Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I infected?


  • Please log in to reply
17 replies to this topic

#1 shaileshsgaur

shaileshsgaur

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 14 December 2012 - 09:09 AM

Hi,

I have Dell Inspiron laptop with Windows 7 Home Basic OS. My McAfee Anti-virus real time scanning keeps turning off itself. Besides this several exe stopped running like skype. Please let me know if I am infected. Also let me know how to make McAfee and skype run normally.

Thanks
Shailesh

BC AdBot (Login to Remove)

 


#2 robocop321

robocop321

  • Members
  • 114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:20 PM

Posted 14 December 2012 - 09:12 AM

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update
Windows Defender


Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.


====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Devices (do NOT change any settings here)
List Users, Partitions and Memory size

Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

#3 shaileshsgaur

shaileshsgaur
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 14 December 2012 - 09:34 AM

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
TuneUp Utilities 2012
TuneUp Utilities Language Pack (en-US)
Java™ 6 Update 27
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader 10.1.4 Adobe Reader out of Date!
Mozilla Firefox 5.0 Firefox out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 7%
````````````````````End of Log``````````````````````

#4 shaileshsgaur

shaileshsgaur
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 14 December 2012 - 09:36 AM

Farbar Service Scanner Version: 10-12-2012
Ran by DELL (administrator) on 14-12-2012 at 20:05:01
Running from "C:\Users\DELL\Desktop"
Windows 7 Home Basic Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
WAN connected
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#5 shaileshsgaur

shaileshsgaur
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 14 December 2012 - 09:39 AM

MiniToolBox by Farbar Version: 25-11-2012
Ran by DELL (administrator) on 14-12-2012 at 20:08:41
Running from "C:\Users\DELL\Desktop"
Windows 7 Home Basic Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================



# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : DELL-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

PPP adapter MBlaze USB Modem:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : MBlaze USB Modem
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 180.215.223.74(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0
DNS Servers . . . . . . . . . . . : 10.228.1.114
10.228.1.113
NetBIOS over Tcpip. . . . . . . . : Disabled

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 94-39-E5-D5-94-FB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dell Wireless 1701 802.11b/g/n
Physical Address. . . . . . . . . : 94-39-E5-D5-94-FB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 18-03-73-8E-FD-98
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 94-39-E5-D5-94-FC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{B5D85886-5F0D-4D92-B3AC-FB07A0F7D16A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D63876E0-E689-4D08-B76E-6A83001346DC}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D0775D31-1CAA-46CA-A6A2-F7C6B9744296}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{0A804119-0E6F-42CE-B6DF-E4A922560C77}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3c65:22c4:4b28:20b5(Preferred)
Link-local IPv6 Address . . . . . : fe80::3c65:22c4:4b28:20b5%16(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{04CB0B42-00C6-4A98-BFBC-BB6C830EE542}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:b4d7:df4a::b4d7:df4a(Preferred)
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
DNS Servers . . . . . . . . . . . : 10.228.1.114
10.228.1.113
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 10.228.1.114

Name: google.com
Addresses: 2404:6800:4007:801::1005
74.125.236.169
74.125.236.163
74.125.236.164
74.125.236.168
74.125.236.162
74.125.236.167
74.125.236.160
74.125.236.165
74.125.236.161
74.125.236.174
74.125.236.166


Pinging google.com [74.125.236.166] with 32 bytes of data:
Reply from 74.125.236.166: bytes=32 time=164ms TTL=53
Reply from 74.125.236.166: bytes=32 time=174ms TTL=53

Ping statistics for 74.125.236.166:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 164ms, Maximum = 174ms, Average = 169ms
Server: UnKnown
Address: 10.228.1.114

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=367ms TTL=49
Reply from 98.138.253.109: bytes=32 time=399ms TTL=49

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 367ms, Maximum = 399ms, Average = 383ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
48...........................MBlaze USB Modem
18...94 39 e5 d5 94 fb ......Microsoft Virtual WiFi Miniport Adapter
14...94 39 e5 d5 94 fb ......Dell Wireless 1701 802.11b/g/n
13...18 03 73 8e fd 98 ......Realtek PCIe FE Family Controller
12...94 39 e5 d5 94 fc ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
49...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
19...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 On-link 180.215.223.74 41
127.0.0.0 255.0.0.0 On-link 127.0.0.1 4531
127.0.0.1 255.255.255.255 On-link 127.0.0.1 4531
