[RESOLVED] cannot update malwarebytes

Started By threeputt, Jul 17 2011 01:39 AM

Prev

You cannot start a new topic
You cannot reply to this topic
Go to first unread post

29 replies to this topic

#21 Broni

Malware Annihilator

24,883 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 06:34 PM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Online

Time Online: 57d 9h 20m 43s

Posted 18 July 2011 - 01:03 AM

Good :)

How is computer doing?

Download OTL to your Desktop.

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Click the Scan All Users checkbox.
Under the Custom Scan box paste this in:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop

Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

Back to top

#22 threeputt Re: [RESOLVED] cannot update malwarebytes

Member

68 posts
Joined: July 17, 2011
3 topics
Skin: IP.Board
Local time: 01:34 AM

Zodiac:Aquarius
Gender:Male
OS:Windows Vista
Country:

Offline

Time Online: 8h 58m 17s

Posted 18 July 2011 - 01:52 AM

Mr Broni, it is running great. Here is the log file

It only created one as I see. OTL.TXT Was there supposed to be abother?

OTL logfile created on: 7/17/2011 8:43:10 PM - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\GANNY\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.30 Mb Total Physical Memory | 163.72 Mb Available Physical Memory | 32.02% Memory free
866.21 Mb Paging File | 471.78 Mb Available in Paging File | 54.46% Paging File free
Paging file location(s): C:\pagefile.sys 384 384 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.01 Gb Total Space | 5.94 Gb Free Space | 31.26% Space Free | Partition Type: NTFS

Computer Name: GANNY-NW1YWFZVI | User Name: GANNY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/17 20:42:24 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\GANNY\Desktop\OTL.exe
PRC - [2011/07/06 16:32:20 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2011/07/06 16:32:14 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2011/01/11 19:04:04 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2011/01/11 19:04:04 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2010/11/30 14:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 13:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2011/07/17 20:42:24 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\GANNY\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (RoxLiveShare9)
SRV - File not found [On_Demand | Stopped] -- -- (KodakCCS)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [On_Demand | Stopped] -- -- (ACDaemon)
SRV - [2011/07/06 16:32:20 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2011/07/06 16:32:14 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011/01/11 19:04:04 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/11/11 13:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)

========== Driver Services (SafeList) ==========

DRV - [2011/07/06 16:32:50 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2011/01/11 19:04:04 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2011/01/11 19:04:04 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2010/05/10 13:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 13:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2008/04/13 13:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2002/08/28 17:59:12 | 000,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2002/06/03 12:18:32 | 000,040,832 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
DRV - [2001/08/17 08:28:02 | 000,907,456 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HCF_MSFT.sys -- (HCF_MSFT)
DRV - [2001/08/13 18:17:34 | 000,737,973 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\winachcf.sys -- (Winachcf)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1482476501-839522115-854245398-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
IE - HKU\S-1-5-21-1482476501-839522115-854245398-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1482476501-839522115-854245398-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 4C 2B B5 67 15 CC 01 [binary data]
IE - HKU\S-1-5-21-1482476501-839522115-854245398-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1482476501-839522115-854245398-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

