Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I Infected?: Cannot Update Windows & Firewall Not Working (Error 0x6D9)


  • Please log in to reply
10 replies to this topic

#1 leothefox

leothefox

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:58 AM

Posted 07 December 2013 - 06:15 PM

Hi, I originally posted this in the standard 'Windows 7 Help' section and was advised to post it here, so sorry for duplicate topics.
I have previously run virus detection software and it does not appear to have fixed any of these problems, but I will, of course, happily try again if it is deemed the best option with recommended software.
 
I was advised to include the following information...
PC Model: Acer Aspire M3910
Operating System: Windows 7 Home Premium 64-bit
I have also attached a transcript of the DxDiag Diagnostic readout in the hope that it will help.
 
Problems: I cannot run Windows Updater or switch on Windows Firewall. On a possibly related note, Windows .NET framework refuses to install or work properly on my PC. I understand these are common issues with Malware infection.
 
Windows Updater: When I attempt to check for updates the updater simply says that the "service is not running" I have been unable to turn the service on by any method I have tried. Whenever I run the inbuilt troubleshooter and recommended Microsoft Fixit files, they merely say they have either fixed the problem or not detected the problem. Sadly, this isn't the case as the problem has not been resolved at all. When I ran the troubleshooter recently, it provided a report which I have attached as a .pdf in the hope it may help lead to a solution.
 
Windows Firewall: The Firewall says is is 'Not running reccommended settings' and will not restore those recommended settings if I ever click the button to 'fix' the issue. If I open 'Windows Firewall with Advanced Security' the program merely states "there was an error opening the Windows Firewall with Advanced Security snap-in. The Windows Firewall with advanced security snap-in failed to load. Restart the Windows Firewall service on the computer you are managing. Error Code: 0x6D9
 
I have seen that these issues have been solved on this forum before without system resets and hope such a solution is possible for my computer.
Thanks for your time,
Joel.

 

Attached File  ERROR REPORT.pdf   32.26KB   3 downloads

Edited by leothefox, 07 December 2013 - 06:17 PM.


BC AdBot (Login to Remove)

 


#2 leothefox

leothefox
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:58 AM

Posted 07 December 2013 - 06:18 PM

Sorry, here's the DxDiag readout - I forgot to attach it like an idiot.

 

------------------
System Information
------------------
Time of this report: 12/7/2013, 23:08:17
       Machine name: SQUEAKIE-ACER
   Operating System: Windows 7 Home Premium 64-bit (6.1, Build 7601) Service Pack 1 (7601.win7sp1_gdr.120503-2030)
           Language: English (Regional Setting: English)
System Manufacturer: Acer
       System Model: Aspire M3910
               BIOS: Default System BIOS
          Processor: Intel® Core™ i3 CPU         550  @ 3.20GHz (4 CPUs), ~3.2GHz
             Memory: 3072MB RAM
Available OS Memory: 3000MB RAM
          Page File: 2765MB used, 3231MB available
        Windows Dir: C:\Windows
    DirectX Version: DirectX 11
DX Setup Parameters: Not found
   User DPI Setting: Using System DPI
 System DPI Setting: 96 DPI (100 percent)
    DWM DPI Scaling: Disabled
     DxDiag Version: 6.01.7601.17514 32bit Unicode

------------
DxDiag Notes
------------
      Display Tab 1: No problems found.
        Sound Tab 1: No problems found.
        Sound Tab 2: No problems found.
        Sound Tab 3: No problems found.
          Input Tab: No problems found.

--------------------
DirectX Debug Levels
--------------------
Direct3D:    0/4 (retail)
DirectDraw:  0/4 (retail)
DirectInput: 0/5 (retail)
DirectMusic: 0/5 (retail)
DirectPlay:  0/9 (retail)
DirectSound: 0/5 (retail)
DirectShow:  0/6 (retail)

---------------
Display Devices
---------------
          Card name: Intel® HD Graphics
       Manufacturer: Intel Corporation
          Chip type: Intel® HD Graphics (Core i3)
           DAC type: Internal
         Device Key: Enum\PCI\VEN_8086&DEV_0042&SUBSYS_04271025&REV_18
     Display Memory: 1307 MB
   Dedicated Memory: 64 MB
      Shared Memory: 1243 MB
       Current Mode: 1920 x 1080 (32 bit) (60Hz)
       Monitor Name: Generic PnP Monitor
      Monitor Model: W2246
         Monitor Id: GSM5783
        Native Mode: 1920 x 1080(p) (60.000Hz)
        Output Type: HD15
        Driver Name: igdumd64.dll,igd10umd64.dll,igdumdx32,igd10umd32
Driver File Version: 8.15.0010.2827 (English)
     Driver Version: 8.15.10.2827
        DDI Version: 10
       Driver Model: WDDM 1.1
  Driver Attributes: Final Retail
   Driver Date/Size: 8/9/2012 14:21:16, 8314368 bytes
        WHQL Logo'd: n/a
    WHQL Date Stamp: n/a
  Device Identifier: {D7B78E66-4302-11CF-9E78-2D24B8C2C535}
          Vendor ID: 0x8086
          Device ID: 0x0042
          SubSys ID: 0x04271025
        Revision ID: 0x0018
 Driver Strong Name: oem19.inf:IntelGfx.NTamd64.6.0:iILKD0:8.15.10.2827:pci\ven_8086&dev_0042
     Rank Of Driver: 00E62001
        Video Accel: ModeMPEG2_A ModeMPEG2_C ModeWMV9_B ModeWMV9_C ModeVC1_B ModeVC1_C
   Deinterlace Caps: {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
                     {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
                     {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
                     {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
                     {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
                     {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
                     {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
                     {BF752EF6-8CC4-457A-BE1B-08BD1CAEEE9F}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_EdgeFiltering
                     {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend DeinterlaceTech_BOBVerticalStretch
                     {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY VideoProcess_AlphaBlend
       D3D9 Overlay: Supported
            DXVA-HD: Supported
       DDraw Status: Enabled
         D3D Status: Enabled
         AGP Status: Enabled

-------------
Sound Devices
-------------
            Description: Speakers (Realtek High Definition Audio)
 Default Sound Playback: Yes
 Default Voice Playback: Yes
            Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0662&SUBSYS_10250427&REV_1001
        Manufacturer ID: 1
             Product ID: 100
                   Type: WDM
            Driver Name: RTKVHD64.sys
         Driver Version: 6.00.0001.5995 (English)
      Driver Attributes: Final Retail
            WHQL Logo'd: n/a
          Date and Size: 2/24/2010 11:25:08, 2217504 bytes
            Other Files:
        Driver Provider: Realtek Semiconductor Corp.
         HW Accel Level: Basic
              Cap Flags: 0x0
    Min/Max Sample Rate: 0, 0
Static/Strm HW Mix Bufs: 0, 0
 Static/Strm HW 3D Bufs: 0, 0
              HW Memory: 0
       Voice Management: No
 EAX™ 2.0 Listen/Src: No, No
   I3DL2™ Listen/Src: No, No
Sensaura™ ZoomFX™: No

            Description: Realtek Digital Output (Realtek High Definition Audio)
 Default Sound Playback: No
 Default Voice Playback: No
            Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0662&SUBSYS_10250427&REV_1001
        Manufacturer ID: 1
             Product ID: 100
                   Type: WDM
            Driver Name: RTKVHD64.sys
         Driver Version: 6.00.0001.5995 (English)
      Driver Attributes: Final Retail
            WHQL Logo'd: n/a
          Date and Size: 2/24/2010 11:25:08, 2217504 bytes
            Other Files:
        Driver Provider: Realtek Semiconductor Corp.
         HW Accel Level: Basic
              Cap Flags: 0x0
    Min/Max Sample Rate: 0, 0
Static/Strm HW Mix Bufs: 0, 0
 Static/Strm HW 3D Bufs: 0, 0
              HW Memory: 0
       Voice Management: No
 EAX™ 2.0 Listen/Src: No, No
   I3DL2™ Listen/Src: No, No
Sensaura™ ZoomFX™: No

            Description: Headset Earphone (2- Microsoft LifeChat LX-3000 )
 Default Sound Playback: No
 Default Voice Playback: No
            Hardware ID: USB\VID_045E&PID_070F&REV_0100&MI_00
        Manufacturer ID: 65535
             Product ID: 65535
                   Type: WDM
            Driver Name: USBAUDIO.sys
         Driver Version: 6.01.7601.17514 (English)
      Driver Attributes: Final Retail
            WHQL Logo'd: n/a
          Date and Size: 11/20/2010 10:43:52, 109696 bytes
            Other Files:
        Driver Provider: Microsoft
         HW Accel Level: Basic
              Cap Flags: 0x0
    Min/Max Sample Rate: 0, 0
Static/Strm HW Mix Bufs: 0, 0
 Static/Strm HW 3D Bufs: 0, 0
              HW Memory: 0
       Voice Management: No
 EAX™ 2.0 Listen/Src: No, No
   I3DL2™ Listen/Src: No, No
Sensaura™ ZoomFX™: No