127.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
180.215.223.74 255.255.255.255 On-link 180.215.223.74 296
224.0.0.0 240.0.0.0 On-link 127.0.0.1 4531
224.0.0.0 240.0.0.0 On-link 180.215.223.74 41
255.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
255.255.255.255 255.255.255.255 On-link 180.215.223.74 296
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
19 1140 ::/0 2002:c058:6301::c058:6301
1 306 ::1/128 On-link
16 58 2001::/32 On-link
16 306 2001:0:4137:9e76:3c65:22c4:4b28:20b5/128
On-link
19 1040 2002::/16 On-link
19 296 2002:b4d7:df4a::b4d7:df4a/128
On-link
16 306 fe80::/64 On-link
16 306 fe80::3c65:22c4:4b28:20b5/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/14/2012 08:07:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (12/14/2012 07:59:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (12/14/2012 07:56:44 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (12/14/2012 06:51:22 PM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 7

Error: (12/14/2012 06:51:22 PM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 7

Error: (12/14/2012 06:45:39 PM) (Source: Application Hang) (User: )
Description: The program TUMessages.exe version 12.0.3600.104 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: b24

Start Time: 01cdd9d1c082e307

Termination Time: 4

Application Path: C:\Program Files (x86)\TuneUp Utilities 2012\TUMessages.exe

Report Id:

Error: (12/14/2012 06:44:17 PM) (Source: RasClient) (User: )
Description: CoId={D224489F-6AAA-43E4-9711-54BA09872E8D}: The user DELL-PC\DELL dialed a connection named MBlaze USB Modem which has failed. The error code returned on failure is 633.

Error: (12/14/2012 06:44:02 PM) (Source: RasClient) (User: )
Description: CoId={C26A09AE-07EB-4B2A-9583-7565C8F81180}: The user DELL-PC\DELL dialed a connection named MBlaze USB Modem which has failed. The error code returned on failure is 633.

Error: (12/14/2012 06:43:47 PM) (Source: RasClient) (User: )
Description: CoId={32ABC237-8B9D-46DB-B1D9-2993C70F982D}: The user DELL-PC\DELL dialed a connection named MBlaze USB Modem which has failed. The error code returned on failure is 633.

Error: (12/14/2012 06:43:39 PM) (Source: WxDFastUpdater) (User: )
Description: Failed to create HTML document instance (-2147221164)


System errors:
=============
Error: (12/14/2012 01:09:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Office OneNote 2007 Help (KB963670).

Error: (12/14/2012 01:06:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243).

Error: (12/14/2012 01:06:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB973688).

Error: (12/14/2012 01:06:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB954430).

Error: (12/14/2012 01:03:45 PM) (Source: Service Control Manager) (User: )
Description: The Roxio Hard Drive Watcher 12 service terminated unexpectedly. It has done this 1 time(s).

Error: (12/14/2012 01:03:27 PM) (Source: Service Control Manager) (User: )
Description: The Nero Update service terminated with the following error:
%%-2147467262

Error: (12/14/2012 01:00:31 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (12/14/2012 00:56:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (12/14/2012 00:56:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (12/14/2012 00:56:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Adobe AIR (Version: 2.6.0.19120)
Adobe Flash Player 10 ActiveX (Version: 10.3.183.5)
Adobe Flash Player 10 Plugin (Version: 10.3.183.5)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Advanced Audio FX Engine (Version: 1.12.05)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Bar (Version: 6.0.2282.0)
Bing Bar Platform (Version: 6.0.2282.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
Concise Oxford Dictionary (Tenth Edition)
CyberLink PowerDVD 9.5 (Version: 9.5.1.3225)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software (Version: 9.4.57)
Dell DataSafe Local Backup (Version: 9.4.57)
Dell DataSafe Online (Version: 2.1.19634)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell MusicStage (Version: 1.5.201.0)
Dell PhotoStage (Version: 1.5.0.65)
Dell Product Registration (Version: 1.0.6)
Dell Stage (Version: 1.5.201.0)
Dell Support Center (Version: 3.1.5803.11)
Dell Touchpad (Version: 7.1207.101.225)
Dell VideoStage (Version: 1.2.0.1712)
Dell Webcam Central (Version: 2.00.44)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
DirectX 9 Runtime (Version: 1.00.0000)
Dora's World Adventure (Version: 2.2.0.95)
DVDVideoSoftTB Toolbar (Version: 6.9.0.16)
DW WLAN Card (Version: 5.100.82.88)
eBay (Version: 1.4.0)
Escape Whisper Valley ™ (Version: 2.2.0.95)
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.95)
Final Drive Fury (Version: 2.2.0.95)
Final Drive Nitro (Version: 2.2.0.95)
FLV Converter 2.5
Free YouTube Download version 3.1.31.706 (Version: 3.1.31.706)
GOM Player
Google Chrome (Version: 21.0.1180.89)
High-Definition Video Playback (Version: 7.3.10000.0.0)
IDT Audio (Version: 1.0.6341.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2342)
Intel® Rapid Storage Technology (Version: 10.1.2.1004)
Internet Explorer Toolbar 4.6 by SweetPacks (Version: 4.6.0004)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 27 (64-bit) (Version: 6.0.270)
Java™ 6 Update 27 (Version: 6.0.270)
