Author Topic: Malicious URL Blocked - Need Help  (Read 14756 times)

0 Members and 1 Guest are viewing this topic.

blakerush

  • Guest
Re: Malicious URL Blocked - Need Help
« Reply #15 on: April 24, 2012, 03:39:48 AM »
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Amicus\Amicus Attorney Premium Workstation\AmicusAttorney.XWin.exe" = C:\Amicus\Amicus Attorney Premium Workstation\AmicusAttorney.XWin.exe:*:Enabled:C:\Amicus\Amicus Attorney Premium Workstation\AmicusAttorney.Xwin.exe -- (Gavel & Gown Software Inc.)
"C:\Program Files\Canon\DIAS\CnxDIAS.exe" = C:\Program Files\Canon\DIAS\CnxDIAS.exe:*:Enabled:Canon Driver Information Assist Service -- (CANON INC.)
"C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" = C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE:*:Enabled:Microsoft Office Word
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Documents and Settings\Blake\Local Settings\Temp\7zS3.tmp\SymNRT.exe" = C:\Documents and Settings\Blake\Local Settings\Temp\7zS3.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool
"C:\Documents and Settings\Blake\Local Settings\Temp\7zS5.tmp\SymNRT.exe" = C:\Documents and Settings\Blake\Local Settings\Temp\7zS5.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool
"C:\Documents and Settings\Blake\Local Settings\Temp\7zS6.tmp\SymNRT.exe" = C:\Documents and Settings\Blake\Local Settings\Temp\7zS6.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool
"C:\Documents and Settings\Blake\Local Settings\Temp\7zS8.tmp\SymNRT.exe" = C:\Documents and Settings\Blake\Local Settings\Temp\7zS8.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool
"C:\Program Files\Microsoft Office\Office14\WINWORD.EXE" = C:\Program Files\Microsoft Office\Office14\WINWORD.EXE:*:Enabled:Microsoft Word -- (Microsoft Corporation)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{347C3C03-E2E5-41B1-8DD7-E65993348B5E}" = Amicus Attorney Premium Workstation 2011
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}" = ParetoLogic PC Health Advisor
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D336556-69A2-4566-8EBD-0464C253C2E4}" = CIS 2.2
"{4D612FB2-1AE7-4E46-9377-35BB2F06A787}" = Roxio Media Manager
"{58F4D4FD-1814-4068-B316-C28FC776C6DD}" = GoToMyPC
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5E1DB401-0120-4870-8048-423AF9F6297B}" = SupportCalc PA
"{689E0AB3-50B2-4E5A-9DCE-6DA9F5BE1314}" = BlackBerry® Media Sync
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (English) 14
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

blakerush

  • Guest
Re: Malicious URL Blocked - Need Help
« Reply #16 on: April 24, 2012, 03:41:21 AM »
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{976475B8-63E9-4559-BE2C-D26086BE4C40}" = LogMeIn
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A325B368-A9EC-40EF-A95C-9DEAD3683AE3}" = Broadcom Gigabit NetLink Controller
"{A47D08BF-E95A-47FB-A42F-8FCB0351339C}" = Amicus Attorney Premium Tasks Toolbar
"{AC76BA86-1033-0000-BA7E-000000000001}" = Adobe Acrobat 6.0 Standard
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D661A28E-3922-4484-84EA-5A3C924369E6}" = Amicus Merge Toolbar
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F8C04C5B-8876-424D-B428-23626373D2A0}" = BlackBerry Desktop Software 5.0
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"avast" = avast! Internet Security
"BB FlashBack Pro 3" = BB FlashBack Pro 3
"BlackBerry_{F8C04C5B-8876-424D-B428-23626373D2A0}" = BlackBerry Desktop Software 5.0
"Express ClickYes" = Express ClickYes 1.2
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"PCLaw" = LexisNexis PCLaw
"VLC media player" = VLC media player 1.1.11
"Windows Media Format Runtime" = Windows Media Format Runtime
 