---------------------
Sound Capture Devices
---------------------
            Description: Headset Microphone (2- Microsoft LifeChat LX-3000 )
  Default Sound Capture: Yes
  Default Voice Capture: Yes
            Driver Name: USBAUDIO.sys
         Driver Version: 6.01.7601.17514 (English)
      Driver Attributes: Final Retail
          Date and Size: 11/20/2010 10:43:52, 109696 bytes
              Cap Flags: 0x0
           Format Flags: 0x0

-------------------
DirectInput Devices
-------------------
      Device Name: Mouse
         Attached: 1
    Controller ID: n/a
Vendor/Product ID: n/a
        FF Driver: n/a

      Device Name: Keyboard
         Attached: 1
    Controller ID: n/a
Vendor/Product ID: n/a
        FF Driver: n/a

      Device Name: Microsoft LifeChat LX-3000
         Attached: 1
    Controller ID: 0x0
Vendor/Product ID: 0x045E, 0x070F
        FF Driver: n/a

      Device Name: USB Wireless HID Receiver
         Attached: 1
    Controller ID: 0x0
Vendor/Product ID: 0x04F2, 0x0618
        FF Driver: n/a

      Device Name: USB Wireless HID Receiver
         Attached: 1
    Controller ID: 0x0
Vendor/Product ID: 0x04F2, 0x0618
        FF Driver: n/a

      Device Name: USB Wireless HID Receiver
         Attached: 1
    Controller ID: 0x0
Vendor/Product ID: 0x04F2, 0x0618
        FF Driver: n/a

Poll w/ Interrupt: No

-----------
USB Devices
-----------
+ USB Root Hub
| Vendor/Product ID: 0x8086, 0x3B34
| Matching Device ID: usb\root_hub20
| Service: usbhub
|
+-+ Generic USB Hub
| | Vendor/Product ID: 0x8087, 0x0020
| | Location: Port_#0001.Hub_#0002
| | Matching Device ID: usb\class_09
| | Service: usbhub

----------------
Gameport Devices
----------------

------------
PS/2 Devices
------------
+ HID Keyboard Device
| Vendor/Product ID: 0x04F2, 0x0618
| Matching Device ID: hid_device_system_keyboard
| Service: kbdhid
|
+ Terminal Server Keyboard Driver
| Matching Device ID: root\rdp_kbd
| Upper Filters: kbdclass
| Service: TermDD
|
+
| Vendor/Product ID: 0x04F2, 0x0618
| Matching Device ID: hid_device_system_mouse
| Service: mouhid
|
+ Terminal Server Mouse Driver
| Matching Device ID: root\rdp_mou
| Upper Filters: mouclass
| Service: TermDD

------------------------
Disk & DVD/CD-ROM Drives
------------------------
      Drive: C:
 Free Space: 58.1 GB
Total Space: 297.4 GB
File System: NTFS
      Model: WDC WD6400AAKS-22A7B2

      Drive: D:
 Free Space: 297.1 GB
Total Space: 297.6 GB
File System: NTFS
      Model: WDC WD6400AAKS-22A7B2

      Drive: E:
      Model: HL-DT-ST DVDRAM GH60N
     Driver: c:\windows\system32\drivers\cdrom.sys, 6.01.7601.17514 (English), , 0 bytes

--------------
System Devices
--------------
     Name: Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B3C
Device ID: PCI\VEN_8086&DEV_3B3C&SUBSYS_04271025&REV_06\3&11583659&0&D0
   Driver: n/a

     Name: Realtek RTL8190 802.11n Wireless LAN (Mini-)PCI NIC
Device ID: PCI\VEN_10EC&DEV_8190&SUBSYS_819010EC&REV_00\4&1B3094EB&0&08F0
   Driver: n/a

     Name: Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B34
Device ID: PCI\VEN_8086&DEV_3B34&SUBSYS_04271025&REV_06\3&11583659&0&E8
   Driver: n/a

     Name: Realtek PCIe GBE Family Controller
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_80001025&REV_06\4&BB22B93&0&00E2
   Driver: n/a

     Name: Intel® 5 Series/3400 Series Chipset Family SMBus Controller - 3B30
Device ID: PCI\VEN_8086&DEV_3B30&SUBSYS_04271025&REV_06\3&11583659&0&FB
   Driver: n/a

     Name: Intel® H57 Express Chipset LPC Interface Controller - 3B08
Device ID: PCI\VEN_8086&DEV_3B08&SUBSYS_04271025&REV_06\3&11583659&0&F8
   Driver: n/a

     Name: Intel® ICH8R/ICH9R/ICH10R/DO/5 Series/3400 Series SATA RAID Controller
Device ID: PCI\VEN_8086&DEV_2822&SUBSYS_04271025&REV_06\3&11583659&0&FA
   Driver: n/a

     Name: High Definition Audio Controller
Device ID: PCI\VEN_8086&DEV_3B56&SUBSYS_04271025&REV_06\3&11583659&0&D8
   Driver: n/a

     Name: Intel® 82801 PCI Bridge - 244E
Device ID: PCI\VEN_8086&DEV_244E&SUBSYS_04271025&REV_A6\3&11583659&0&F0
   Driver: n/a

     Name: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 3 - 3B46
Device ID: PCI\VEN_8086&DEV_3B46&SUBSYS_04271025&REV_06\3&11583659&0&E2
   Driver: n/a

     Name: Intel® HD Graphics
Device ID: PCI\VEN_8086&DEV_0042&SUBSYS_04271025&REV_18\3&11583659&0&10
   Driver: n/a

     Name: Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 1 - 3B42
Device ID: PCI\VEN_8086&DEV_3B42&SUBSYS_04271025&REV_06\3&11583659&0&E0
   Driver: n/a

     Name: Intel® processor DRAM Controller - 0040
Device ID: PCI\VEN_8086&DEV_0040&SUBSYS_04271025&REV_18\3&11583659&0&00
   Driver: n/a