Jewel Quest (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junior School-4 Mathematics (Version: 1.0)
Junk Mail filter update (Version: 15.4.3502.0922)
Luxor (Version: 2.2.0.95)
MBlaze UI
McAfee SecurityCenter (Version: 11.0.678)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Search Enhancement Pack (Version: 3.0.131.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Windows Logo
Mobile Partner (Version: 11.302.09.00.03)
Mozilla Firefox 5.0 (x86 en-US) (Version: 5.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MTS TV (Version: 3.28)
Namco All-Stars PAC-MAN (Version: 2.2.0.95)
Nero 10 Movie ThemePack Basic (Version: 10.2.10200.0.0)
Nero 6 Demo
Nero Control Center 10 (Version: 10.6.12500.0.5)
Nero ControlCenter 10 Help (CHM) (Version: 10.2.10800)
Nero Core Components 10 (Version: 2.0.19800.9.10)
Nero Update (Version: 11.0.11500.28.0)
Penguins! (Version: 2.2.0.95)
PhotoShowExpress (Version: 2.0.063)
Picasa 3 (Version: 3.0)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Quickset64 (Version: 10.09.25)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek Ethernet Controller Driver (Version: 7.45.516.2011)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30126)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Samantha Swift (Version: 2.2.0.95)
Shipra's Dictionary 1.0
Skype Toolbars (Version: 1.0.4051)
Skype™ 5.10 (Version: 5.10.116)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Steam (Version: 1.0.0.0)
SugarSync Manager (Version: 1.9.73.95730)
SweetIM for Messenger 3.7 (Version: 3.7.0005)
SyncUP (Version: 1.8.21200.33.104)
SyncUP (Version: 10.2.13500)
TelevisionFanatic Toolbar
The KMPlayer (remove only)
TuneUp Utilities 2012 (Version: 12.0.3600.104)
TuneUp Utilities Language Pack (en-US) (Version: 12.0.3600.104)
Update for 2007 Microsoft Office System (KB967642)
Update Installer for WildTangent Games App
Update Manager for SweetPacks 1.1 (Version: 1.1.0008)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Wedding Dash - Ready, Aim, Love! (Version: 2.2.0.95)
WIDCOMM Bluetooth Software (Version: 6.3.0.7600)
WildTangent Games (Version: 1.0.2.5)
WildTangent Games App (Dell Games) (Version: 4.0.5.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR archiver
wxDfast (Version: )
WxDFast Updater
wxDownload (Version: )
WxDownload 1.66
wxDownload Fast 0.6.0
Yahoo! Software Update
Yahoo! Toolbar
Youtube Downloader 3.8 (20101109)
Zinio Reader 4 (Version: 4.2.4164)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 84%
Total physical RAM: 1956.27 MB
Available physical RAM: 308.03 MB
Total Pagefile: 3912.55 MB
Available Pagefile: 1734.98 MB
Total Virtual: 4095.88 MB
Available Virtual: 3985.83 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:146.62 GB) (Free:115.26 GB) NTFS
3 Drive e: (New Volume) (Fixed) (Total:136.72 GB) (Free:126.35 GB) NTFS

========================= Users: ========================================

User accounts for \\DELL-PC

Administrator DELL Guest


**** End of log ****

#6 shaileshsgaur

shaileshsgaur
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 14 December 2012 - 09:53 AM

Maleware Byte installation is throwing exception

CoCreateInstance failed; cot regiseredde 0x80040154
Class no

Maleware Byte installation is throwing exception

CoCreateInstance failed; code 0x80040154
Class not regisered

#7 robocop321

robocop321

  • Members
  • 114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:20 PM

Posted 14 December 2012 - 09:57 AM

Try malware bytes in safe-mode and then post the log here

#8 shaileshsgaur

shaileshsgaur
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 14 December 2012 - 10:21 AM

Sorry but didn't work in safe mode too

#9 robocop321

robocop321

  • Members
  • 114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:20 PM

Posted 14 December 2012 - 10:29 AM

ok nevermind about malware bytes.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

=============================================================================

Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.


Next...

Double click on adwcleaner.exe to run the tool.
Click on Uninstall.
Confirm with yes.

====================================================================================================================

Update Adobe Flash Player: http://get.adobe.com/flashplayer/
Make sure you UN-check Yes, install McAfee Security Scan Plus

NOTE 1: Beginning with Adobe Flash Version 11.3, the universal installer includes the 32-bit and 64-bit versions of the Flash Player.
NOTE 2: While installing make sure you UN-check any extra garbage which wants to install alongside.

=============================

Update Adobe Reader

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions (if present).
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Alternatively, you can uninstall Adobe Reader (33.5 MB), download and install Foxit PDF Reader(3.5MB) from HERE.
It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or any other garbage.

===========================

1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it.
Run JavaRa.exe (Vista and 7 users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.
Do NOT post JavaRa log.


=============================================================================

Please run a free online scan with the ESET Online Scanner

Disable your antivirus program
