Jump to content

crashing and unable to run a complete full scan


Recommended Posts

my computer had started crashing over the last month and I recently decided to run a malwarebytes scan. every time i did it would start detecting different viruses and then it would crash. I will get the kernal stack in page error with different numbers sometimes. and now when I start my computer there is an event code that pops up that says failed to perform desired action error code 2. even when I am updating my computer is is crashing. after removing a few viruses the computer seems to be crashing even more often. I have tried to defragment my computer but I am unsure if it is working. I have to use a code I found online to run it because the one built in to the computer is not responding. not sure if it has something to do with roboform or something else that I have done. thanks for any help you can give.

P.S. I am running vista on my computer.

I have downloaded the dds.scr file but i cannot figure out how to disable the script blockers.

I have trend micro office scan, malwarebytes, and the microsoft security essentials that came on the computer.

Link to post
Share on other sites

my computer crashes all the time. I am unsure if it is because of the programs I am running or if it is a virus. I am attaching the logs that are required. I posted a topic before but the person who respnded didnt address this issue and their post has recently disappeared. so I am trying again. thank you in advance!DDS1.txtAttach1.txt

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31

Run by bestbuy at 0:22:59 on 2012-04-07

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1014.148 [GMT -5:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\agrsmsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe

C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe

C:\WINDOWS\TEMP\HC94CB.EXE

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Camera Assistant Software for Gateway\traybar.exe

C:\Program Files\Spare Backup\SpareBackup.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Windows\sttray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Trend Micro\OfficeScan Client\PccNTMon.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\SearchFilterHost.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com/

mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=P-6822

mDefault_Page_URL = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=P-6822

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

mSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=P-6822

uURLSearchHooks: SweetIM For Internet Explorer: {bc4ffe41-de9f-46fa-b455-aad49b9f9938} -

uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll

uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn2\YTNavAssist.dll

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: SWEETIE Class: {1a0aadcd-3a72-4b5f-900f-e3bb5a838e2a} - c:\progra~1\macrog~1\sweeti~1\toolbar.dll

BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll

BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\windows\system32\BAE.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn2\YTSingleInstance.dll

TB: SweetIM For Internet Explorer: {bc4ffe41-de9f-46fa-b455-aad49b9f9938} -

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll

TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [Desktop Software] "c:\program files\common files\supportsoft\bin\bcont.exe" /ini "c:\program files\comcastui\desktop software\uinstaller.ini" /fromrun /starthidden

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [googletalk] c:\users\bestbuy\appdata\roaming\google\google talk\googletalk.exe /autostart

uRun: [Facebook Update] "c:\users\bestbuy\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver

uRun: [Google Update] "c:\users\bestbuy\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"

mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide

mRun: [iAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"

mRun: [synTPEnh] "c:\program files\synaptics\syntp\SynTPEnh.exe"

mRun: [Camera Assistant Software] "c:\program files\camera assistant software for gateway\traybar.exe"

mRun: [spare Backup] "c:\program files\spare backup\SpareBackup.exe" /silent

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [sigmatelSysTrayApp] sttray.exe

mRun: [RunUVC] "f:\studio.vs\RUNUVC.exe"

mRun: [uVCSti] "f:\studio.vs\UVCSti.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [T-Mobile webConnect Manager] "c:\program files\t-mobile\webconnect manager\TMobileCM.exe" -a

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [OfficeScanNT Monitor] "c:\program files\trend micro\officescan client\pccntmon.exe" -HideWindow

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html

IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html

IE: Show RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\roboform.dll

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\roboform.dll

IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll

IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

Trusted Zone: go.com\community.abcfamily

DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFECAFE-0013-0001-0028-ABCDEFABCDEF}

DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{7522F32D-206B-40F7-A11B-6FD4586C521C} : DhcpNameServer = 10.177.0.34 10.163.103.140

TCP: Interfaces\{876F1865-E9B2-492C-9E68-23F446C5AB61} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{AF71050C-E02E-47C2-8FD8-77BB345FE01E} : DhcpNameServer = 10.133.20.11 10.132.20.11