------------------
DirectShow Filters
------------------

DirectShow Filters:
WMAudio Decoder DMO,0x00800800,1,1,WMADMOD.DLL,6.01.7601.17514
WMAPro over S/PDIF DMO,0x00600800,1,1,WMADMOD.DLL,6.01.7601.17514
WMSpeech Decoder DMO,0x00600800,1,1,WMSPDMOD.DLL,6.01.7601.17514
MP3 Decoder DMO,0x00600800,1,1,mp3dmod.dll,6.01.7600.16385
Mpeg4s Decoder DMO,0x00800001,1,1,mp4sdecd.dll,6.01.7600.16385
WMV Screen decoder DMO,0x00600800,1,1,wmvsdecd.dll,6.01.7601.17514
WMVideo Decoder DMO,0x00800001,1,1,wmvdecod.dll,6.01.7601.17514
Mpeg43 Decoder DMO,0x00800001,1,1,mp43decd.dll,6.01.7600.16385
Mpeg4 Decoder DMO,0x00800001,1,1,mpg4decd.dll,6.01.7600.16385
WMT VIH2 Fix,0x00200000,1,1,WLXVAFilt.dll,15.04.3555.0308
Record Queue,0x00200000,1,1,WLXVAFilt.dll,15.04.3555.0308
WMT Switch Filter,0x00200000,1,1,WLXVAFilt.dll,15.04.3555.0308
WMT Virtual Renderer,0x00200000,1,0,WLXVAFilt.dll,15.04.3555.0308
WMT DV Extract,0x00200000,1,1,WLXVAFilt.dll,15.04.3555.0308
WMT Virtual Source,0x00200000,0,1,WLXVAFilt.dll,15.04.3555.0308
WMT Sample Information Filter,0x00200000,1,1,WLXVAFilt.dll,15.04.3555.0308
ArcSoft AAC Encoder,0x00200000,1,1,AACEncoder.ax,1.00.0000.0023
TimeShift2.0 Client Filter,0x00400000,0,1,TimeShift2.ax,1.00.0000.0007
Rogue Stream Overlay Filter,0x00200000,1,1,Overlay.dll,
DV Muxer,0x00400000,0,0,qdv.dll,6.06.7601.17514
Color Space Converter,0x00400001,1,1,quartz.dll,6.06.7601.17713
LogMeIn Video Encoder,0x00200000,1,1,racodec.ax,
WM ASF Reader,0x00400000,0,0,qasf.dll,12.00.7601.17514
ArcSoft 3GP/3G2 Muxer,0x00200000,2,0,3GPMux.ax,1.00.0000.0007
Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,12.00.7601.17514
AVI Splitter,0x00600000,1,1,quartz.dll,6.06.7601.17713
VGA 16 Color Ditherer,0x00400000,1,1,quartz.dll,6.06.7601.17713
SBE2MediaTypeProfile,0x00200000,0,0,sbe.dll,6.06.7601.17528
Arcsoft PutDataSample Filter 1.0,0x00200000,1,1,ArcPutDataSample.ax,1.00.0000.0005
Microsoft DTV-DVD Video Decoder,0x005fffff,2,4,msmpeg2vdec.dll,6.01.7140.0000
ArcSoft RealMedia Splitter,0x00600000,1,1,RealMediaSplitter.ax,1.00.0000.0005
AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.06.7601.17528
ArcSoft Realtime Mplex Filter,0x00200000,2,1,ArcMplexFilter.ax,2.04.0001.0039
Arcsoft Mpeg MPlex Filter,0x00200000,2,0,MplexFilter.ax,1.00.0000.0005
Arcsoft Source Buffer Filter,0x00200000,2,0,SrcBuffer.ax,2.01.0000.0018
StreamBufferSink,0x00200000,0,0,sbe.dll,6.06.7601.17528
MJPEG Decompressor,0x00600000,1,1,quartz.dll,6.06.7601.17713
MPEG-I Stream Splitter,0x00600000,1,2,quartz.dll,6.06.7601.17713
ArcSoft Avi Writer Filter,0x00200000,2,0,uAviWriter.ax,1.00.0001.0025
ArcSoft Mpeg Encoder Filter,0x00200000,2,0,ArcMpegCodec.ax,2.05.0001.0013
SAMI (CC) Parser,0x00400000,1,1,quartz.dll,6.06.7601.17713
VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7601.17514
MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.06.7601.17528
ArcSoft RealMedia Video Decoder,0x00600000,1,1,RealVideoDecoder.ax,1.00.0000.0005
Closed Captions Analysis Filter,0x00200000,2,5,cca.dll,6.06.7601.17514
SBE2FileScan,0x00200000,0,0,sbe.dll,6.06.7601.17528
Render Dib New,0x00200000,1,1,ezrgb24.ax,1.00.0000.0000
Microsoft MPEG-2 Video Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7601.17514
LogMeIn Video Decoder,0x00800000,1,1,racodec.ax,
Canon MDP Motion-JPEG Decoder,0x00200000,1,1,CanonMDPMJPEGDecoder.ax,3.03.0000.0006
Arcsoft GetDataSample Filter 1.0,0x00200000,1,1,ArcGetDataSample.ax,1.00.0000.0008
ArcSoft MPEG Audio Decoder,0x00600000,1,1,mpgaudio.ax,2.04.0002.0016
Canon Motion-JPEG Encoder,0x00200000,1,1,CanonMJPEGEncoder.ax,3.02.0000.0004
Internal Script Command Renderer,0x00800001,1,0,quartz.dll,6.06.7601.17713
MPEG Audio Decoder,0x03680001,1,1,quartz.dll,6.06.7601.17713
ArcSoft AMR/AAC Reader,0x00600000,0,1,AMRAACReader.ax,1.00.0000.0005
Canon Mov File Parser Filter,0x00600001,1,1,CanonH264Filter.ax,1.08.0000.0007
DV Splitter,0x00600000,1,2,qdv.dll,6.06.7601.17514
ArcSoft QCELP 13K Encoder,0x00200000,1,1,QCELPEncoder.ax,1.00.0000.0003
Video Mixing Renderer 9,0x00200000,1,0,quartz.dll,6.06.7601.17713
ArcSoft QCELP Decoder,0x00600000,1,1,QCELPDecoder.ax,1.00.0000.0002
ArcSoft MPEG4 Encoder,0x00200000,1,1,uMP4Encoder.ax,1.00.0000.0026
Arcsoft LPCM Decoder,0x00600000,1,1,lpcmdec.ax,2.04.0000.0002
TimeShift2.0 Server Filter,0x00200000,1,0,TimeShift2.ax,1.00.0000.0007
Microsoft MPEG-2 Encoder,0x00200000,2,1,msmpeg2enc.dll,6.01.7601.17514
XviD MPEG-4 Video Decoder,0x00800000,1,1,xvid.ax,
ACM Wrapper,0x00600000,1,1,quartz.dll,6.06.7601.17713
Video Renderer,0x00800001,1,0,quartz.dll,6.06.7601.17713
ArcSoft File Dump,0x00200000,1,0,FileDump.ax,2.00.0000.0011
MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.06.7601.17528
Line 21 Decoder,0x00600000,1,1,qdvd.dll,6.06.7601.17713
ArcSoft Deinterlace,0x00200000,1,1,deinterlace.ax,1.00.0001.0007
Video Port Manager,0x00600000,2,1,quartz.dll,6.06.7601.17713
Video Renderer,0x00400000,1,0,quartz.dll,6.06.7601.17713
File Writer,0x00200000,1,0,WLXVAFilt.dll,15.04.3555.0308
ArcSoft VideoEffect Filter,0x00200000,1,1,ArcVideoEffect.ax,1.00.0000.0009
VPS Decoder,0x00200000,0,0,WSTPager.ax,6.06.7601.17514
WM ASF Writer,0x00400000,0,0,qasf.dll,12.00.7601.17514
Canon Custom Resizer SaveMode,0x00200000,1,1,CanonDESResizer.ax,3.02.0000.0009
VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,6.01.7601.17514
Canon Text Source Filter,0x00200000,0,1,CanonTextSourceFilter.ax,3.02.0000.0013
File writer,0x00200000,1,0,qcap.dll,6.06.7601.17514
Canon Image Rotation Filter,0x00200000,1,1,CanonRotateFilter.dll,1.07.0001.0027
iTV Data Sink,0x00600000,1,0,itvdata.dll,6.06.7601.17514
iTV Data Capture filter,0x00600000,1,1,itvdata.dll,6.06.7601.17514
Arcsoft DV Transition,0x00200000,1,1,DVTransition.ax,2.01.0000.0004
Canon Motion-JPEG Decoder,0x00200001,1,1,CanonMJPEGDecoder.ax,3.02.0000.0006
ArcSoft AAC Decoder,0x09900000,1,1,AACDecode.ax,1.00.0000.0021
ArcSoft MPEG4 Decoder,0x00600000,1,1,MP4Decoder.ax,1.00.0000.0023
ArcSoft MP3 Encoder,0x00100000,2,1,ArcMP3enc.ax,1.00.0000.0002
ArcSoft RealMedia Audio Decoder,0x00600000,1,1,RealAudioDecoder.ax,1.00.0000.0005
ArcSoft H.264 Encoder,0x00200000,1,1,H264Encoder.ax,1.01.0000.0000
DVD Navigator,0x00200000,0,3,qdvd.dll,6.06.7601.17713
Canon Mov File Parser Filter2,0x00600001,0,1,CanonH264Filter.ax,1.08.0000.0007
Overlay Mixer2,0x00200000,1,1,qdvd.dll,6.06.7601.17713
ArcSoft H263 Encoder,0x00200000,1,1,H263Encoder.ax,1.00.0001.0001
AVI Draw,0x00600064,9,1,quartz.dll,6.06.7601.17713
RDP DShow Redirection Filter,0xffffffff,1,0,DShowRdpFilter.dll,
Microsoft MPEG-2 Audio Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7601.17514
WST Pager,0x00200000,1,1,WSTPager.ax,6.06.7601.17514
MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.06.7601.17528
DV Video Decoder,0x00800000,1,1,qdv.dll,6.06.7601.17514
Canon Actual Data Length Setter,0x00200000,1,1,CanonActualDataLengthSetter.ax,3.02.0000.0005
Canon H.264 Decode Filter,0x00600001,1,1,CanonH264Filter.ax,1.08.0000.0007
ArcSoft Video Decoder,0x00600000,2,3,uASViD.ax,1.08.0000.0001
ArcSoft Realtime Capture Encoder Filter,0x00200000,2,0,ArcCaptureEncoder.ax,2.05.0001.0022
SampleGrabber,0x00200000,1,1,qedit.dll,6.06.7601.17514
Null Renderer,0x00200000,1,0,qedit.dll,6.06.7601.17514
Arcsoft WMV/ASF Splitter,0x00200000,1,0,ArcWmvSpl.ax,1.00.0000.0010
ArcSoft H.264 Splitter,0x00400000,2,1,H264Splitter.ax,1.00.0000.0004
MPEG-2 Sections and Tables,0x005fffff,1,0,Mpeg2Data.ax,6.06.7601.17514
Microsoft AC3 Encoder,0x00200000,1,1,msac3enc.dll,6.01.7601.17514
Arcsoft Mpeg2Audio Encoder,0x00200000,1,1,Mpeg2AudioEncoder.ax,1.00.0000.0008
Canon H.264 Encoder 1.6.0,0x00200001,1,1,CanonH264Encoder.ax,1.06.0000.0001
StreamBufferSource,0x00200000,0,0,sbe.dll,6.06.7601.17528
Smart Tee,0x00200000,1,2,qcap.dll,6.06.7601.17514
Overlay Mixer,0x00200000,0,0,qdvd.dll,6.06.7601.17713
AVI Decompressor,0x00600000,1,1,quartz.dll,6.06.7601.17713
Canon Resizer,0x00200000,1,1,CanonResizer.ax,3.02.0000.0006
AVI/WAV File Source,0x00400000,0,2,quartz.dll,6.06.7601.17713
Arcsoft Snapshot Filter 1.0,0x00200000,1,1,ArcSnap.ax,1.00.0000.0020
Wave Parser,0x00400000,1,1,quartz.dll,6.06.7601.17713
MIDI Parser,0x00400000,1,1,quartz.dll,6.06.7601.17713
Multi-file Parser,0x00400000,1,1,quartz.dll,6.06.7601.17713
File stream renderer,0x00400000,1,1,quartz.dll,6.06.7601.17713
ArcSoft MPEG Splitter,0x00400000,1,2,ArcSpl.ax,2.04.0002.0056
ArcSoft MPEG Demux,0x00400000,1,2,uArcDemux.ax,1.00.0001.0006
Arcsoft AMREncoder,0x00200000,1,1,AMREncoder.ax,1.00.0000.0024
Arcsoft AMRDecoder,0x00600000,1,1,AMRDecoder.ax,1.00.0000.0019
ArcSoft H263 Decoder,0x00600000,1,1,H263Dec.ax,1.00.0000.0021
Canon WAV Dest,0x00200000,0,0,CanonWavDest.ax,3.02.0000.0004
ArcSoft AC3 Audio Decoder,0x00800001,1,1,AC3Dec.ax,2.04.0001.0007
ArcSoft H.264 Decoder,0x00500000,1,1,H264DecFilter.ax,1.00.0001.0003
ArcSoft MP4 Muxer,0x00200000,2,0,MP4Muxer.ax,1.00.0000.0017
Microsoft DTV-DVD Audio Decoder,0x005fffff,1,1,msmpeg2adec.dll,6.01.7140.0000
StreamBufferSink2,0x00200000,0,0,sbe.dll,6.06.7601.17528
AVI Mux,0x00200000,1,0,qcap.dll,6.06.7601.17514
Line 21 Decoder 2,0x00600002,1,1,quartz.dll,6.06.7601.17713
File Source (Async.),0x00400000,0,1,quartz.dll,6.06.7601.17713
File Source (URL),0x00400000,0,1,quartz.dll,6.06.7601.17713
ArcSoft MP4 Splitter,0x00600000,0,2,mp4splitter.ax,1.00.0000.0023
ArcSoft MPEG Video Decoder,0x00600000,1,1,mpgvideo.ax,2.04.0001.0048
ArcSoft 3GP Splitter,0x00600000,0,2,3GPSplitter.ax,1.00.0000.0005
Infinite Pin Tee Filter,0x00200000,1,1,qcap.dll,6.06.7601.17514
Enhanced Video Renderer,0x00200000,1,0,evr.dll,6.01.7601.17514
BDA MPEG2 Transport Information Filter,0x00200000,2,0,psisrndr.ax,6.06.7601.17669
MPEG Video Decoder,0x40000001,1,1,quartz.dll,6.06.7601.17713
psWav Dest,0x00200000,0,0,psWavDes.ax,1.01.0000.0002