Tick the box next to YES, I accept the Terms of Use
Click Start
Accept any security warnings from your browser.
Check Scan archives
Click Start
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click on List of found threats
Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
NOTE. If Eset doesn't find any threats it'll NOT produce any log.

#10 shaileshsgaur

shaileshsgaur
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 14 December 2012 - 11:52 AM

# AdwCleaner v2.100 - Logfile created 12/14/2012 at 22:11:18
# Updated 09/12/2012 by Xplode
# Operating system : Windows 7 Home Basic Service Pack 1 (64 bits)
# User : DELL - DELL-PC
# Boot Mode : Normal
# Running from : C:\Users\DELL\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Conduit
Deleted on reboot : C:\Program Files (x86)\DVDVideoSoftTB
Deleted on reboot : C:\Program Files (x86)\SweetIM
Deleted on reboot : C:\ProgramData\Babylon
Deleted on reboot : C:\ProgramData\InstallMate
Deleted on reboot : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wxDfast
Deleted on reboot : C:\ProgramData\Premium
Deleted on reboot : C:\ProgramData\SweetIM
Deleted on reboot : C:\ProgramData\wxDfast
Deleted on reboot : C:\Users\DELL\AppData\Local\Babylon
Deleted on reboot : C:\Users\DELL\AppData\Local\Conduit
Deleted on reboot : C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Deleted on reboot : C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Deleted on reboot : C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo
Deleted on reboot : C:\Users\DELL\AppData\Local\Temp\CT2269050
Deleted on reboot : C:\Users\DELL\AppData\LocalLow\Conduit
Deleted on reboot : C:\Users\DELL\AppData\LocalLow\DVDVideoSoftTB
Deleted on reboot : C:\Users\DELL\AppData\LocalLow\PriceGong
Deleted on reboot : C:\Users\DELL\AppData\LocalLow\wxDfast
Deleted on reboot : C:\Users\DELL\AppData\Roaming\Babylon
Deleted on reboot : C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\9z7i9sbu.default\CT2269050
Deleted on reboot : C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\9z7i9sbu.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Deleted on reboot : C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\9z7i9sbu.default\Smartbar
Deleted on reboot : C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\9z7i9sbu.default\SweetPacksToolbarData
Deleted on reboot : C:\Users\DELL\AppData\Roaming\OpenCandy
File Deleted : C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\9z7i9sbu.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Deleted : C:\Users\Public\Desktop\eBay.lnk

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\incredibar.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho
Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho.1.0
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DVDVideoSoftTB
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Deleted : HKLM\Software\SweetIM
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20E65262-FBA3-49AD-8526-20203455E780}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0666062-096F-40C8-A1F7-C32E986C522F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4F4C5E11-0612-48D2-8055-987992AAC432}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16450

Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={07742D38-FF30-11E1-9628-9439E5D594FC} --> hxxp://www.google.com

-\\ Mozilla Firefox v5.0 (en-US)

Profile name : default
File : C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\9z7i9sbu.default\prefs.js

Deleted : user_pref("CT2269050.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2269050.FirstTime", "true");
Deleted : user_pref("CT2269050.FirstTimeFF3", "true");
Deleted : user_pref("CT2269050.UserID", "UN49147764359904618");
Deleted : user_pref("CT2269050.autoDisableScopes", -1);
Deleted : user_pref("CT2269050.embeddedsData", "[]");
Deleted : user_pref("CT2269050.fixUrls", true);
Deleted : user_pref("CT2269050.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2269050.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT2269050.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.mywebsear[...]
Deleted : user_pref("CT2269050.openThankYouPage", "FALSE");
Deleted : user_pref("CT2269050.openUninstallPage", "FALSE");
Deleted : user_pref("CT2269050.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2269050.serviceLayer_services_serviceMap_lastUpdate", "1347979265407");
Deleted : user_pref("CT2269050.settingsINI", true);
Deleted : user_pref("CT2269050.shouldFirstTimeDialog", "FALSE");
Deleted : user_pref("CT2269050.smartbar.CTID", "CT2269050");
Deleted : user_pref("CT2269050.smartbar.Uninstall", "0");
Deleted : user_pref("CT2269050.smartbar.toolbarName", "DVDVideoSoftTB ");
Deleted : user_pref("CT2269050.toolbarBornServerTime", "15-09-2012");
Deleted : user_pref("CT2269050.toolbarCurrentServerTime", "15-09-2012");
Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Deleted : user_pref("aol_toolbar.default.search.check", false);
Deleted : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=112465&tt=120912_pcp_3712_8&babsrc[...]
Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "Yahoo");
Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://in.search.yahoo.com/search?ei=UTF-8&fr=ytff-&[...]
Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "Yahoo");