========== Last 10 Event Log Errors ==========
 
[ Amicus Attorney Events ]
Error - 4/20/2012 11:14:58 AM | Computer Name = PC-BLAKE | Source = Amicus Attorney | ID = 0
Description =   AmicusError:   *********************************************  Context:
MachineName:
 PC-BLAKE  TimeStamp: 4/20/2012 11:14:58 AM  AppDomainName: AmicusAttorney.Xwin.exe    1)
 Exception Information  *********************************************  Exception Type:
 Microsoft.ApplicationBlocks.ExceptionManagement.AmicusError  Message: XWin: Amicus
 Attorney has lost its connection with the server and needs to shut down. Please
 check your network connections and server status before restarting.  HelpLink:
 
Error - 4/20/2012 11:16:22 AM | Computer Name = PC-BLAKE | Source = Amicus Attorney | ID = 0
Description =   AmicusError:   *********************************************  Context:
MachineName:
 PC-BLAKE  TimeStamp: 4/20/2012 11:16:22 AM  AppDomainName: AmicusAttorney.Xwin.exe    1)
 Exception Information  *********************************************  Exception Type:
 System.Net.Sockets.SocketException  Message: A connection attempt failed because
the connected party did not properly respond after a period of time, or established
 connection failed because connected host has failed to respond 192.168.2.25:49259
HelpLink:
     StackTrace Information  *********************************************     at AmicusAttorney.XOL.Client.AmicusCustomProxy.Invoke(IMessage
 msg)     at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type)     at AmicusAttorney.XOL.Shared.ManagerInterfaces.IManagerBase.GetListRemote(Byte[]
 baseFilter)     at AmicusAttorney.XOL.Shared.ClientMgrProxies.ManagerBaseProxy.GetList(SearchFilterBase
 baseFilter)     at AmicusAttorney.XOL.Shared.ClientMgrProxies.CommunicationManagerProxy.GetList(CommunicationSearchFilter
 filter, Boolean includeUnsavedEmails)     at AmicusAttorney.Providers.DataProvider.DataSourceCacheProvider.GetData(GetDataInfo
 info, SearchFilterBase& searchFilterBase)     at AmicusAttorney.Providers.DataProvider.CommProvider.GetList(ISysEventInfo
 sysEventInfo, Object[] _list)
 
Error - 4/20/2012 11:16:22 AM | Computer Name = PC-BLAKE | Source = Amicus Attorney | ID = 0
Description =   AmicusError:   *********************************************  Context:
MachineName:
 PC-BLAKE  TimeStamp: 4/20/2012 11:16:22 AM  AppDomainName: AmicusAttorney.Xwin.exe    1)
 Exception Information  *********************************************  Exception Type:
 Microsoft.ApplicationBlocks.ExceptionManagement.AmicusError  Message: XWin: Amicus
 Attorney has lost its connection with the server and needs to shut down. Please
 check your network connections and server status before restarting.  HelpLink:
 
Error - 4/20/2012 11:17:04 AM | Computer Name = PC-BLAKE | Source = Amicus Attorney | ID = 0
Description =   AmicusError:   *********************************************  Context:
MachineName:
 PC-BLAKE  TimeStamp: 4/20/2012 11:17:04 AM  AppDomainName: AmicusAttorney.Xwin.exe    1)
 Exception Information  *********************************************  Exception Type:
 System.Net.Sockets.SocketException  Message: A connection attempt failed because
the connected party did not properly respond after a period of time, or established
 connection failed because connected host has failed to respond 192.168.2.25:49259
HelpLink:
     StackTrace Information  *********************************************     at AmicusAttorney.XOL.Client.AmicusCustomProxy.Invoke(IMessage
 msg)     at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type)     at AmicusAttorney.XOL.Shared.ManagerInterfaces.IManagerBase.GetListRemote(Byte[]
 baseFilter)     at AmicusAttorney.XOL.Shared.ClientMgrProxies.ManagerBaseProxy.GetList(SearchFilterBase
 baseFilter)     at AmicusAttorney.XOL.Shared.ClientMgrProxies.CommunicationManagerProxy.GetList(CommunicationSearchFilter
 filter, Boolean includeUnsavedEmails)     at AmicusAttorney.Providers.DataProvider.DataSourceCacheProvider.GetData(GetDataInfo
 info, SearchFilterBase& searchFilterBase)     at AmicusAttorney.Providers.DataProvider.CommProvider.GetList(ISysEventInfo
 sysEventInfo, Object[] _list)