WDM Streaming Tee/Splitter Devices:
Tee/Sink-to-Sink Converter,0x00200000,1,1,ksproxy.ax,6.01.7601.17514

Video Compressors:
WMVideo8 Encoder DMO,0x00600800,1,1,wmvxencd.dll,6.01.7600.16385
WMVideo9 Encoder DMO,0x00600800,1,1,wmvencod.dll,6.01.7600.16385
MSScreen 9 encoder DMO,0x00600800,1,1,wmvsencd.dll,6.01.7600.16385
3GP/3G2 Muxer,0x00200000,0,0,3GPMux.ax,1.00.0000.0007
ArcSoft Mpeg Encode Filter,0x00200000,0,0,ArcMpegCodec.ax,2.05.0001.0013
ArcSoft Realtime Capture Encoder Filter,0x00200000,0,0,ArcCaptureEncoder.ax,2.05.0001.0022
Avi Writer Filter,0x00200000,0,0,uAviWriter.ax,1.00.0001.0025
DV Video Encoder,0x00200000,0,0,qdv.dll,6.06.7601.17514
LogMeIn Video Encoder,0x00200000,1,1,racodec.ax,
MJPEG Compressor,0x00200000,0,0,quartz.dll,6.06.7601.17713
MP4 Muxer,0x00200000,0,0,MP4Muxer.ax,1.00.0000.0017
Cinepak Codec by Radius,0x00200000,1,1,qcap.dll,6.06.7601.17514
Fraps Video Decompressor,0x00200000,1,1,qcap.dll,6.06.7601.17514
Intel IYUV codec,0x00200000,1,1,qcap.dll,6.06.7601.17514
Intel IYUV codec,0x00200000,1,1,qcap.dll,6.06.7601.17514
Microsoft RLE,0x00200000,1,1,qcap.dll,6.06.7601.17514
Microsoft Video 1,0x00200000,1,1,qcap.dll,6.06.7601.17514
VP60® Simple Profile ,0x00200000,1,1,qcap.dll,6.06.7601.17514
VP61® Advanced Profile,0x00200000,1,1,qcap.dll,6.06.7601.17514
XviD MPEG-4 Codec,0x00200000,1,1,qcap.dll,6.06.7601.17514

Audio Compressors:
WM Speech Encoder DMO,0x00600800,1,1,WMSPDMOE.DLL,6.01.7600.16385
WMAudio Encoder DMO,0x00600800,1,1,WMADMOE.DLL,6.01.7600.16385
IMA ADPCM,0x00200000,1,1,quartz.dll,6.06.7601.17713
PCM,0x00200000,1,1,quartz.dll,6.06.7601.17713
Microsoft ADPCM,0x00200000,1,1,quartz.dll,6.06.7601.17713
GSM 6.10,0x00200000,1,1,quartz.dll,6.06.7601.17713
Messenger Audio Codec,0x00200000,1,1,quartz.dll,6.06.7601.17713
CCITT A-Law,0x00200000,1,1,quartz.dll,6.06.7601.17713
CCITT u-Law,0x00200000,1,1,quartz.dll,6.06.7601.17713
MPEG Layer-3,0x00200000,1,1,quartz.dll,6.06.7601.17713

Audio Capture Sources:
Headset Microphone (2- Microsof,0x00200000,0,0,qcap.dll,6.06.7601.17514

PBDA CP Filters:
PBDA DTFilter,0x00600000,1,1,CPFilters.dll,6.06.7601.17528
PBDA ETFilter,0x00200000,0,0,CPFilters.dll,6.06.7601.17528
PBDA PTFilter,0x00200000,0,0,CPFilters.dll,6.06.7601.17528

Midi Renderers:
Default MidiOut Device,0x00800000,1,0,quartz.dll,6.06.7601.17713
Microsoft GS Wavetable Synth,0x00200000,1,0,quartz.dll,6.06.7601.17713

WDM Streaming Capture Devices:
Realtek HD Audio Front Mic input,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
Realtek HD Audio Line input,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
Realtek HD Audio Mic input,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
Realtek HD Audio Stereo input,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
Microsoft LifeChat LX-3000 ,0x00200000,2,2,ksproxy.ax,6.01.7601.17514

WDM Streaming Rendering Devices:
Realtek HD Audio output,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
Realtek HDA SPDIF Out,0x00200000,1,1,ksproxy.ax,6.01.7601.17514
Microsoft LifeChat LX-3000 ,0x00200000,2,2,ksproxy.ax,6.01.7601.17514

BDA Network Providers:
Microsoft ATSC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514
Microsoft DVBC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514
Microsoft DVBS Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514
Microsoft DVBT Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7601.17514
Microsoft Network Provider,0x00200000,0,1,MSNP.ax,6.06.7601.17514

Multi-Instance Capable VBI Codecs:
VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7601.17514

BDA Transport Information Renderers:
BDA MPEG2 Transport Information Filter,0x00600000,2,0,psisrndr.ax,6.06.7601.17669
MPEG-2 Sections and Tables,0x00600000,1,0,Mpeg2Data.ax,6.06.7601.17514