Deleted : user_pref("extensions.toolbar.mindspark._64Members_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Deleted : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=E2BAB560[...]
Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
Deleted : user_pref("sweetim.toolbar.Visibility.enable", "true");
Deleted : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Deleted : user_pref("sweetim.toolbar.cargo", "3.1010000.10002");
Deleted : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Deleted : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Deleted : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...]
Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff_1_6.ht[...]
Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...]
Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...]
Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Deleted : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Deleted : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...]
Deleted : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Deleted : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Deleted : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Deleted : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...]
Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Search the web (Babylon)");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Search the web (Babylon)");
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://search.babylon.com/?affID=112[...]
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q=");
Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "true");
Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Deleted : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Deleted : user_pref("sweetim.toolbar.scripts.2.callback", "");
Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...]
Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Deleted : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Deleted : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Deleted : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Deleted : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...]
Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false");
Deleted : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Deleted : user_pref("sweetim.toolbar.simapp_id", "{07742D38-FF30-11E1-9628-9439E5D594FC}");
Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={0774[...]
Deleted : user_pref("sweetim.toolbar.version", "1.6.0.3");

-\\ Google Chrome v21.0.1180.89

File : C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [16550 octets] - [14/12/2012 22:11:18]

########## EOF - C:\AdwCleaner[S1].txt - [16611 octets] ##########

#11 robocop321

robocop321

  • Members
  • 114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:20 PM

Posted 14 December 2012 - 12:35 PM

Wheres the Eset Online Scanner Log? Have you finished running it? Did it not find any threats?

Next run Superantisypware (SAS):

Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
    For instructions with screenshots, please refer to the How to use SUPERAntiSpyware to scan and remove malware from your computer Guide.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the Control Center screen.
  • Back on the main screen, under "Select Scan Type" check the box for Complete Scan.
  • If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY).
  • Click the Scan your computer... button.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
  • Click the View Scan Logs button at the bottom.
  • This will open the Scanner Logs Window.
  • Click on the log to highlight it and then click on View Selected Log to open it.
  • Copy and paste the scan log results in your next reply.
-- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.



=================================================================================================================

I Understand your MalwareBytes was not working before but it should work after using SUPERAntiSpyware


Next reinstall MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

Edited by robocop321, 14 December 2012 - 01:31 PM.


#12 shaileshsgaur

shaileshsgaur
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 14 December 2012 - 10:13 PM

Sorry but Superantisypware (SAS) too didnt install. It is aborting stating unable to create shortcut. Aborting installation. Please let us know what the problem is. NOTE: I have tried Safe mode too and same issue happens.

#13 shaileshsgaur

shaileshsgaur
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 14 December 2012 - 10:16 PM

I have run ESET online scanner and not virus was reported

#14 robocop321

robocop321

  • Members
  • 114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:20 PM

Posted 15 December 2012 - 12:50 PM

Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

You can also download Chamelon from HERE

#15 robocop321

robocop321

  • Members
  • 114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:20 PM

Posted 17 December 2012 - 10:57 AM

It is possible that You have a virus which is blocking you from installing known antivirus software. I do not know yet what would be causing this but go ahead and try Chameleon.

Edited by robocop321, 17 December 2012 - 12:52 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users