O1 HOSTS File: ([2011/07/17 15:04:10 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O3 - HKU\S-1-5-21-1482476501-839522115-854245398-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1482476501-839522115-854245398-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1482476501-839522115-854245398-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1482476501-839522115-854245398-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1482476501-839522115-854245398-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1482476501-839522115-854245398-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1482476501-839522115-854245398-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1255978360898 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} http://mobileapps.bl...re/AxLoader.cab (RIM AxLoader)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.220 208.67.220.220 24.177.176.38
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\GANNY\My Documents\My Pictures\Beach.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\GANNY\My Documents\My Pictures\Beach.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/19 13:37:57 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/07/17 20:42:21 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\GANNY\Desktop\OTL.exe
[2011/07/17 20:09:41 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/07/17 19:44:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/07/17 18:35:02 | 001,153,912 | ---- | C] (Emsi Software GmbH) -- C:\Documents and Settings\GANNY\Desktop\BlitzBlank.exe
[2011/07/17 14:50:45 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/07/17 14:50:44 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/07/17 14:50:44 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/07/17 14:49:13 | 004,154,783 | R--- | C] (Swearware) -- C:\Documents and Settings\GANNY\Desktop\ComboFix.exe
[2011/07/17 05:44:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GANNY\Application Data\Malwarebytes
[2011/07/17 05:43:47 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/17 05:43:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/17 05:43:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/07/17 05:43:35 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/17 05:43:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/07/16 20:39:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\GANNY\My Documents\My Videos
[2011/07/16 20:39:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\GANNY\My Documents\My Music
[2011/07/16 19:45:04 | 000,489,596 | R--- | C] (Swearware) -- C:\Documents and Settings\GANNY\Desktop\dds.scr
[2011/07/16 19:44:23 | 001,906,176 | ---- | C] (AVAST Software) -- C:\Documents and Settings\GANNY\Desktop\aswMBR.exe
[2011/07/16 19:26:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GANNY\Local Settings\Application Data\LogMeIn
[2011/07/16 19:25:58 | 000,029,568 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2011/07/16 19:25:56 | 000,083,360 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2011/07/16 19:25:56 | 000,047,640 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\LMIRfsDriver.sys
[2011/07/16 19:25:46 | 000,087,424 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2011/07/16 19:25:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/07/16 19:25:01 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn
[2011/07/16 19:21:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GANNY\Local Settings\Application Data\Deployment
[2011/07/16 19:06:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/07/16 18:38:57 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/07/16 18:18:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GANNY\My Documents\My Received Files
[2011/07/15 20:48:08 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\GANNY\Recent
[2011/07/14 19:04:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/07/12 06:00:37 | 000,000,000 | ---D | C] -- C:\c480cae72345f3999ee72cada9
[2011/07/10 14:12:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GANNY\Local Settings\Application Data\Ahead
[2011/07/09 23:22:01 | 000,000,000 | ---D | C] -- C:\92bc53a793a3fb8f6c85b3
[2011/07/09 09:22:02 | 000,000,000 | ---D | C] -- C:\6d66eaa6d47e9b77fdf2e83ced6e
[2011/07/08 06:00:26 | 000,000,000 | ---D | C] -- C:\8ccf2359db28544881d78c5e95
[2011/07/04 07:49:01 | 000,000,000 | ---D | C] -- C:\bdb29281f775e6b02e3fb1cfd998
[2011/07/03 21:26:41 | 000,000,000 | ---D | C] -- C:\148d1c7e98ba8fd239da0ef98c
[2011/07/03 07:13:39 | 000,000,000 | ---D | C] -- C:\0ebc984941481d1c350fb1d1708d4f
[2011/07/02 06:27:29 | 000,000,000 | ---D | C] -- C:\5efc7e5bcecd048576347c686ade4f
[2011/07/01 12:02:50 | 000,000,000 | ---D | C] -- C:\094aa085a645da452bb3
[2011/07/01 07:50:12 | 000,000,000 | ---D | C] -- C:\eecd2dd8c678515db12d379e6da8d0
[2011/06/30 21:37:22 | 000,000,000 | ---D | C] -- C:\bf29f0be912722c39adf374bbf84932a
[2011/06/30 07:44:24 | 000,000,000 | ---D | C] -- C:\47332358f06304a75461c6eaf9dfd97f
[2011/06/29 22:35:37 | 000,000,000 | ---D | C] -- C:\f016ea002016bbeab7
[2011/06/22 11:52:08 | 000,000,000 | ---D | C] -- C:\709442b18d8439540b
[2011/06/18 14:06:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GANNY\Local Settings\Application Data\PCHealth

