3e;MpKsledb98d3e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{58D3946E-986F-4771-ABC3-B5285E1416F9}\MpKsledb98d3e.sys [x]
R1 MpKslf081027e;MpKslf081027e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5FC87D1D-8315-4969-ABAE-32017938C388}\MpKslf081027e.sys [x]
R1 MpKslf176336a;MpKslf176336a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B0162B9E-3CD3-4511-98C4-E6DA272D1E52}\MpKslf176336a.sys [x]
R1 MpKslfc2bfa2d;MpKslfc2bfa2d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{621CA32F-E376-4019-A1B1-E9799D90F73D}\MpKslfc2bfa2d.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-18 135664]
R2 OMSCAN;OMSCAN;Sys?? [x]
R2 Virtual Router;VirtualRouterService;f:\program files\Virtual Router\VirtualRouterService.exe [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\smhwadb.sys [2010-06-25 25728]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 GarenaPEngine;GarenaPEngine;c:\users\Rashed\AppData\Local\Temp\IZM8ED9.tmp [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-18 135664]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [2010-03-10 25112]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 MT7118VU;MediaTek MT7118 WiMAX USB Card Driver for VISTA;c:\windows\system32\DRIVERS\mt7118vu.sys [2010-05-06 131072]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2011-05-06 16472]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2011-05-06 11104]
R3 sdAuxService;PC Tools Auxiliary Service;f:\program files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920]
R3 smhwdev;SmartPhone dummy USB PNP Device (Normal);c:\windows\system32\DRIVERS\smhwdev.sys [2010-06-25 100864]
R3 smhwser;USB Device for Legacy Serial Communication (Normal);c:\windows\system32\DRIVERS\smhwser.sys [2010-06-25 108032]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2008-05-06 11520]
R3 ztemtusbser;ZTEMT Legacy Serial Communication;c:\windows\system32\DRIVERS\CT_ZTEMT_U_USBSER.sys [2009-11-25 105472]
R4 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2010-11-01 331296]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-11-05 721904]
S2 GPCommonService;GPCommonService;c:\program files\QUBEE WCM\GPCommonService.exe [2010-05-27 90112]
S2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2011-01-25 85768]
S2 MTKWMPROT;MediaTek WiMAX Modem Protocol Driver;c:\windows\system32\DRIVERS\mtkwmptv.sys [2010-05-06 15360]
S2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;f:\program files\Nitro PDF\Professional\NitroPDFDriverService.exe [2010-06-24 196928]
S2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2010-06-24 65856]
S2 UDisk Monitor;UDisk Monitor;c:\program files\Zoom\bin\MonServiceUDisk.exe [2009-12-29 266240]
S3 AVHybrid;AVHybrid service;c:\windows\system32\DRIVERS\AVHybrid.sys [2005-04-29 999680]
S3 BthAudioHF;BthAudioHF Service;c:\windows\system32\DRIVERS\BthAudioHF.sys [2009-12-21 43008]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-07-19 225280]
S3 csr_a2dp;Bluetooth AV Profile;c:\windows\system32\drivers\bthav.sys [2009-12-21 61952]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-07-19 47104]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2009-11-07 47360]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - NETBT
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthaudiosvc REG_MULTI_SZ HFGService
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-540547-1390346881-2084640273-1000Core.job
- c:\users\Rashed\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-07-18 16:37]
.
2012-01-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-540547-1390346881-2084640273-1000UA.job
- c:\users\Rashed\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-07-18 16:37]
.
2011-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-18 14:26]
.
2012-01-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-18 14:26]
.
2012-01-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-540547-1390346881-2084640273-1000Core.job
- c:\users\Rashed\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-18 14:03]
.
2012-01-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-540547-1390346881-2084640273-1000UA.job
- c:\users\Rashed\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-18 14:03]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.msn.com
mStart Page = hxxp://eis.esnips.com/page/search/?client_uuid=bda82ac0-85c3-4b48-b0d2-41fde8d1391d
uInternet Settings,ProxyOverride = local;*.local
IE: Download all links with IDM - f:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - f:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - f:\program files\Internet Download Manager\IEExt.htm
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)
HKCU-Run-HW_OPENEYE_OUC_PC Suite For Android Handset - f:\program files\PC Suite For Android Handset\UpdateDog\ouc.exe
HKLM-Run-NBKeyScan - c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
SafeBoot-US30Sys.sys
MSConfigStartUp-DU Meter - c:\program files\DU Meter\DUMeter.exe
MSConfigStartUp-eSnips_Downloader - c:\program files\Logia\eSnipsDownloader\eSnips_Downloader.exe
MSConfigStartUp-HKCU - c:\users\Rashed\AppData\Local\Temp\winhost32.exe
MSConfigStartUp-HKLM - c:\users\Rashed\AppData\Local\Temp\winhost32.exe
MSConfigStartUp-US4Service - c:\programdata\Everstrike\US4Service.exe
MSConfigStartUp-XJYMJIXtFF - c:\users\Rashed\AppData\Local\Temp\rundll32.exe
AddRemove-conduitEngine - c:\program files\ConduitEngine\ConduitEngineUninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\GarenaPEngine]
"ImagePath"="\??\c:\users\Rashed\AppData\Local\Temp\IZM8ED9.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\OMSCAN]
"ImagePath"="\Sys"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-540547-1390346881-2084640273-1000_Classes\CLSID\{70e91904-9895-4b62-af39-239b6d7b5cfb}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000027
"Therad"=dword:00000015
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-540547-1390346881-2084640273-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):1b,2a,e2,d5,fd,06,4a,0a,d9,b0,d9,df,48,04,bf,b0,a2,b1,05,da,dc,
1e,47,a5,14,fa,6f,c3,84,d8,a0,33,ae,f0,53,75,bd,82,97,8b,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0018\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0019\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0020\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0021\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0022\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0024\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0026\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(4004)
c:\users\Rashed\AppData\Local\FLVService\lib\FLVSrvLib.dll
c:\users\Rashed\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\taskhost.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\crypserv.exe
c:\program files\Photodex\ProShowProducer\ScsiAccess.exe
c:\windows\system32\conhost.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\QUBEE WCM\wimax\WmMMgr.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2012-01-08 23:40:51 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-08 17:40
.
Pre-Run: 10,285,170,688 bytes free
Post-Run: 10,062,151,680 bytes free
.
- - End Of File - - 84E7F2901A2F6723D49202623FA06816


