Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mbam-killer, chameleon.chm, 14 infected files


  • Please log in to reply
5 replies to this topic

#1 dingdingding

dingdingding

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:03 AM

Posted 15 May 2012 - 01:27 PM

Computer: Dell XPS 8300

OS: Windows 7

Browser: Firefox (I also have IE installed, but I don't use it)

Error message: 'There has been a virus detected on your computer' (or something to that effect....I'm sorry that I didn't catch the exact wording, but it happened so fast).

Installed anti programs: Kaspersky Internet Security 2012, MalwareByte's Anti-Malware, and I think I'm still running Windows 7 firewall as well (along with the Kaspersky firewall).


Other: This is a brand new computer. I've only had it up and running for maybe two weeks (and have only had high-speed internet for two weeks). The browsers, the anti-virus programs are all fresh installs.

-After we got this new computer, I transferred all of my files from my old computer onto this new one using an external hard drive (which is *not* currently attached to either one of my pc's) and a usb cable. Before I did the file transfer, I ran every single anti-virus scan that I had (I had several.....AVG free version, MalwareBytes Anti-Malware, Spybot Search and Destroy, SpywareBlaster), I ran them all several times, and no infections were found.

Everything was good until today.



What happened today:

-This morning, I was prompted to update my 'Dell Stage'. I did, and everything seemed to be fine.

-Then I went surfing for images of Russian architecture (I'm an artist, and architecture can be inspiring).

-Then I surfed for interior pictures of the 'Orient Express' (a great old train), and as I clicked on the third image (from Google images), I landed on a warning page that seemed to come from my Kaspersky. The page was blank, and only had this 'virus alert' message on it.

Again, the virus alert message was something like: 'A virus has been detected'.

-Then a few more alert boxes popped up, but I didn't click on any of them.

-Instead, I used 'Task Manager' to end the process.


-Then I immediately ran a 'quick scan' and 'deep scan' in Kaspersky, which hit on all of these MalwareByte files (which I cannot figure out how to copy/paste them here, or do a screen grab).

--Kaspersky tells me that there are 14 infected files, and almost all of them include the words 'malwarebyte's antimalware/chameleon/ (though the back slashes are headed the other way).

--Kaspersky quarantined 13 of these files at first, but when I checked in again moments later, Kaspersky said that it had quarantined all 14 files.

--Within the quarantined area (like an idiot), I clicked on one of the quarantined files, which took me to 'My Computer', where I found two files: 'chameleon.chm' (which has a yellow question mark in front of it), and 'mbam-killer.exe'. I did NOT click on either one of these files.


-Then I ran a 'quick scan' and 'deep scan' in MalwareByte's, but it found nothing.

-I have not enabled 'show hidden files' in Windows 7 yet, but I don't know if that makes any difference (?).




Anyway, this is everything that's happened. So far, nothing strange has happened on my computer, but I also haven't shut it off yet.



I really appreciate any help in advance.



Also as an aside.....brand new computer.....two weeks old....That sound you hear? Is my head hitting the desk.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:03 AM

Posted 15 May 2012 - 01:42 PM

Hello, these are MBAM files and are safe. chameleon.chm' and 'mbam-killer.exe'.

Do you know what infections Kaspersky found?

Hows yje PC running..

Lets look at these 2...
Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 dingdingding

dingdingding
  • Topic Starter

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:03 AM

Posted 15 May 2012 - 02:40 PM

Hello Boopme! It's nice to see you again, though as always....the circumstances aren't so great lol.



-Kaspersky is calling all of these infections: HEUR:Trojan-Downloader.Win32.Generic


My computer seems to be doing okay, but since all of this virus stuff has taken place, the only thing I've done, is to come straight here (which seems to be the smartest thing I've done all morning lol).


I am now going to download and run everything that you've told me to, and I will report back with the results shortly.


:)

#4 dingdingding

dingdingding
  • Topic Starter

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:03 AM

Posted 15 May 2012 - 03:31 PM

Oooooh my god....that was a mess. Finding things in Windows 7 is not like finding things in Windows XP.