========== Files - Modified Within 30 Days ==========

[2011/07/17 20:47:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C87B9E87-4917-4BDC-A234-F3DE09B5E89F}.job
[2011/07/17 20:42:24 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\GANNY\Desktop\OTL.exe
[2011/07/17 20:37:27 | 000,001,632 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/07/17 20:27:01 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/17 20:17:34 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/07/17 20:11:52 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/17 20:11:49 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/17 20:11:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/17 18:35:11 | 001,153,912 | ---- | M] (Emsi Software GmbH) -- C:\Documents and Settings\GANNY\Desktop\BlitzBlank.exe
[2011/07/17 17:37:49 | 000,139,264 | ---- | M] () -- C:\Documents and Settings\GANNY\Desktop\RKUnhookerLE.EXE
[2011/07/17 15:04:10 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/07/17 14:49:26 | 004,154,783 | R--- | M] (Swearware) -- C:\Documents and Settings\GANNY\Desktop\ComboFix.exe
[2011/07/17 05:43:50 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/17 05:04:33 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\GANNY\Desktop\MBR.dat
[2011/07/16 20:39:18 | 000,000,331 | ---- | M] () -- C:\Documents and Settings\GANNY\Desktop\SmartestComputing - Computer help forum.url
[2011/07/16 19:45:10 | 000,489,596 | R--- | M] (Swearware) -- C:\Documents and Settings\GANNY\Desktop\dds.scr
[2011/07/16 19:44:23 | 001,906,176 | ---- | M] (AVAST Software) -- C:\Documents and Settings\GANNY\Desktop\aswMBR.exe
[2011/07/16 19:41:40 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\GANNY\Desktop\GMER.exe
[2011/07/16 19:34:56 | 000,523,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/07/16 19:34:56 | 000,013,566 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/07/16 19:25:44 | 000,001,024 | ---- | M] () -- C:\.rnd
[2011/07/16 18:33:11 | 000,107,008 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/16 18:31:22 | 000,000,281 | -H-- | M] () -- C:\boot.ini
[2011/07/16 18:19:34 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/07/12 20:35:40 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\GANNY\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/06 16:32:50 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2011/07/06 16:32:30 | 000,029,568 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2011/07/06 16:32:28 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2011/07/05 09:26:17 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2011/06/26 01:45:56 | 000,256,000 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2011/06/22 21:55:37 | 000,002,198 | ---- | M] () -- C:\WINDOWS\epplauncher.mif

========== Files Created - No Company Name ==========

[2011/07/17 17:37:48 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\GANNY\Desktop\RKUnhookerLE.EXE
[2011/07/17 05:43:50 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/17 05:03:22 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\GANNY\Desktop\MBR.dat
[2011/07/16 20:39:18 | 000,000,331 | ---- | C] () -- C:\Documents and Settings\GANNY\Desktop\SmartestComputing - Computer help forum.url
[2011/07/16 19:41:40 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\GANNY\Desktop\GMER.exe
[2011/07/16 19:25:40 | 000,001,024 | ---- | C] () -- C:\.rnd
[2011/07/16 19:25:24 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\LogMeIn.lnk
[2011/07/16 18:19:27 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/07/14 20:28:11 | 000,001,632 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/04/24 09:41:17 | 000,000,436 | ---- | C] () -- C:\Documents and Settings\GANNY\Local Settings\Application Data\FASTWiz.html
[2011/03/30 06:03:11 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Pxiliwelohawu.dat
[2011/03/30 06:03:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Srowoqo.bin
[2010/08/11 06:22:26 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/08/11 06:22:26 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/08/11 06:22:26 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/08/11 06:22:26 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/08/11 06:22:26 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/05/22 11:36:28 | 000,008,704 | ---- | C] () -- C:\Documents and Settings\GANNY\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/12 17:33:29 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/01/20 10:14:07 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2009/12/09 23:24:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX.INI
[2009/12/09 23:06:24 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Colors
[2009/12/09 23:06:24 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\GANNY\Application Data\Clips
[2009/12/09 23:06:24 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Configure Folder Actions
[2009/12/09 23:06:24 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT
[2009/12/09 22:58:34 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\ColorSync
[2009/12/09 22:58:34 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\GANNY\Application Data\Classical
[2009/12/09 22:58:34 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Common
[2009/12/09 22:58:34 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2009/10/19 19:41:28 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/10/19 14:11:54 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/10/19 13:43:17 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/10/19 13:33:33 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/10/19 08:09:44 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/10/19 08:08:36 | 000,107,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2003/03/31 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003/03/31 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003/03/31 07:00:00 | 000,523,684 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003/03/31 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003/03/31 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003/03/31 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2003/03/31 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003/03/31 07:00:00 | 000,013,566 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003/03/31 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003/03/31 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/03/31 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1998/09/01 12:10:20 | 000,164,864 | ---- | C] () -- C:\WINDOWS\System32\LDEPCL32.DLL
[1997/10/24 09:56:36 | 000,000,643 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[1997/10/09 07:08:26 | 000,079,872 | ---- | C] () -- C:\WINDOWS\System32\LEX_PSU.EXE
[1997/06/17 10:07:50 | 000,328,704 | ---- | C] () -- C:\WINDOWS\System32\DOSFNT32.DLL