TCP: Interfaces\{C772FBCA-7F94-4C4C-91CC-4DF1F97FAD10} : DhcpNameServer = 10.133.20.11 10.132.20.11

TCP: Interfaces\{F40A351C-5A5B-41ED-9F85-4ACCBD529E40} : DhcpNameServer = 10.133.20.11 10.132.20.11

Notify: DfLogon - LogonDll.dll

Notify: igfxcui - igfxdev.dll

AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\bestbuy\appdata\roaming\mozilla\firefox\profiles\4uhirxrd.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/

FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\NPJinit13128.dll

FF - plugin: c:\users\bestbuy\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll

FF - plugin: c:\users\bestbuy\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: c:\users\bestbuy\appdata\roaming\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\users\bestbuy\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_228.dll

.

============= SERVICES / DRIVERS ===============

.

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648]

R2 TmFilter;Trend Micro Filter;c:\program files\trend micro\officescan client\TmXpflt.sys [2009-5-22 249424]

R2 TmPreFilter;Trend Micro PreFilter;c:\program files\trend micro\officescan client\TmPreflt.sys [2009-5-22 36432]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-10-30 20464]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]

R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]

R3 tmobile_mf691_dc_enum;T-Mobile MF691 DC Enumerator;c:\windows\system32\drivers\tmobile_mf691_dc_enum.sys [2010-4-9 80000]

S3 ATMFBUS;A600 USB Composite Device Driver;c:\windows\system32\drivers\ATMFBUS.sys [2010-6-18 47360]

S3 ATMFCVsp;A600 Cricket CM Port;c:\windows\system32\drivers\ATMFCVsp.sys [2010-6-18 153600]

S3 ATMFFLT;A600 USB Modem Installation CD;c:\windows\system32\drivers\ATMFFLT.sys [2010-6-18 13312]

S3 ATMFMdm;A600 Cricket EVDO Modem;c:\windows\system32\drivers\ATMFMdm.sys [2010-6-18 153472]

S3 ATMFNET;A600 Cricket EVDO Network Adapter;c:\windows\system32\drivers\ATMFNET.sys [2010-6-18 103424]

S3 ATMFNVsp;A600 Cricket NMEA Port Serial Port;c:\windows\system32\drivers\ATMFNVsp.sys [2010-6-18 153600]

S3 ATMFVsp;A600 Cricket Diagnostics Port;c:\windows\system32\drivers\ATMFVsp.sys [2010-6-18 153472]

S3 Cam3820;Cam3820 PC Camera Driver;c:\windows\system32\drivers\cam3820a.sys [2009-1-10 300544]

S3 NETw2v32;Intel® PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\system32\drivers\NETw2v32.sys [2006-11-2 2589184]

S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]

S3 tmobile_mf691_cdc_acm;T-Mobile MF691 CDC-ACM driver;c:\windows\system32\drivers\tmobile_mf691_cdc_acm.sys [2010-4-9 86016]

S3 tmobile_mf691_cdc_ecm;tmobile_mf691_cdc_ecm;c:\windows\system32\drivers\tmobile_mf691_cdc_ecm.sys [2010-4-9 50304]

S3 tmobile_mf691_cpo;T-Mobile webConnect CPO device;c:\windows\system32\drivers\tmobile_mf691_cpo.sys [2010-4-9 9728]

S3 uts_bus;UTStarcom USB Composite Device driver (WDM);c:\windows\system32\drivers\uts_bus.sys [2009-1-22 84352]

S3 uts_mdfl;UTStarcom USB Modem Filter;c:\windows\system32\drivers\uts_mdfl.sys [2009-1-22 14976]

S3 uts_mdm;UTStarcom USB Modem Drivers;c:\windows\system32\drivers\uts_mdm.sys [2009-1-22 110848]

S3 uts_serd;UTStarcom USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\uts_serd.sys [2009-1-22 90880]

.

=============== Created Last 30 ================

.