2. problem that i faced was mentioned earlier...
3. still i couldnt connect to the internet. one point should be mentioned here, when broni instructed me to run FSS, the log said that "DHCP client is not running", i think DHCP has to do something with this problem of mine. that problem was not solved yet.
Thank you

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:53 AM

Posted 09 January 2012 - 03:17 PM

Hello

I would like to see a fresh FSS scan

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure "Include All Files" option remains checked.
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 srksami

srksami
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 09 January 2012 - 04:27 PM

here is the FSS log:

Farbar Service Scanner
Ran by Rashed (administrator) on 10-01-2012 at 03:24:24
Microsoft Windows 7 Ultimate (X86)
********************************************************

Internet Services:
=================
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp: "%SystemRoot%\System32\dhcpcsvc.dll".


Connection Status:
=================
Localhost is accessible.
There is no connection to network.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
================
MpsSvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist.

mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.


Firewall Disabled Policy:
========================


System Restore:
==============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
==============================


File Check:
==========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2011-11-13 01:26] - [2011-09-29 21:43] - 1285488 ____A (Microsoft Corporation) 56C198AC82EFA622DD93E9E43575F79C

C:\Windows\system32\dnsrslvr.dll
[2011-04-15 14:21] - [2011-03-03 11:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9

C:\Windows\system32\mpssvc.dll
[2009-07-14 05:53] - [2009-07-14 07:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

C:\Windows\system32\bfe.dll
[2009-07-14 05:54] - [2009-07-14 07:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll
[2009-07-14 05:23] - [2009-07-14 07:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

C:\Windows\system32\vssvc.exe
[2009-07-14 05:24] - [2009-07-14 07:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit

**** End of log ****

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:53 AM

Posted 09 January 2012 - 06:00 PM

hELLO

i WOULD LIKE YOU TO RUN THIS AND SEE IF YOU CAN CONNECT - http://download.bleepingcomputer.com/sUBs/MiniFixes/RestoreBFE.exe


GRINGO
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 srksami

srksami
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 09 January 2012 - 06:41 PM

It says, "Error: This tool does not apply to you"


Any other suggestions??