BDA CP/CA Filters:
Decrypt/Tag,0x00600000,1,1,EncDec.dll,6.06.7601.17708
Encrypt/Tag,0x00200000,0,0,EncDec.dll,6.06.7601.17708
PTFilter,0x00200000,0,0,EncDec.dll,6.06.7601.17708
XDS Codec,0x00200000,0,0,EncDec.dll,6.06.7601.17708

Device Control Filters:
ArcSoft Mpeg Mplex Filter,0x00200000,0,0,ArcMplexFilter.ax,2.04.0001.0039

WDM Streaming Communication Transforms:
Tee/Sink-to-Sink Converter,0x00200000,1,1,ksproxy.ax,6.01.7601.17514

Audio Renderers:
Speakers (Realtek High Definiti,0x00200000,1,0,quartz.dll,6.06.7601.17713
Default DirectSound Device,0x00800000,1,0,quartz.dll,6.06.7601.17713
Default WaveOut Device,0x00200000,1,0,quartz.dll,6.06.7601.17713
DirectSound: Headset Earphone (2- Microsoft LifeChat LX-3000 ),0x00200000,1,0,quartz.dll,6.06.7601.17713
DirectSound: Realtek Digital Output (Realtek High Definition Audio),0x00200000,1,0,quartz.dll,6.06.7601.17713
DirectSound: Speakers (Realtek High Definition Audio),0x00200000,1,0,quartz.dll,6.06.7601.17713
Headset Earphone (2- Microsoft ,0x00200000,1,0,quartz.dll,6.06.7601.17713
Realtek Digital Output (Realtek,0x00200000,1,0,quartz.dll,6.06.7601.17713

---------------
EVR Power Information
---------------
Current Setting: {5C67A112-A4C9-483F-B4A7-1D473BECAFDC} (Quality)
  Quality Flags: 2576
    Enabled:
    Force throttling
    Allow half deinterlace
    Allow scaling
    Decode Power Usage: 100
  Balanced Flags: 1424
    Enabled:
    Force throttling
    Allow batching
    Force half deinterlace
    Force scaling
    Decode Power Usage: 50
  PowerFlags: 1424
    Enabled:
    Force throttling
    Allow batching
    Force half deinterlace
    Force scaling
    Decode Power Usage: 0
 



#3 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:58 PM

Posted 07 December 2013 - 08:37 PM

Welcome aboard p22002758.gif

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size

Click Go and post the result.

p22002970.gif Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

p22002970.gifDownload Malwarebytes Anti-Rootkit from HERE to your Desktop.
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • DO NOT click on the Cleanup button. Simply exit the program.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt


p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#4 leothefox

leothefox
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:58 AM

Posted 08 December 2013 - 06:39 AM

Have just completed the 'MalwareBytes' scan and removal stage, and am about to restart my computer. Posting the log of that stage and all those before it now before I restart, just in case something goes horribly wrong in the restart. I shall post the results of the final few stages in a little while if the restart all goes smoothly. I think I'm going to have to post the logs in individual posts. Sorry about that.

Checkup.txt log

Results of screen317's Security Check version 0.99.77 

 Windows 7 Service Pack 1 x64 (UAC is enabled) 

 Internet Explorer 11 

``````````````Antivirus/Firewall Check:``````````````

 Windows Security Center service is not running! This report may not be accurate!

avast! Antivirus  

 Antivirus up to date!  

`````````Anti-malware/Other Utilities Check:`````````

 Java 7 Update 45 

 Adobe Flash Player 11.9.900.117 

 Adobe Reader XI 

 Mozilla Firefox (25.0.1)

````````Process Check: objlist.exe by Laurent```````` 

 Symantec Norton Online Backup NOBuAgent.exe 

 AVAST Software Avast AvastSvc.exe 

 AVAST Software Avast AvastUI.exe 