========== LOP Check ==========

[2009/12/09 23:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2011/07/17 00:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2009/12/09 23:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2010/04/26 17:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/05/26 08:50:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GANNY\Application Data\Nikon
[2010/10/22 09:46:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GANNY\Application Data\Research In Motion
[2009/10/19 19:14:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GANNY\Application Data\Skinux
[2010/10/28 06:51:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GANNY\Application Data\Windows Desktop Search
[2010/10/28 07:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\GANNY\Application Data\Windows Search
[2011/07/17 20:17:34 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011/07/17 20:47:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{C87B9E87-4917-4BDC-A234-F3DE09B5E89F}.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2011/07/16 19:25:44 | 000,001,024 | ---- | M] () -- C:\.rnd
[2009/10/19 13:37:57 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/07/17 18:38:44 | 000,000,618 | ---- | M] () -- C:\blitzblank.log
[2009/10/19 19:42:48 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011/07/16 18:31:22 | 000,000,281 | -H-- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2011/07/17 19:44:01 | 000,064,974 | ---- | M] () -- C:\ComboFix.txt
[2009/10/19 13:37:57 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/10/19 13:37:57 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/10/19 13:37:57 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009/10/19 14:20:45 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/10/19 15:07:10 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/01/29 22:51:20 | 000,004,314 | ---- | M] () -- C:\outputDoc.xml
[2011/07/17 20:11:38 | 402,653,184 | -HS- | M] () -- C:\pagefile.sys
[2011/07/14 13:48:05 | 000,000,687 | ---- | M] () -- C:\rescue-system_scan.log

< %systemroot%\Fonts\*.com >
[2006/04/18 16:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 15:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 16:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 15:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/10/19 13:37:13 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2011/07/06 16:32:36 | 000,053,632 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LMIproc.dll
[2000/10/04 09:19:22 | 000,058,880 | ---- | M] (Lexmark International) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LXAPPP.DLL
[2008/07/06 05:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >
[2009/10/18 09:32:32 | 000,000,244 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\Alexander City Outlook.url
[2009/10/04 17:45:38 | 000,022,177 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\Alexander City Weather.url
[2008/12/17 09:50:54 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\ALIANT Bank.url
[2009/10/02 07:03:26 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\Dictionary.com.url
[2009/10/18 09:38:02 | 000,000,241 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\Facebook.com.url
[2009/08/29 11:16:34 | 000,000,211 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\Google.url
[2009/09/25 18:59:44 | 000,000,254 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\Home - Bama Country 98.9 - Today's Best Country, Alabama Montgomery Prattville Millbrook Wetumpka.url
[2008/12/16 14:41:56 | 000,000,178 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\Magic 96.5 Birmingham's Christmas Music Station.url
[2009/05/22 10:03:02 | 000,000,211 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\Montgomery's Best Mix - Mix 103.url
[2009/04/05 11:11:18 | 000,010,200 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\Playa Cofi Jukebox - Our Musical Heritage.url
[2008/11/19 13:18:14 | 000,000,162 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\SpellCheck.net.url
[2009/08/19 09:43:50 | 000,000,205 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\The Legendary WLWI - 92.3 FM.url
[2009/10/17 10:02:36 | 000,000,224 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\theRADIO.com.url
[2008/11/24 11:40:06 | 000,000,288 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\WQEN-FM 103.7Q.url
[2009/09/01 19:55:00 | 000,000,240 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\WSTH-FM Rooster 106.1.url
[2009/08/28 22:31:46 | 000,000,310 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\WZBQ-FM 94.1.url
[2009/10/14 06:15:42 | 000,000,193 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\WZZK on wzzk.com.url
[2009/10/15 07:51:12 | 000,000,236 | ---- | M] () -- C:\Documents and Settings\All Users\Favorites\Y-102 All the Hits!.url