blakerush

  • Guest
Re: Malicious URL Blocked - Need Help
« Reply #17 on: April 24, 2012, 03:42:29 AM »
Error - 4/20/2012 11:17:04 AM | Computer Name = PC-BLAKE | Source = Amicus Attorney | ID = 0
Description =   AmicusError:   *********************************************  Context:
MachineName:
 PC-BLAKE  TimeStamp: 4/20/2012 11:17:04 AM  AppDomainName: AmicusAttorney.Xwin.exe    1)
 Exception Information  *********************************************  Exception Type:
 Microsoft.ApplicationBlocks.ExceptionManagement.AmicusError  Message: XWin: Amicus
 Attorney has lost its connection with the server and needs to shut down. Please
 check your network connections and server status before restarting.  HelpLink:
 
Error - 4/20/2012 1:22:01 PM | Computer Name = PC-BLAKE | Source = Amicus Attorney | ID = 0
Description =   AmicusError:   *********************************************  Context:
MachineName:
 PC-BLAKE  TimeStamp: 4/20/2012 1:22:01 PM  AppDomainName: AmicusAttorney.Xwin.exe    1)
 Exception Information  *********************************************  Exception Type:
 Microsoft.ApplicationBlocks.ExceptionManagement.AmicusError  Message: InvalidSession.
 System will now shut down.  HelpLink:
 
Error - 4/20/2012 3:28:31 PM | Computer Name = PC-BLAKE | Source = Amicus Attorney | ID = 0
Description =   AmicusError:   *********************************************  Context:
MachineName:
 PC-BLAKE  TimeStamp: 4/20/2012 3:28:31 PM  AppDomainName: AmicusAttorney.Xwin.exe    1)
 Exception Information  *********************************************  Exception Type:
 System.NullReferenceException  Message: Object reference not set to an instance of
 an object.  HelpLink:     StackTrace Information  *********************************************

   at AmicusAttorney.Providers.DataProvider.TimeProvider.SetUpFilter(TimeListContext
 listContext)     at AmicusAttorney.Providers.DataProvider.TimeProvider.GetList(ISysEventInfo
 sysEventInfo, Object[] _list)
 
Error - 4/22/2012 6:21:34 PM | Computer Name = PC-BLAKE | Source = Amicus Attorney | ID = 0
Description =   AmicusError:   *********************************************  Context:
MachineName:
 PC-BLAKE  TimeStamp: 4/22/2012 6:21:34 PM  AppDomainName: AmicusAttorney.Xwin.exe    1)
 Exception Information  *********************************************  Exception Type:
 System.NullReferenceException  Message: Object reference not set to an instance of
 an object.  HelpLink:     StackTrace Information  *********************************************

   at AmicusAttorney.Providers.DataProvider.TimeProvider.SetUpFilter(TimeListContext
 listContext)     at AmicusAttorney.Providers.DataProvider.TimeProvider.GetList(ISysEventInfo
 sysEventInfo, Object[] _list)
 
Error - 4/23/2012 3:01:44 PM | Computer Name = PC-BLAKE | Source = Amicus Attorney | ID = 0
Description =   AmicusError:   *********************************************  Context:
MachineName:
 PC-BLAKE  TimeStamp: 4/23/2012 3:01:44 PM  AppDomainName: AmicusAttorney.Xwin.exe    1)
 Exception Information  *********************************************  Exception Type:
 System.NullReferenceException  Message: Object reference not set to an instance of
 an object.  HelpLink:     StackTrace Information  *********************************************

   at AmicusAttorney.Providers.DataProvider.TimeProvider.SetUpFilter(TimeListContext
 listContext)     at AmicusAttorney.Providers.DataProvider.TimeProvider.GetList(ISysEventInfo
 sysEventInfo, Object[] _list)
 