`````````````````System Health check`````````````````

 Total Fragmentation on Drive C: 0%

````````````````````End of Log``````````````````````

 

Farbar Service Scanner log

Farbar Service Scanner Version: 05-12-2013

Ran by Joel (administrator) on 08-12-2013 at 10:21:48

Running from "C:\Users\Joel\Documents\FSS"

Microsoft Windows 7 Home Premium  Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

 

Internet Services:

============

 

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo.com is accessible.

 

 

Windows Firewall:

=============

MpsSvc Service is not running. Checking service configuration:

The start type of MpsSvc service is OK.

The ImagePath of MpsSvc service is OK.

The ServiceDll of MpsSvc service is OK.

 

 

Firewall Disabled Policy:

==================

"HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" registry key does not exist.

 

 

System Restore:

============

 

System Restore Disabled Policy:

========================

 

 

Action Center:

============

 

wscsvc Service is not running. Checking service configuration:

Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.

Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.

Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.

 

Action Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A} key. The key does not exist.

 

 

Windows Update:

============

wuauserv Service is not running. Checking service configuration:

Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

 

 

Windows Autoupdate Disabled Policy:

============================

 

 

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.

Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.

Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.

 

 

Other Services:

==============

Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.

Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.

Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.

 

Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.

Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.

Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist.

Checking FirewallRules of SharedAccess: ATTENTION!=====> Unable to open "SharedAccess\Defaults\FirewallPolicy\FirewallRules" registry key. The key does not exist.

Checking FirewallRules of SharedAccess: ATTENTION!=====> Unable to open "SharedAccess\Parameters\FirewallPolicy\FirewallRules" registry key. The key does not exist.

 

 

 

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys => MD5 is legit

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll => MD5 is legit

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit

C:\Windows\System32\ipnathlp.dll => MD5 is legit

C:\Windows\System32\iphlpsvc.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

 

 

**** End of log ****



#5 leothefox

leothefox
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:58 AM

Posted 08 December 2013 - 06:41 AM

Result.txt log

MiniToolBox by Farbar  Version: 13-07-2013

Ran by Joel (administrator) on 08-12-2013 at 10:24:49

Running from "C:\Users\Joel\Documents\MiniToolbox"

Microsoft Windows 7 Home Premium  Service Pack 1 (X64)

Boot Mode: Normal

***************************************************************************

 

========================= IE Proxy Settings: ==============================

 

Proxy is not enabled.

No Proxy Server is set.

 

========================= FF Proxy Settings: ==============================

 

"network.proxy.type", 0

========================= Hosts content: =================================

 

 

 

========================= IP Configuration: ================================

 

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)

Realtek RTL8190 802.11n Wireless LAN (Mini-)PCI NIC = Wireless Network Connection (Connected)

 

 

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

 

reset

set global icmpredirects=enabled

 

 

popd

# End of IPv4 configuration

 

 

 

Windows IP Configuration

 

   Host Name . . . . . . . . . . . . : Squeakie-acer

   Primary Dns Suffix  . . . . . . . :

   Node Type . . . . . . . . . . . . : Hybrid

   IP Routing Enabled. . . . . . . . : No

   WINS Proxy Enabled. . . . . . . . : No

   System Quarantine State . . . . . : Not Restricted

 

 

Wireless LAN adapter Wireless Network Connection:

 

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Realtek RTL8190 802.11n Wireless LAN (Mini-)PCI NIC

   Physical Address. . . . . . . . . : 00-06-4F-96-E3-AD

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

   Link-local IPv6 Address . . . . . : fe80::d8a3:943:b4e5:c134%11(Preferred)

   IPv4 Address. . . . . . . . . . . : 192.168.0.8(Preferred)

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Lease Obtained. . . . . . . . . . : 08 December 2013 10:09:10

   Lease Expires . . . . . . . . . . : 09 December 2013 10:09:10

   Default Gateway . . . . . . . . . : 192.168.0.1

   DHCP Server . . . . . . . . . . . : 192.168.0.1

   DHCPv6 IAID . . . . . . . . . . . : 218105423

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-C9-FF-B2-10-78-D2-AB-01-5B

   DNS Servers . . . . . . . . . . . : 192.168.0.1

   NetBIOS over Tcpip. . . . . . . . : Enabled

 

Ethernet adapter Local Area Connection:

 

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller

   Physical Address. . . . . . . . . : 10-78-D2-AB-01-5B

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

   Link-local IPv6 Address . . . . . : fe80::2d3c:ad6e:5c3b:795%10(Preferred)

   IPv4 Address. . . . . . . . . . . : 192.168.0.7(Preferred)

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Lease Obtained. . . . . . . . . . : 08 December 2013 10:07:52

   Lease Expires . . . . . . . . . . : 09 December 2013 10:07:52

   Default Gateway . . . . . . . . . : 192.168.0.1

   DHCP Server . . . . . . . . . . . : 192.168.0.1

   DHCPv6 IAID . . . . . . . . . . . : 234890513

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-C9-FF-B2-10-78-D2-AB-01-5B

   DNS Servers . . . . . . . . . . . : 192.168.0.1

   NetBIOS over Tcpip. . . . . . . . : Enabled

 

Tunnel adapter isatap.{9DAC7E94-6698-4443-91FE-67C4694BA153}:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.{6B3903BF-A457-47E5-9A96-2FBEC8719C97}:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.{DAB71D04-19DC-4BBA-8D6F-5C88B6670B6F}:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter Teredo Tunneling Pseudo-Interface:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

Server:  www.routerlogin.com

Address:  192.168.0.1

 

Name:    google.com

Addresses:  2a00:1450:4009:804::1005

              173.194.34.164

              173.194.34.174

              173.194.34.168

              173.194.34.162

              173.194.34.165

              173.194.34.161

              173.194.34.167

              173.194.34.166

              173.194.34.160

              173.194.34.169

              173.194.34.163

 

 

Pinging google.com [173.194.34.101] with 32 bytes of data:

Reply from 173.194.34.101: bytes=32 time=33ms TTL=56

Reply from 173.194.34.101: bytes=32 time=32ms TTL=56

 

Ping statistics for 173.194.34.101:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 32ms, Maximum = 33ms, Average = 32ms

Server:  www.routerlogin.com

Address:  192.168.0.1

 

Name:    yahoo.com

Addresses:  206.190.36.45

              98.138.253.109

              98.139.183.24

 

 

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=148ms TTL=43

Reply from 98.138.253.109: bytes=32 time=150ms TTL=43

 

Ping statistics for 98.138.253.109:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 148ms, Maximum = 150ms, Average = 149ms

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================

Interface List

 11...00 06 4f 96 e3 ad ......Realtek RTL8190 802.11n Wireless LAN (Mini-)PCI NIC

 10...10 78 d2 ab 01 5b ......Realtek PCIe GBE Family Controller

  1...........................Software Loopback Interface 1

 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter

 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2

 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3

 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

===========================================================================

 

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.7     20

          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.8     25

        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306

        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306

  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306

      192.168.0.0    255.255.255.0         On-link       192.168.0.7    276

      192.168.0.0    255.255.255.0         On-link       192.168.0.8    281

      192.168.0.7  255.255.255.255         On-link       192.168.0.7    276

      192.168.0.8  255.255.255.255         On-link       192.168.0.8    281

    192.168.0.255  255.255.255.255         On-link       192.168.0.7    276

    192.168.0.255  255.255.255.255         On-link       192.168.0.8    281

        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306

        224.0.0.0        240.0.0.0         On-link       192.168.0.7    276

        224.0.0.0        240.0.0.0         On-link       192.168.0.8    281

  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306

  255.255.255.255  255.255.255.255         On-link       192.168.0.7    276

  255.255.255.255  255.255.255.255         On-link       192.168.0.8    281

===========================================================================

Persistent Routes:

  None

 

IPv6 Route Table

===========================================================================

Active Routes:

 If Metric Network Destination      Gateway

  1    306 ::1/128                  On-link

 10    276 fe80::/64                On-link

 11    281 fe80::/64                On-link

 10    276 fe80::2d3c:ad6e:5c3b:795/128

                                    On-link

 11    281 fe80::d8a3:943:b4e5:c134/128

                                    On-link

  1    306 ff00::/8                 On-link

 10    276 ff00::/8                 On-link

 11    281 ff00::/8                 On-link

===========================================================================

Persistent Routes:

 If Metric Network Destination      Gateway

  0 4294967295 2620:9b::/96             On-link

===========================================================================

========================= Winsock entries =====================================

 

Catalog5 01 mswsock.dll [File Not found] (Microsoft Corporation)

ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

 

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)

Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)

Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)

Catalog5 07 mswsock.dll [File Not found] (Microsoft Corporation)

ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

 

Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)

Catalog9 01 mswsock.dll [File not found] (Microsoft Corporation)

Catalog9 02 mswsock.dll [File not found] (Microsoft Corporation)