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:53 AM

Posted 09 January 2012 - 06:54 PM

Download both the registry files

http://www.mediafire.com/?317ea53a883288d

http://www.mediafire.com/?z6aw8j7997qa7j9

Launch and import them to registry

Restart your PC

Now,open RUN and type

regedit and click ok

go to

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE

Right click on it-permissions

Click on ADD and type

Everyone and click ok

Now Click on Everyone

Below you have permission for users

Select full control and click ok

Now,open RUN and type

services.msc and click ok

start base filtering engine service and then windows firewall service
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 srksami

srksami
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 09 January 2012 - 07:26 PM

done what you asked to do but i did not have to start base filtering engine service and windows firewall service because they were already started.

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:53 AM

Posted 09 January 2012 - 07:49 PM

Hello

here is what I want you to try next

1. Locate the file - C:\Windows\inf\Nettcpip.inf
  • It's important that you first make a copy of the file. Place the copy on your Desktop.
  • Once you have done that, use Notepad open the original file for editing.

Posted Image

2. Locate the [MS_TCPIP.PrimaryInstall] section.

3. Edit the Characteristics = 0xa0 entry and replace 0xa0 with 0×80.

Posted Image

4. Save the file, and then exit Notepad.

Posted Image

5. In Control Panel, double-click Network Connections, right-click Local Area Connection, and then select Properties.

Posted Image Posted Image

6. On the General tab, click Install, select Protocol, and then click Add.

Posted Image

7. In the Select Network Protocols window, click Have Disk.

Posted Image

8. In the Copy manufacturer’s files from: text box, type c:\windows\inf, and then click OK.

Posted Image

9. Select Internet Protocol (TCP/IP), and then click OK.

Posted Image

Note This step will return you to the Local Area Connection Properties screen, but now the Uninstall button is available.

10. Select Internet Protocol (TCP/IP), click Uninstall, and then click Yes.

11. It is important that you restart the computer to complete the uninstall.

------------

Step #2 - Reinstall of TCP/IP

Posted Image

Take the nettcpip.inf which you have earlier copied to Desktop. Move it back to the directory C:\Windows\INF\ overwriting the existing copy. The file shall now look exactly like the sample above.

Redo sub-steps 4-11 to re-install TCP/IP
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 srksami

srksami
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:09:53 PM

Posted 10 January 2012 - 02:46 AM

no luck! still internet couldnt connect. like before, the modem says, "failed to obtain ip".

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:53 AM

Posted 10 January 2012 - 09:31 AM

Make sure, your settings are correct.
1. Go Start>Settings>Control Panel (Vista/7 users: Start>Control Panel)
2. Double click Network Connections (Vista/7 users: Network and Sharing Center)
3. Vista/7 users - From the list of tasks on the left, click Manage network connections.
4. For a wired network connection, right-click Local Area Connection, and then select Properties.
For a wireless network connection, right-click Wireless Network Connection, and then select Properties.
5. From the General tab (Vista/7 users: Networking tab), click Internet Protocol version 4 (TCP/IPv4), make sure it is checked, and then click Properties
6. Make sure Obtain an IP Address Automatically and Obtain DNS server address Automatically are checked.
7. Click on "Advanced" button and make sure "IP Settings" tab looks like this:
Posted Image
Make sure "DNS" tab looks like this:
Posted Image
Make sure "WINS" tab looks like this:
Posted Image
8. Still in Control Panel double click on "Internet options" then "Connections" tab then "LAN Settings" button. Make sure "Automatically detect settings" is checked.
If you made any changes OK your way out.
Restart computer.

------------------------------------------------

If that doesn't work...
Turn off computer. Disconnect router, and modem from power source for 1 minute. At the same time disconnect ethernet cable as well.
Reconnect everything.
Restart computer.

------------------------------------------

If that doesn't work, bypass router, and connect computer straight to the modem.

---------------------------------------------

If that doesn't work...
Go Start>Run (Start search in Vista), type in:
cmd
Click OK (in Vista and 7, while holding CTRL, and SHIFT, press Enter).

In Command Prompt window, type in following commands, and hit Enter after each one:
ipconfig /flushdns
ipconfig /registerdns
ipconfig /release
ipconfig /renew
net stop "dns client"
net start "dns client"


Restart computer.

-------------------------------------------------------

If that doesn't work...
Go Start>Run (Start search in Vista and 7), type in:
cmd
Click OK (in Vista, while holding CTRL, and SHIFT, press Enter).

At Command Prompt, type in:
netsh int ip reset reset.log
Hit Enter.
Type in:
netsh winsock reset catalog
Hit Enter.

Restart computer.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users