Error - 4/23/2012 6:17:00 PM | Computer Name = PC-BLAKE | Source = Amicus Attorney | ID = 0
Description =   AmicusError:   *********************************************  Context:
MachineName:
 PC-BLAKE  TimeStamp: 4/23/2012 6:17:00 PM  AppDomainName: AmicusAttorney.Xwin.exe    1)
 Exception Information  *********************************************  Exception Type:
 System.NullReferenceException  Message: Object reference not set to an instance of
 an object.  HelpLink:     StackTrace Information  *********************************************

   at AmicusAttorney.Providers.DataProvider.TimeProvider.SetUpFilter(TimeListContext
 listContext)     at AmicusAttorney.Providers.DataProvider.TimeProvider.GetList(ISysEventInfo
 sysEventInfo, Object[] _list)
 
[ Application Events ]
Error - 4/19/2012 2:54:21 PM | Computer Name = PC-BLAKE | Source = Application Hang | ID = 1002
Description = Hanging application AmicusAttorney.Xwin.exe, version 11.5.0.4, hang
 module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 4/19/2012 2:54:23 PM | Computer Name = PC-BLAKE | Source = Application Hang | ID = 1002
Description = Hanging application AmicusAttorney.Xwin.exe, version 11.5.0.4, hang
 module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 4/22/2012 1:50:49 PM | Computer Name = PC-BLAKE | Source = Application Hang | ID = 1002
Description = Hanging application chrome.exe, version 18.0.1025.162, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 4/23/2012 1:51:06 PM | Computer Name = PC-BLAKE | Source = MsiInstaller | ID = 11704
Description = Product: Google Update Helper -- Error 1704. An installation for Roxio
 Media Manager is currently suspended.  You must undo the changes made by that installation
 to continue.  Do you want to undo those changes?
 
Error - 4/23/2012 3:32:16 PM | Computer Name = PC-BLAKE | Source = MsiInstaller | ID = 11706
Description = Product: Amicus Attorney Premium Workstation 2011 -- Error 1706.No
 valid source could be found for product Amicus Attorney Premium Workstation 2011.
  The Windows Installer cannot continue.
 
Error - 4/23/2012 3:35:51 PM | Computer Name = PC-BLAKE | Source = MsiInstaller | ID = 11706
Description = Product: Amicus Attorney Premium Workstation 2011 -- Error 1706.No
 valid source could be found for product Amicus Attorney Premium Workstation 2011.
  The Windows Installer cannot continue.
 
[ System Events ]
Error - 4/23/2012 7:15:12 PM | Computer Name = PC-BLAKE | Source = Service Control Manager | ID = 7000
Description = The GoToMyPC service failed to start due to the following error:   %%1053
 
Error - 4/23/2012 7:15:12 PM | Computer Name = PC-BLAKE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher
 9 service to connect.

blakerush

  • Guest
Re: Malicious URL Blocked - Need Help
« Reply #18 on: April 24, 2012, 03:43:04 AM »

Error - 4/23/2012 7:25:03 PM | Computer Name = PC-BLAKE | Source = System Error | ID = 1003
Description = Error code 1000008e, parameter1 c0000005, parameter2 b9f1571d, parameter3
 a760b580, parameter4 00000000.
 
Error - 4/23/2012 7:25:12 PM | Computer Name = PC-BLAKE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Roxio Upnp Server 9 service
 to connect.
 
Error - 4/23/2012 7:25:12 PM | Computer Name = PC-BLAKE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher
 9 service to connect.
 
Error - 4/23/2012 7:28:24 PM | Computer Name = PC-BLAKE | Source = System Error | ID = 1003
Description = Error code 1000008e, parameter1 c0000005, parameter2 b9f1571d, parameter3
 a73ff580, parameter4 00000000.
 
Error - 4/23/2012 7:28:26 PM | Computer Name = PC-BLAKE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Roxio Upnp Server 9 service
 to connect.
 
Error - 4/23/2012 7:28:26 PM | Computer Name = PC-BLAKE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher
 9 service to connect.
 