Catalog9 03 mswsock.dll [File not found] (Microsoft Corporation)

Catalog9 04 mswsock.dll [File not found] (Microsoft Corporation)

Catalog9 05 mswsock.dll [File not found] (Microsoft Corporation)

Catalog9 06 mswsock.dll [File not found] (Microsoft Corporation)

Catalog9 07 mswsock.dll [File not found] (Microsoft Corporation)

Catalog9 08 mswsock.dll [File not found] (Microsoft Corporation)

Catalog9 09 mswsock.dll [File not found] (Microsoft Corporation)

Catalog9 10 mswsock.dll [File not found] (Microsoft Corporation)

x64-Catalog5 01 mswsock.dll [File Not found] (Microsoft Corporation)

ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

 

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)

x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)

x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)

x64-Catalog5 07 mswsock.dll [File Not found] (Microsoft Corporation)

ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

 

x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)

x64-Catalog9 01 mswsock.dll [File Not found] (Microsoft Corporation)

x64-Catalog9 02 mswsock.dll [File Not found] (Microsoft Corporation)

x64-Catalog9 03 mswsock.dll [File Not found] (Microsoft Corporation)

x64-Catalog9 04 mswsock.dll [File Not found] (Microsoft Corporation)

x64-Catalog9 05 mswsock.dll [File Not found] (Microsoft Corporation)

x64-Catalog9 06 mswsock.dll [File Not found] (Microsoft Corporation)

x64-Catalog9 07 mswsock.dll [File Not found] (Microsoft Corporation)

x64-Catalog9 08 mswsock.dll [File Not found] (Microsoft Corporation)

x64-Catalog9 09 mswsock.dll [File Not found] (Microsoft Corporation)

x64-Catalog9 10 mswsock.dll [File Not found] (Microsoft Corporation)

 

========================= Event log errors: ===============================

 

Application errors:

==================

Error: (12/08/2013 10:11:30 AM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

 

Error: (12/08/2013 10:11:30 AM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

 

Error: (12/08/2013 03:03:20 AM) (Source: uagqecsvc) (User: )

Description: The Microsoft Forefront UAG Quarantine Enforcement Client component cannot retrieve the status of the Network Access Protection (NAP) Agent service.

System error 1115: A system shutdown is in progress. (0x45b).

When the Microsoft Forefront UAG Quarantine Enforcement Client component starts, it attempts to query settings for the NAP agent service.

 

Error: (12/08/2013 02:02:42 AM) (Source: Application Error) (User: )

Description: Faulting application name: iexplore.exe, version: 9.0.8112.16448, time stamp: 0x4fecf1b7

Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f

Exception code: 0xc0000005

Fault offset: 0x000222b2

Faulting process id: 0xfe4

Faulting application start time: 0xiexplore.exe0

Faulting application path: iexplore.exe1

Faulting module path: iexplore.exe2

Report Id: iexplore.exe3

 

Error: (12/08/2013 00:20:09 AM) (Source: Application Hang) (User: )

Description: The program got21.exe version 1.30.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 878

 

Start Time: 01cef3ab310d888b

 

Termination Time: 2156

 

Application Path: C:\Users\Joel\Documents\got8bit\got21.exe

 

Report Id: 7aff7074-5f9e-11e3-b26e-1078d2ab015b

 

Error: (12/07/2013 06:49:07 PM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

 

Error: (12/07/2013 06:49:06 PM) (Source: .NET Runtime Optimization Service) (User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

 

Error: (12/07/2013 06:47:04 PM) (Source: Windows Search Service) (User: )

Description: The index cannot be initialized.

 

 

Details:

            The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

 

Error: (12/07/2013 06:47:04 PM) (Source: Windows Search Service) (User: )

Description: The application cannot be initialized.

 

Context: Windows Application

 

 

Details:

            The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

 

Error: (12/07/2013 06:47:04 PM) (Source: Windows Search Service) (User: )

Description: The gatherer object cannot be initialized.

 

Context: Windows Application, SystemIndex Catalog

 

 

Details:

            The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

 

 

System errors:

=============

Error: (12/08/2013 10:09:37 AM) (Source: Service Control Manager) (User: )

Description: The Function Discovery Resource Publication service terminated with the following error:

%%-2147024891

 

Error: (12/08/2013 10:09:37 AM) (Source: Service Control Manager) (User: )

Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:

%%-2147024891

 

Error: (12/08/2013 10:09:19 AM) (Source: Service Control Manager) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

vwififlt

 

Error: (12/08/2013 10:09:16 AM) (Source: Service Control Manager) (User: )

Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:

%%3

 

Error: (12/08/2013 10:09:16 AM) (Source: Service Control Manager) (User: )

Description: The Function Discovery Resource Publication service terminated with the following error:

%%-2147024891

 

Error: (12/08/2013 10:09:12 AM) (Source: Service Control Manager) (User: )

Description: The Windows Firewall service terminated with service-specific error %%5.

 

Error: (12/07/2013 07:34:51 PM) (Source: Service Control Manager) (User: )

Description: The Windows Firewall service terminated with service-specific error %%5.

 

Error: (12/07/2013 07:33:47 PM) (Source: Service Control Manager) (User: )

Description: The Windows Firewall service terminated with service-specific error %%5.

 

Error: (12/07/2013 07:13:15 PM) (Source: Service Control Manager) (User: )

Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:

%%-2147024891

 

Error: (12/07/2013 07:13:15 PM) (Source: Service Control Manager) (User: )

Description: The Function Discovery Resource Publication service terminated with the following error:

%%-2147024891

 

 

Microsoft Office Sessions:

=========================

Error: (12/08/2013 10:11:30 AM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

 

Error: (12/08/2013 10:11:30 AM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

 

Error: (12/08/2013 03:03:20 AM) (Source: uagqecsvc)(User: )

Description: 1115A system shutdown is in progress. (0x45b)

 

Error: (12/08/2013 02:02:42 AM) (Source: Application Error)(User: )

Description: iexplore.exe9.0.8112.164484fecf1b7ntdll.dll6.1.7601.177254ec49b8fc0000005000222b2fe401cef3b992ba8fb0C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dlld229c862-5fac-11e3-b26e-1078d2ab015b

 

Error: (12/08/2013 00:20:09 AM) (Source: Application Hang)(User: )

Description: got21.exe1.30.0.087801cef3ab310d888b2156C:\Users\Joel\Documents\got8bit\got21.exe7aff7074-5f9e-11e3-b26e-1078d2ab015b

 

Error: (12/07/2013 06:49:07 PM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

 

Error: (12/07/2013 06:49:06 PM) (Source: .NET Runtime Optimization Service)(User: )

Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80029c4a.

 

Error: (12/07/2013 06:47:04 PM) (Source: Windows Search Service)(User: )

Description:

Details:

            The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

 

Error: (12/07/2013 06:47:04 PM) (Source: Windows Search Service)(User: )

Description: Context: Windows Application

 

 

Details:

            The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

 

Error: (12/07/2013 06:47:04 PM) (Source: Windows Search Service)(User: )

Description: Context: Windows Application, SystemIndex Catalog

 

 

Details:

            The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

 

 

=========================== Installed Programs ============================

 

A Game of Thrones mod for CK2 version 3.3 (Version: 3.3)

Ace of Spades (Version: 0.75.015)

Acer eRecovery Management (Version: 4.05.3013)

Acer GameZone Console (Version: 6.1.0.9)

Acer Registration (Version: 1.03.3003)

Acer ScreenSaver (Version: 1.1.0825.2010)

Acer Updater (Version: 1.02.3001)

Acrobat.com (Version: 1.6.65)

Adobe AIR (Version: 1.5.0.7220)

Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)

Adobe Flash Player 11 Plugin (Version: 11.9.900.117)

Adobe Reader XI (11.0.05) (Version: 11.0.05)

Adobe Shockwave Player 12.0 (Version: 12.0.4.144)

ADRIFT 5.0 (Version: 5.0.29)

Advertising Center (Version: 0.0.0.2)

Age of Empires II: HD Edition

Age of Mythology

Age of Mythology - The Titans Expansion

ArcSoft MediaConverter 2

ArcSoft PhotoImpression 5

ArcSoft ShowBiz DVD 2

Audacity 2.0

Audiosurf

avast! Free Antivirus (Version: 6.0.1367.0)

Bing Bar (Version: 7.1.362.0)

CamStudio OSS Desktop Recorder (Version: 2.6 Beta r294)

CANON iMAGE GATEWAY MyCamera Download Plugin (Version: 3.1.1.2)

CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.9.0.9)

Canon MOV Decoder (Version: 1.8.0.7)

Canon MOV Encoder (Version: 1.6.0.1)

Canon MovieEdit Task for ZoomBrowser EX (Version: 3.7.0.4)

Canon Utilities Digital Photo Professional 3.10 (Version: 3.10.2.0)

Canon Utilities EOS Sample Music (Version: 1.0.0.204)

Canon Utilities EOS Utility (Version: 2.10.2.0)

Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (Version: 1.0.0.10)

Canon Utilities Movie Uploader for YouTube (Version: 1.2.0.7)

Canon Utilities PhotoStitch (Version: 3.1.22.46)

Canon Utilities Picture Style Editor (Version: 1.9.0.0)

Canon Utilities ZoomBrowser EX (Version: 6.7.0.24)

Canon ZoomBrowser EX Memory Card Utility (Version: 1.5.0.9)

CCleaner (Version: 3.22)

Celtx (2.9.1) (Version: 2.9.1 (en-US))

CEP (Color Enable Package) v.9.2 (beta) (Version: 9.2 (beta))

Crusader Kings II

D3DX10 (Version: 15.4.2368.0902)

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition

Dell AIO Printer A920

Desura (Version: 100.53)

Deus Ex: Game of the Year Edition

Digital Video (Version: 1.00.000)

Don't Starve

doPDF 7.3 printer

Driving Test Success - All Tests (2009-2010)

Dropbox (Version: 2.0.22)

Dwarfs!?

eBay Worldwide (Version: 2.1.0901)

eSobi v2 (Version: 2.0.4.000274)

Facebook Video Calling 1.2.0.287 (Version: 1.2.287)

Fallout 3 - Game of the Year Edition

FireWarrior

FTL: Faster Than Light

Game Dev Tycoon

Game Dev Tycoon version 1.3.2 (Version: 1.3.2)

GameRanger

Google Toolbar for Internet Explorer (Version: 1.0.0)

Google Toolbar for Internet Explorer (Version: 7.5.4601.54)

Google Update Helper (Version: 1.3.21.165)

Gunpoint

Half-Life 2

Half-Life: Opposing Force

Hotkey Utility (Version: 2.05.3009)

Hotline Miami

HTML TADS Player Kit

Identity Card (Version: 1.00.3003)

ImagXpress (Version: 7.0.74.0)

Intel® Control Center (Version: 1.2.1.1007)

Intel® Processor Graphics (Version: 8.15.10.2827)

Intel® Rapid Storage Technology (Version: 9.6.0.1014)

Java 7 Update 45 (Version: 7.0.450)

Java Auto Updater (Version: 2.1.9.8)

Java™ 7 Update 3 (64-bit) (Version: 7.0.30)

Junk Mail filter update (Version: 15.4.3502.0922)

Kerbal Space Program

Killing Floor

Killing Floor SDK

Left 4 Dead 2

Left 4 Dead 2 Authoring Tools

LEGO Rock Raiders

March of the Eagles

McPixel

Mesh Runtime (Version: 15.4.5722.2)

Messenger Companion (Version: 15.4.3502.0922)

Microsoft .NET Framework 1.1 (Version: 1.1.4322)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Chart Controls for Microsoft .NET Framework 3.5 (Version: 3.5.0.0)