Here are the scan results though (I had to run both scans several times, because I kept losing the results....hopefully, I haven't screwed anything up):



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-15 15:08:42
-----------------------------
15:08:42.044 OS Version: Windows x64 6.1.7601 Service Pack 1
15:08:42.044 Number of processors: 8 586 0x2A07
15:08:42.044 ComputerName: EDJEN-PC UserName: EdJen
15:08:43.893 Initialize success
15:08:46.257 AVAST engine defs: 12051500
15:08:57.101 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:08:57.102 Disk 0 Vendor: ST320006 CC44 Size: 1907729MB BusType: 3
15:08:57.147 Disk 0 MBR read successfully
15:08:57.148 Disk 0 MBR scan
15:08:57.385 Disk 0 Windows VISTA default MBR code
15:08:57.394 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
15:08:57.478 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 17116 MB offset 81920
15:08:57.491 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 1890572 MB offset 35135488
15:08:57.554 Disk 0 scanning C:\Windows\system32\drivers
15:09:12.797 Service scanning
15:09:23.420 Modules scanning
15:09:23.428 Disk 0 trace - called modules:
15:09:23.449 ntoskrnl.exe CLASSPNP.SYS disk.sys Sahdad64.sys iaStor.sys hal.dll
15:09:23.780 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800fd6f790]
15:09:23.785 3 CLASSPNP.SYS[fffff8800258943f] -> nt!IofCallDriver -> [0xfffffa800fc6ea20]
15:09:23.790 5 Sahdad64.sys[fffff88002514e25] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800d8a9050]
15:09:30.825 AVAST engine scan C:\Windows
15:09:41.026 AVAST engine scan C:\Windows\system32
15:11:26.016 AVAST engine scan C:\Windows\system32\drivers
15:11:36.082 AVAST engine scan C:\Users\EdJen
15:12:53.997 AVAST engine scan C:\ProgramData
15:13:45.226 Scan finished successfully
15:14:09.889 Disk 0 MBR has been saved successfully to "C:\Users\EdJen\Desktop\MBR.dat"
15:14:09.892 The log file has been saved successfully to "C:\Users\EdJen\Desktop\aswMBR.txt"




MiniToolBox by Farbar Version: 18-01-2012
Ran by EdJen (administrator) on 15-05-2012 at 15:26:04
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : EdJen-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : westell.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 5C-F9-DD-6C-56-B1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3444:ac5a:a9f9:a09f%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.33(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, May 15, 2012 10:10:28 AM
Lease Expires . . . . . . . . . . : Wednesday, May 16, 2012 10:10:27 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 240974301
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-31-C6-CE-5C-F9-DD-6C-56-B1
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.westell.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3cc3:2944:3f57:fede(Preferred)
Link-local IPv6 Address . . . . . : fe80::3cc3:2944:3f57:fede%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.225.34
74.125.225.35
74.125.225.36
74.125.225.37
74.125.225.38
74.125.225.39
74.125.225.40
74.125.225.41
74.125.225.46
74.125.225.32
74.125.225.33


Pinging google.com [74.125.225.33] with 32 bytes of data:
Reply from 74.125.225.33: bytes=32 time=38ms TTL=56
Reply from 74.125.225.33: bytes=32 time=38ms TTL=56

Ping statistics for 74.125.225.33:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 38ms, Maximum = 38ms, Average = 38ms
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=62ms TTL=54
Reply from 209.191.122.70: bytes=32 time=60ms TTL=54

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 60ms, Maximum = 62ms, Average = 61ms
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...5c f9 dd 6c 56 b1 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.33 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.33 276
192.168.1.33 255.255.255.255 On-link 192.168.1.33 276
192.168.1.255 255.255.255.255 On-link 192.168.1.33 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.33 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.33 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:4137:9e76:3cc3:2944:3f57:fede/128
On-link
11 276 fe80::/64 On-link
14 306 fe80::/64 On-link
11 276 fe80::3444:ac5a:a9f9:a09f/128
On-link
14 306 fe80::3cc3:2944:3f57:fede/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/15/2012 03:18:24 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/15/2012 03:18:24 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/15/2012 03:18:23 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/15/2012 03:18:23 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/15/2012 03:18:23 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/15/2012 03:18:23 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/15/2012 03:18:23 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/15/2012 03:18:23 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/15/2012 03:16:07 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/15/2012 03:16:07 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (05/15/2012 10:10:47 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.