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2009/10/19 08:07:47 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009/10/19 08:07:47 | 000,602,112 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009/10/19 08:07:47 | 000,376,832 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2009/10/19 15:14:05 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/10/19 15:30:27 | 000,000,177 | -HS- | M] () -- C:\Documents and Settings\GANNY\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2009/10/19 13:50:21 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\GANNY\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2011/07/16 19:44:23 | 001,906,176 | ---- | M] (AVAST Software) -- C:\Documents and Settings\GANNY\Desktop\aswMBR.exe
[2010/08/10 21:26:51 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\GANNY\Desktop\ATF-Cleaner.exe
[2011/07/17 18:35:11 | 001,153,912 | ---- | M] (Emsi Software GmbH) -- C:\Documents and Settings\GANNY\Desktop\BlitzBlank.exe
[2011/07/17 14:49:26 | 004,154,783 | R--- | M] (Swearware) -- C:\Documents and Settings\GANNY\Desktop\ComboFix.exe
[2011/07/16 19:41:40 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\GANNY\Desktop\GMER.exe
[2011/07/17 20:42:24 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\GANNY\Desktop\OTL.exe
[2011/07/17 17:37:49 | 000,139,264 | ---- | M] () -- C:\Documents and Settings\GANNY\Desktop\RKUnhookerLE.EXE
[2010/08/12 20:26:32 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\GANNY\Desktop\TFC.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >
[2010/08/10 17:08:09 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\GANNY\My Documents\mbam-setup-1.46.exe
[2010/08/10 18:14:55 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\GANNY\My Documents\ucxlzw5f.exe

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2009/10/19 15:30:27 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\GANNY\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2011/07/17 20:42:07 | 000,049,152 | -HS- | M] () -- C:\Documents and Settings\GANNY\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007/06/26 23:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/13 19:11:51 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2003/03/31 07:00:00 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2002/08/20 12:32:18 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2002/08/20 12:32:22 | 000,000,807 | ---- | M] () -- C:\Program Files\Messenger\mailtmpl.txt
[2008/05/02 09:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/13 12:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/13 19:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2002/08/20 15:08:38 | 000,069,663 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgsin.exe
[2003/03/31 07:00:00 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2003/03/31 07:00:00 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2003/03/31 07:00:00 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2002/08/20 12:32:20 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/07/17 13:41:04 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-07-16 23:20:03

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\winhlp32.exe:SummaryInformation

< End of report >

Back to top

#23 Broni Re: [RESOLVED] cannot update malwarebytes

Malware Annihilator

24,883 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 06:34 PM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Online

Time Online: 57d 9h 20m 43s

Posted 18 July 2011 - 01:57 AM

Good news :)

OTL.txt is the most important log, so we're fine.

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
SRV - File not found [Auto | Stopped] -- -- (RoxLiveShare9)
SRV - File not found [On_Demand | Stopped] -- -- (KodakCCS)
SRV - File not found [On_Demand | Stopped] -- -- (ACDaemon)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O3 - HKU\S-1-5-21-1482476501-839522115-854245398-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
[2011/03/30 06:03:11 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Pxiliwelohawu.dat
[2011/03/30 06:03:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Srowoqo.bin
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\winhlp32.exe:SummaryInformation

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
You will get a log that shows the results of the fix. Please post it.

============================================================

Last scans....

1. Download Security Check from HERE, and save it to your Desktop.

Double-click SecurityCheck.exe
Follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Download Temp File Cleaner (TFC)

Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

3. Please run a free online scan with the ESET Online Scanner

Disable your antivirus program
Tick the box next to YES, I accept the Terms of Use
Click Start
IMPORTANT! UN-check Remove found threats
Accept any security warnings from your browser.
Check Scan archives
Click Start
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, push List of found threats
Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
NOTE. If Eset won't find any threats, it won't produce any log.

Back to top

#24 threeputt Re: [RESOLVED] cannot update malwarebytes

Member

68 posts
Joined: July 17, 2011
3 topics
Skin: IP.Board
Local time: 01:34 AM

Zodiac:Aquarius
Gender:Male
OS:Windows Vista
Country:

Offline

Time Online: 8h 58m 17s

Posted 18 July 2011 - 02:18 AM

All processes killed
========== OTL ==========
Service RoxLiveShare9 stopped successfully!
Service RoxLiveShare9 deleted successfully!
Service KodakCCS stopped successfully!
Service KodakCCS deleted successfully!
Service ACDaemon stopped successfully!
Service ACDaemon deleted successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1482476501-839522115-854245398-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\WINDOWS\Pxiliwelohawu.dat moved successfully.
C:\WINDOWS\Srowoqo.bin moved successfully.
ADS C:\WINDOWS\winhlp32.exe:SummaryInformation deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: GANNY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1135942 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LogMeInRemoteUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 2384 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8947 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1.00 mb