Microsoft Games for Windows - LIVE Redistributable (Version: 2.0.672.0)

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)

Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)

Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)

Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)

Microsoft Outlook Hotmail Connector 64-bit (Version: 14.0.5118.5000)

Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit (Version: 14.0.5120.5000)

Microsoft Silverlight (Version: 5.1.20913.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (Version: 11.0.60610.1)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (Version: 11.0.60610.1)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (Version: 11.0.60610)

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)

Monster Loves You!

Mount & Blade: Warband

Mount&Blade Warband

Mozilla Firefox 25.0.1 (x86 en-GB) (Version: 25.0.1)

Mozilla Maintenance Service (Version: 25.0.1)

MSVCRT (Version: 15.4.2862.0708)

MSVCRT_amd64 (Version: 15.4.2862.0708)

MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)

MSXML4 Parser (Version: 1.0.0)

MyWinLocker (Version: 3.1.212.0)

MyWinLocker Suite (Version: 3.1.212.0)

Nero 9 Essentials

Nero ControlCenter (Version: 9.0.0.1)

Nero DiscSpeed (Version: 5.4.13.100)

Nero DiscSpeed Help (Version: 5.4.4.100)

Nero DriveSpeed (Version: 4.4.12.100)

Nero DriveSpeed Help (Version: 4.4.4.100)

Nero Express Help (Version: 9.4.37.100)

Nero InfoTool (Version: 6.4.12.100)

Nero InfoTool Help (Version: 6.4.4.100)

Nero Installer (Version: 4.4.9.0)

Nero Online Upgrade (Version: 1.3.0.0)

Nero StartSmart (Version: 9.4.37.100)

Nero StartSmart Help (Version: 9.4.27.100)

Nero StartSmart OEM (Version: 9.16.0.100)

NeroExpress (Version: 9.4.37.100)

neroxml (Version: 1.0.0)

Norton Online Backup (Version: 2.1.17869)

NVIDIA PhysX (Version: 9.10.0222)

OpenAL

Organ Trail: Director's Cut

Paint.NET v3.5.11 (Version: 3.61.0)

Papers, Please

PCFriendly

Prison Architect

PunkBuster Services (Version: 0.992)

Quest (Version: 5.30.0003)

Realtek Ethernet Controller Driver For Windows 7 (Version: 7.17.304.2010)

Realtek High Definition Audio Driver (Version: 6.0.1.5995)

RollerCoaster Tycoon 3: Platinum!

Rome: Total War Gold Edition

Shredder (Version: 2.0.8.3)

Sid Meier's Civilization V

SimPE PhotoStudio Templates 3.0 (Version: 3.0)

Sims2Pack Clean Installer

Skype Click to Call (Version: 6.11.13307)

Skype™ 6.3 (Version: 6.3.105)

Sonic & All-Stars Racing Transformed

Sophos Virus Removal Tool (Version: 2.2)

Source Filmmaker

Star Wars Empire at War (Version: 1.0)

Star Wars Empire at War Forces of Corruption (Version: 1.0)

Star Wars Jedi Knight: Dark Forces II

Steam (Version: 1.0.0.0)

swMSM (Version: 12.0.0.1)

System Requirements Lab CYRI (Version: 5.0.6.0)

System Requirements Lab for Intel (Version: 4.5.9.0)

The Sims 2 Nightlife

The Sims 2 Open For Business

The Sims 2 Pets

The Sims 2 University

The Sims™ 2 Bon Voyage

The Sims™ 2 Celebration! Stuff

The Sims™ 2 FreeTime

The Sims™ 2 H&M® Fashion Stuff

The Sims™ 2 IKEA® Home Stuff

The Sims™ 2 Seasons

To the Moon

Total War: SHOGUN 2

Total War: Shogun 2 - TEd

Towns

Ubisoft Game Launcher (Version: 1.0.0.0)

Unity Web Player (Version: )

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553272) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2598289) 64-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition

Update for Microsoft OneNote 2010 (KB2589345) 64-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 64-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition

Uplay (Version: 2.0)

Welcome Center (Version: 1.02.3005)

Windows Live Communications Platform (Version: 15.4.3502.0922)

Windows Live Device Integrator (Version: 1.0.104.0)

Windows Live Essentials (Version: 15.4.3502.0922)

Windows Live Essentials (Version: 15.4.3555.0308)

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)

Windows Live Installer (Version: 15.4.3502.0922)

Windows Live Language Selector (Version: 15.4.3555.0308)

Windows Live Mail (Version: 15.4.3502.0922)

Windows Live Mesh (Version: 15.4.3502.0922)

Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)

Windows Live Messenger (Version: 15.4.3538.0513)

Windows Live Messenger Companion Core (Version: 15.4.3502.0922)

Windows Live MIME IFilter (Version: 15.4.3502.0922)

Windows Live Movie Maker (Version: 15.4.3502.0922)

Windows Live Photo Common (Version: 15.4.3502.0922)

Windows Live Photo Gallery (Version: 15.4.3502.0922)

Windows Live PIMT Platform (Version: 15.4.3508.1109)

Windows Live Remote Client (Version: 15.4.5722.2)

Windows Live Remote Client Resources (Version: 15.4.5722.2)

Windows Live Remote Service (Version: 15.4.5722.2)

Windows Live Remote Service Resources (Version: 15.4.5722.2)

Windows Live SOXE (Version: 15.4.3502.0922)

Windows Live SOXE Definitions (Version: 15.4.3502.0922)

Windows Live UX Platform (Version: 15.4.3502.0922)

Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)

Windows Live Writer (Version: 15.4.3502.0922)

Windows Live Writer Resources (Version: 15.4.3502.0922)

Windows Media Player Firefox Plugin (Version: 1.0.0.8)

WinRAR 4.01 (32-bit) (Version: 4.01.0)

XVID Codec Installation

Yahoo! Detect

 

========================= Devices: ================================

 

Name: UMBus Enumerator

Description: UMBus Enumerator

Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: umbus

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Reflector Display Driver used to gain access to graphics data

Description: Reflector Display Driver used to gain access to graphics data

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer:

Service: RDPREFMP

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Virtual WiFi Filter Driver

Description: Virtual WiFi Filter Driver

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer:

Service: vwififlt

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

 

Name: Microsoft PS/2 Mouse

Description: Microsoft PS/2 Mouse

Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: i8042prt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.

 

 

========================= Memory info: ===================================

 

Percentage of memory in use: 51%

Total physical RAM: 2999.07 MB

Available physical RAM: 1456.5 MB

Total Pagefile: 5996.34 MB

Available Pagefile: 3630.02 MB

Total Virtual: 4095.88 MB

Available Virtual: 3964.6 MB

 

========================= Partitions: =====================================

 

1 Drive c: (Acer) (Fixed) (Total:290.45 GB) (Free:64.34 GB) NTFS

2 Drive d: (DATA) (Fixed) (Total:290.62 GB) (Free:290.16 GB) NTFS

 

========================= Users: ========================================

 

User accounts for \\SQUEAKIE-ACER

 

Administrator            Ashley                   ASPNET                  

Chris                    Guest                    Joel                    

 

 

**** End of log ****

 



#6 leothefox

leothefox
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:58 AM

Posted 08 December 2013 - 06:53 AM

Sorry for the delay, had to upload MalwareBytes Log or mbam to a filehosting service as it was too large to fit in a comment.

http://www.mediafire.com/view/4aife07z0m0aqfs/mbam-log-2013-12-08%20(10-30-37).txt

Hopefully that link works - EDIT: I think that link doesn't allow you to 'view' the document, per se', but it does allow you to download it and read it that way.

 

Now restarting my computer to complete the MalwareBytes process.

EDIT: Restart went fine. Running MalwareBytes Anti-RootKit now.


Edited by leothefox, 08 December 2013 - 07:16 AM.


#7 leothefox

leothefox
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:58 AM

Posted 08 December 2013 - 09:18 AM

Hi, sorry to be a bother, how do I tell if the MalwareBytes Anti-RootKit is working?

 

It seemed to chug along happily enough for a while, but then it detected Malware and has been 'stuck' on the same file - \windows\installer\{numbersandletters}\L\00000004.@ -  - for about 2 hours now. I know that the Windows installer areas of the PC are huge, and if the previous scans are to believed they are infected, but is it normal for the program to be stuck on this one file for so long?

 

I believe the antirootkit is still running, since it allows me to interact with it and scroll through its backlog, and if I click 'Cancel' it gives me a warning about improperly removed rootkits could cause unstable systems or inability to boot. This worries me since I'm sure it should only be scanning at the moment and not attempting to remove anything, per se'.

 

I'm sorry, I'm probably just being impatient or something and it should be taking so long on this one file, but if someone could let me know whether or not it is indeed normal for the program to work on one file for so long it would really put my mind at ease.

Thanks,

Joel.

 

EDIT: After about 3 and a half hours on that one file, it seems to have moved on.
Sorry for being a bother. I'm understandably somewhat nervous about all this.


Edited by leothefox, 08 December 2013 - 10:58 AM.


#8 leothefox

leothefox
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:58 AM

Posted 08 December 2013 - 12:04 PM

HELP
Actual problem this time.

After allowing the MalwareBytes AntiRoot program to run for another hour after it moved on from the file it had been stuck on, I checked it once again and without having clicked on anything, it was saying it was 'not responding' having detected around 3162 pieces of supposed malware. I left the computer for another hour to see if the problem would resolve itself, but it did not. Mousing over the program results in the cursor changing into the typical Windows loading wheel and the program has whited over - like any other program that is 'not responding'.

 

Normally I'd just shut the program via the task manager or whatever, but given the warnings the program made whenever I pressed 'cancel' (back when it was working) about improperly removed rootkits causing unstable systems or inability to boot, I'm rather worried about actually closing the program. Is it safe for me to close the program? And if I do, I assume I have to run the scan once again and hope it fully completes this time?

 

Sorry to be a bother yet again,

Joel.



#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:58 PM

Posted 08 December 2013 - 02:03 PM

You're infected with ZeroAccess rootkit.

It'll require elevated help.

 

Please follow the instructions in THIS GUIDE starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it HERE. Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#10 leothefox

leothefox
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:58 AM

Posted 08 December 2013 - 02:40 PM

Righto, topic created following guidelines here: http://www.bleepingcomputer.com/forums/t/516865/infected-with-zeroaccess-rootkit-cannot-update-windows-firewall-not-working/

 

Thanks for all the help so far, Broni.



#11 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:58 PM

Posted 08 December 2013 - 02:42 PM

p22003888.gif


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users