Error - 4/23/2012 7:41:12 PM | Computer Name = PC-BLAKE | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
 with arguments ""  in order to run the server:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 4/23/2012 7:42:28 PM | Computer Name = PC-BLAKE | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
   Aavmker4  aswSnx  aswSP  aswTdi  Fips  intelppm  SASDIFSV  SASKUTIL
 
 
< End of report >

aswMBR log:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-23 19:51:32
-----------------------------
19:51:32.953    OS Version: Windows 5.1.2600 Service Pack 3
19:51:32.953    Number of processors: 2 586 0x170A
19:51:32.953    ComputerName: PC-BLAKE  UserName: Blake
19:51:34.859    Initialize success
19:51:35.671    AVAST engine defs: 12042301
19:51:47.687    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
19:51:47.703    Disk 0 Vendor: WDC_WD3200AAKS-75L9A0 02.03E02 Size: 305245MB BusType: 3
19:51:47.703    Device \Driver\atapi -> DriverStartIo 89ff62e2
19:51:47.718    Disk 0 MBR read successfully
19:51:47.734    Disk 0 MBR scan
19:51:48.171    Disk 0 Windows XP default MBR code
19:51:48.171    Disk 0 MBR hidden
19:51:48.203    Disk 0 Partition 1 00     07    HPFS/NTFS NTFS       305234 MB offset 63
19:51:48.421    Disk 0 scanning sectors +625121280
19:51:48.609    Disk 0 scanning C:\WINDOWS\system32\drivers
19:52:02.218    Service scanning
19:52:36.718    Modules scanning
19:52:40.984    Disk 0 trace - called modules:
19:52:41.015    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x89ff64b1]<<
19:52:41.046    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a0f2ab8]
19:52:41.078    3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\0000006a[0x8a100f18]
19:52:41.125    5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> [0x8a1dc030]
19:52:41.156    \Driver\atapi[0x8a07a030] -> IRP_MJ_CREATE -> 0x89ff64b1
19:52:42.359    AVAST engine scan C:\WINDOWS
19:52:48.156    AVAST engine scan C:\WINDOWS\system32
19:54:41.046    AVAST engine scan C:\WINDOWS\system32\drivers
19:54:52.187    AVAST engine scan C:\Documents and Settings\Blake
[img]19:59:36.484    AVAST engine scan C:\Documents and Settings\All Users
19:59:55.281    Scan finished successfully
20:00:23.406    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Blake\Desktop\MBR.dat"
20:00:23.421    The log file has been saved successfully to "C:\Documents and Settings\Blake\Desktop\aswMBR.txt"

blakerush

  • Guest
Re: Malicious URL Blocked - Need Help
« Reply #19 on: April 24, 2012, 03:44:20 AM »
I AM FINALLY DONE POSTING ALL OF THE LOGS. HOLY SHIT THAT TOOK FOREVER GIVEN THE SPACE RESTRICTIONS. DID I DO SOMETHING WRONG?

Reikki

  • Guest
Re: Malicious URL Blocked - Need Help
« Reply #20 on: April 24, 2012, 03:49:26 AM »
When you reply, if you click "attachments and other options" (right below the text input box), you can attach logs to your post, instead of copy/pasting them. This way, it makes it faster for you, and also prevents you from needing to split each log into multiple posts.

Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5564
  • Spartan Warrior
Re: Malicious URL Blocked - Need Help
« Reply #21 on: April 24, 2012, 06:59:12 AM »
blakerush, welcome to the forums.

Sorry you had to copy and paste the logs as you did.  As Camo says, attaching the logs at the bottom of the text box you are working in is all you need to do.

See image attached below.

This should give you the idea on where this feature is.  Note that there is a total size limit of attached files of 4 per post, and maximum total file size of 192KB, one file maximum of 200KB.

It seems that a post re whatever symptoms your computer has is missing; all that one can see are the various logs of scans run.  No obvious information as to type of operating system, avast! version, name of malware detected, etc.  To help here, please read and follow the http://forum.avast.com/index.php?topic=53253.0 post by essexboy on how to post logs in cleaning malware.

A certified malware specialist will be along shortly.  Hope this helps.
Windows 10 Home 64-bit 22H2 Avast Premier Security version 24.1.6099 (build 24.1.88821.762)  UI version 1.0.797
 UI version 1.0.788.  Windows 11 Home 23H2 - Windows 11 Pro 23H2 Avast Premier Security version 24.2.6105 (build 24.1.8918.827) UI version 1.0.801