2012-04-07 05:03:26 6582328 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{a0042183-6462-42ef-82ea-d4a78839566b}\mpengine.dll

2012-04-07 04:47:09 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9d6a8f1b-bd51-4141-9213-f1d1cd703f75}\offreg.dll

2012-04-07 04:29:01 -------- d-----w- C:\44efb52931bff47de567d1201b

2012-04-07 04:18:50 6582328 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9d6a8f1b-bd51-4141-9213-f1d1cd703f75}\mpengine.dll

2012-04-06 20:37:43 -------- d-----w- C:\3ea26bb5c63edd4fa5b93462715d0e

2012-04-06 20:17:38 -------- d-----w- C:\0b44ee466b2eee41635e5243

2012-04-06 19:59:13 -------- d-----w- C:\94af74d86f48a349828ba3caeb

2012-04-06 18:06:20 -------- d-----w- C:\271a758b5aa98ea9f3d6c95a08c9b4d9

2012-04-06 07:48:23 -------- d-----w- C:\577f216263167f95789eed9a8b70a1e5

2012-04-03 19:27:41 -------- d-----w- C:\0edf190d8a536e58b74bb1a0764921

2012-04-03 08:02:22 -------- d-----w- C:\cb0886249bb2ba04f0acf75d

2012-04-02 23:22:13 -------- d-----w- C:\fed6fdea37845f660d0030c4d3d3cd

2012-04-02 23:15:08 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-04-02 20:02:11 -------- d-----w- C:\a5b5dab20bf180719940247f4278

2012-04-02 12:08:20 713784 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9a49293d-9946-4bc2-80f7-9f87db6daba0}\gapaengine.dll

2012-04-01 18:43:50 -------- d-----w- C:\5c2c5d95dabf358124bd6f491c

2012-04-01 06:06:34 -------- d-----w- C:\27bca232314e34e084bbf2990592bdce

2012-04-01 05:55:38 2044416 ----a-w- c:\windows\system32\win32k.sys

2012-04-01 05:55:30 219648 ----a-w- c:\windows\system32\d3d10_1core.dll

2012-04-01 05:55:30 1172480 ----a-w- c:\windows\system32\d3d10warp.dll

2012-04-01 05:55:30 1068544 ----a-w- c:\windows\system32\DWrite.dll

2012-04-01 05:55:29 683008 ----a-w- c:\windows\system32\d2d1.dll

2012-04-01 05:55:29 160768 ----a-w- c:\windows\system32\d3d10_1.dll

2012-04-01 05:55:15 613376 ----a-w- c:\windows\system32\rdpencom.dll

2012-04-01 05:55:14 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-04-01 05:09:54 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

2012-04-01 03:37:05 -------- d-----w- C:\f3cdcf9314593ab81aeb8292

2012-04-01 03:25:04 3993600 ----a-w- c:\program files\GUTAFCF.tmp

2012-04-01 03:25:04 -------- d-----w- c:\program files\GUMAFCE.tmp

2012-03-31 23:36:23 -------- d-----w- C:\9d98849fa84a7e86d4bc1f9f46fe

2012-03-31 17:31:35 -------- d-----w- C:\e4a4a05a77e677896cbbe0fd20

2012-03-30 23:39:42 -------- d-----w- C:\26ecb0768b60eccc83ed9775a72b63

.

==================== Find3M ====================

.

2012-04-02 23:35:56 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-04-01 04:55:15 472808 ----a-w- c:\windows\system32\deployJava1.dll

2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe

.

============= FINISH: 0:25:41.57 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 9/12/2007 1:30:32 PM

System Uptime: 4/6/2012 11:46:19 PM (1 hours ago)

.

Motherboard: Gateway | | P-6822

Processor: Intel® Core2 Duo CPU T5250 @ 1.50GHz | U2E1 | 1000/mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 223 GiB total, 150.214 GiB free.