Error: (05/15/2012 00:26:53 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/14/2012 10:24:53 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.

Error: (05/14/2012 10:18:44 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/14/2012 10:12:39 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.

Error: (05/14/2012 01:17:42 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/13/2012 07:46:50 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.

Error: (05/13/2012 03:53:39 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/13/2012 02:24:22 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.

Error: (05/13/2012 02:23:17 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}


Microsoft Office Sessions:
=========================
Error: (05/15/2012 03:18:24 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/15/2012 03:18:24 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/15/2012 03:18:23 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/15/2012 03:18:23 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/15/2012 03:18:23 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/15/2012 03:18:23 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/15/2012 03:18:23 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/15/2012 03:18:23 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/15/2012 03:16:07 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/15/2012 03:16:07 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

Adobe AIR (Version: 2.6.0.19120)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.222)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Photoshop Elements (Version: 1.0)
Adobe Reader X (10.1.3) MUI (Version: 10.1.3)
AMD APP SDK Runtime (Version: 2.4.650.9)
ATI AVIVO64 Codecs (Version: 11.6.0.10628)
ATI Catalyst Install Manager (Version: 3.0.829.0)
Blio (Version: 2.3.7140)
Canon Easy-PhotoPrint EX
Canon MG3100 series MP Drivers
Canon MG3100 series On-screen Manual
Canon MG3100 series User Registration
Canon MP Navigator EX 5.0
Canon My Printer
Canon RAW Image Task for ZoomBrowser EX (Version: 3.3.0.5)
Canon Solution Menu EX
Canon Utilities CameraWindow (Version: 7.1.0.2)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.4.2.16)
Canon Utilities Digital Photo Professional 3.4 (Version: 3.4.0.0)
Canon Utilities EOS Utility (Version: 2.4.0.1)
Canon Utilities MyCamera (Version: 6.4.0.5)
Canon Utilities PhotoStitch (Version: 3.1.21.45)
Canon Utilities Picture Style Editor (Version: 1.3.0.0)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.7.1.9)
Canon Utilities WFT-E1/E2/E3 Utility (Version: 3.2.1.1)
Canon Utilities ZoomBrowser EX (Version: 6.1.1.21)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.1.0.8)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.0628.2340.40663)
Catalyst Control Center InstallProxy (Version: 2011.0628.2340.40663)
Catalyst Control Center Localization All (Version: 2011.0628.2340.40663)
ccc-utility64 (Version: 2011.0628.2340.40663)
CCC Help Chinese Standard (Version: 2011.0628.2339.40663)
CCC Help Chinese Traditional (Version: 2011.0628.2339.40663)
CCC Help Czech (Version: 2011.0628.2339.40663)
CCC Help Danish (Version: 2011.0628.2339.40663)
CCC Help Dutch (Version: 2011.0628.2339.40663)
CCC Help English (Version: 2011.0628.2339.40663)
CCC Help Finnish (Version: 2011.0628.2339.40663)
CCC Help French (Version: 2011.0628.2339.40663)
CCC Help German (Version: 2011.0628.2339.40663)
CCC Help Greek (Version: 2011.0628.2339.40663)
CCC Help Hungarian (Version: 2011.0628.2339.40663)
CCC Help Italian (Version: 2011.0628.2339.40663)
CCC Help Japanese (Version: 2011.0628.2339.40663)
CCC Help Korean (Version: 2011.0628.2339.40663)
CCC Help Norwegian (Version: 2011.0628.2339.40663)
CCC Help Polish (Version: 2011.0628.2339.40663)
CCC Help Portuguese (Version: 2011.0628.2339.40663)
CCC Help Russian (Version: 2011.0628.2339.40663)
CCC Help Spanish (Version: 2011.0628.2339.40663)
CCC Help Swedish (Version: 2011.0628.2339.40663)
CCC Help Thai (Version: 2011.0628.2339.40663)
CCC Help Turkish (Version: 2011.0628.2339.40663)
Consumer In-Home Service Agreement (Version: 2.0.0)
Cozi (Version: 1.0.6505.38692)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software (Version: 9.4.67)
Dell DataSafe Local Backup (Version: 9.4.67)
Dell Digital Delivery (Version: 2.1.1000.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell KM632 Wireless Keyboard Caps Lock Indicator (Version: 2.1.9.0401)
Dell MusicStage (Version: 1.6.225.0)
Dell PhotoStage (Version: 1.5.0.130)
Dell Stage (Version: 1.7.209.0)
Dell Support Center (Version: 3.1.5907.16)
Dell VideoStage (Version: 1.3.0.2214)
DirectX 9 Runtime (Version: 1.00.0000)
eBay (Version: 1.4.0)
High-Definition Video Playback (Version: 7.3.10000.0.0)
Homestead SiteBuilder
Intel® Control Center (Version: 1.2.1.1007)
Intel® Rapid Storage Technology (Version: 10.6.0.1002)
Junk Mail filter update (Version: 15.4.3502.0922)
Kaspersky Internet Security 2012 (Version: 12.0.0.374)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.0.50401.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
Mozilla Thunderbird 12.0.1 (x86 en-US) (Version: 12.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.7.915.93)
Nero 10 Movie ThemePack Basic (Version: 10.2.10200.0.0)
Nero Control Center 10 (Version: 10.6.12800.0.8)
Nero ControlCenter 10 Help (CHM) (Version: 10.2.10800)
Nero Core Components 10 (Version: 2.0.20500.9.16)
Nero Update (Version: 1.0.0018)
OpenOffice.org 3.4 (Version: 3.4.9590)
PlayReady PC Runtime x86 (Version: 1.3.0)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6141)
Roxio BackOnTrack (Version: 4.0)
Roxio Burn (Version: 1.6)
Roxio CinePlayer (Version: 5.6)
Roxio CinePlayer Decoder Pack (Version: 4.3.0)
Roxio Creator 2011 (Version: 1.3.166)
Roxio Creator 2011 (Version: 13.0)
Roxio Creator 2011 (Version: 6.0.0)
Roxio Dell install Util (Version: 2.00.0000)
Roxio PhotoShow (Version: 6.0)
Roxio Video Capture USB (Version: 1.22.0000)
Skype™ 5.5 (Version: 5.5.119)
SmartSound Common Data (Version: 1.1.0)
SmartSound Quicktracks 5 (Version: 5.1.7)
SyncUP (Version: 1.12.11100.9.104)
SyncUP (Version: 10.2.16100)
THX TruStudio PC (Version: 1.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VD64Inst (Version: 1.00.0000)
WD SmartWare (Version: 1.6.0.25)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Zinio Reader 4 (Version: 4.2.4164)