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: GANNY
->Flash cache emptied: 0 bytes

User: LocalService

User: LogMeInRemoteUser
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.26.1 log created on 07172011_211111

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Back to top

#25 threeputt Re: [RESOLVED] cannot update malwarebytes

Member

68 posts
Joined: July 17, 2011
3 topics
Skin: IP.Board
Local time: 01:34 AM

Zodiac:Aquarius
Gender:Male
OS:Windows Vista
Country:

Offline

Time Online: 8h 58m 17s

Posted 18 July 2011 - 02:21 AM

Results of screen317's Security Check version 0.99.7
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
ESET Online Scanner v3
Microsoft Security Essentials
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
CCleaner
Adobe Flash Player
````````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
Microsoft Security Client Antimalware MsMpEng.exe
``````````End of Log````````````

Back to top

#26 Broni Re: [RESOLVED] cannot update malwarebytes

Malware Annihilator

24,883 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 06:34 PM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Online

Time Online: 57d 9h 20m 43s

Posted 18 July 2011 - 02:41 AM

All looks good :)

Just Eset left...

Back to top

#27 threeputt Re: [RESOLVED] cannot update malwarebytes

Member

68 posts
Joined: July 17, 2011
3 topics
Skin: IP.Board
Local time: 01:34 AM

Zodiac:Aquarius
Gender:Male
OS:Windows Vista
Country:

Offline

Time Online: 8h 58m 17s

Posted 18 July 2011 - 11:13 AM

C:\Program Files\OurBabyMaker_27EI\Installr\1.bin\27EIPlug.dll a variant of Win32/Toolbar.MyWebSearch application
This is what ESET found
How bad was this computer? I just wonder why my antivirus did not catch these?

Back to top

#28 Broni Re: [RESOLVED] cannot update malwarebytes

Malware Annihilator

24,883 posts
Joined: October 04, 2004
1,860 topics
Age: 57
Skin: IPBoard wide
Local time: 06:34 PM

Zodiac:Virgo
Gender:Male
Location:Daly City, CA
OS:Windows Vista
Country:

Online

Time Online: 57d 9h 20m 43s

Posted 18 July 2011 - 03:52 PM

Believe me, I've seen much, much worse.
Yours wasn't that bad.

Then, there is no perfect security program. That's why we run several scans to make sure nothing is hiding.

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL

:Services

:Reg

:Files
C:\Program Files\OurBabyMaker_27EI\Installr\1.bin\27EIPlug.dll

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
You will get a log that shows the results of the fix. Please post it.

==================================================================================================

Your computer is clean Posted Image

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following:

:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

Double-click OTL.exe to start the program.
Close all other programs apart from OTL as this step will require a reboot
On the OTL main screen, press the CLEANUP button
Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/v...ning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. (Windows XP only) Run defrag at your convenience.

11. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

12. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingc.../topic2520.html

13. Please, let me know, how your computer is doing.

Back to top

#29 threeputt Re: [RESOLVED] cannot update malwarebytes

Member

68 posts
Joined: July 17, 2011
3 topics
Skin: IP.Board
Local time: 01:34 AM

Zodiac:Aquarius
Gender:Male
OS:Windows Vista
Country:

Offline

Time Online: 8h 58m 17s

Posted 18 July 2011 - 04:28 PM

All processes killed
========== OTL ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\Program Files\OurBabyMaker_27EI\Installr\1.bin\27EIPlug.dll moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: GANNY
->Temp folder emptied: 32768 bytes
->Temporary Internet Files folder emptied: 2410996 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LogMeInRemoteUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 4748 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 18279 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2.00 mb

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: GANNY
->Flash cache emptied: 0 bytes

User: LocalService

User: LogMeInRemoteUser
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.26.1 log created on 07182011_112026

Files\Folders moved on Reboot...
C:\Documents and Settings\GANNY\Local Settings\Temporary Internet Files\Content.IE5\972D2UAS\page__st__20[1].htm moved successfully.

Registry entries deleted on Reboot...