========================= Memory info: ===================================

Percentage of memory in use: 21%
Total physical RAM: 16366.45 MB
Available physical RAM: 12822.56 MB
Total Pagefile: 32731.08 MB
Available Pagefile: 28394.97 MB
Total Virtual: 4095.88 MB
Available Virtual: 3961.41 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:1846.26 GB) (Free:1777.83 GB) NTFS

========================= Users: ========================================

User accounts for \\EDJEN-PC

Administrator Ed EdJen
Guest


**** End of log ****

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:03 AM

Posted 15 May 2012 - 03:49 PM

Hello, the good news is it looks clean so if its running well, be happy.

Edited by boopme, 15 May 2012 - 03:49 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 dingdingding

dingdingding
  • Topic Starter

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:03 AM

Posted 15 May 2012 - 03:54 PM

Oh Boopme! That is such great news, I could faint! The relief......ahhhhhhh...... :)


As for 'running well'....it is slightly slower at loading web pages (this one here), but I'm thinking that that might be due to me changing some Kapersky settings.



Oh dear....Kapersky just asked if I wanted to restore 'rundll32.exe'....I said yes, but it told me that I didn't have permission to restore the file back to a program folder (?), so I've saved it in my documents....I think.


Argh....


Edited to add....this rundll32.exe seems to be part of MalwareBytes

Edited by dingdingding, 15 May 2012 - 03:57 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users