D: is FIXED (NTFS) - 10 GiB total, 3.886 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Microsoft ISATAP Adapter

Device ID: ROOT\*ISATAP\0001

Manufacturer: Microsoft

Name: Microsoft ISATAP Adapter #2

PNP Device ID: ROOT\*ISATAP\0001

Service: tunnel

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Microsoft Tun Miniport Adapter

Device ID: ROOT\*TUNMP\0001

Manufacturer: Microsoft

Name: Teredo Tunneling Pseudo-Interface

PNP Device ID: ROOT\*TUNMP\0001

Service: tunmp

.

==== System Restore Points ===================

.

RP1262: 3/16/2012 7:10:04 PM - Windows Update

RP1263: 3/17/2012 8:45:40 PM - Windows Update

RP1264: 3/18/2012 9:55:41 PM - Windows Update

RP1265: 3/20/2012 2:30:42 PM - Windows Update

RP1266: 3/21/2012 10:13:37 PM - Windows Update

RP1267: 3/23/2012 8:57:47 AM - Windows Update

RP1268: 3/23/2012 10:03:29 PM - Windows Update

RP1269: 3/25/2012 3:09:13 PM - Windows Update

RP1270: 3/25/2012 6:08:57 PM - Windows Update

RP1271: 3/27/2012 7:44:36 AM - Windows Update

RP1272: 3/28/2012 3:33:32 PM - Windows Update

RP1273: 3/29/2012 6:39:23 PM - Windows Update

RP1274: 3/30/2012 6:37:46 PM - Windows Update

RP1275: 3/30/2012 7:46:47 PM - Windows Update

RP1276: 3/31/2012 12:19:30 PM - Windows Update

RP1277: 3/31/2012 6:23:02 PM - Windows Update

RP1278: 3/31/2012 6:34:06 PM - Windows Update

RP1279: 3/31/2012 10:25:46 PM - Windows Update

RP1280: 3/31/2012 11:50:24 PM - Installed Java 6 Update 31

RP1281: 3/31/2012 11:58:33 PM - Windows Update

RP1282: 4/1/2012 1:00:06 AM - Windows Update

RP1284: 4/2/2012 2:58:59 PM - Windows Update

RP1285: 4/2/2012 6:18:27 PM - Windows Update

RP1286: 4/3/2012 3:00:15 AM - Windows Update

RP1288: 4/3/2012 3:26:19 PM - Windows Update

RP1289: 4/4/2012 7:32:38 PM - Windows Update

RP1290: 4/5/2012 8:24:15 PM - Windows Update

RP1291: 4/6/2012 2:45:56 AM - Windows Update

RP1292: 4/6/2012 1:03:02 PM - Windows Update

RP1293: 4/6/2012 2:55:16 PM - Windows Update

RP1294: 4/6/2012 3:13:58 PM - Windows Update

RP1295: 4/6/2012 3:31:27 PM - Windows Update

RP1297: 4/6/2012 11:58:29 PM - Windows Update

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

AC3Filter (remove only)

Acrobat.com

Activation Assistant for the 2007 Microsoft Office suites

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.5.0

Adobe® Photoshop® Album Starter Edition 3.2

Agere Systems HDA Modem

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Bonjour

Browser Address Error Redirector

Camera Assistant Software for Gateway

Cricket Broadband 1.0

Cricket EVDO Modem

DivX Web Player

dj_sf_software_req

Electronic Listening Guides

Facebook Video Calling 1.2.0.159

Gateway Connect

Gateway Recovery Center Installer

Geek Squad 24 Hour Computer Support

Google Chrome

Google Desktop

Google Talk (remove only)

Google Talk Plugin

Google Toolbar for Internet Explorer

Google Update Helper

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Deskjet Printer Driver Software 9.0

IDT Audio

IL Download Manager

Intel® Graphics Media Accelerator Driver

Intel® Matrix Storage Manager

InterAct Math Plugin (32-bit)

iTunes

Java Auto Updater

Java 6 Update 31

Java SE Runtime Environment 6 Update 1

LabelPrint

Malwarebytes Anti-Malware version 1.60.1.1000

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Antimalware

Microsoft Money Essentials

Microsoft Money Shared Libraries

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Works

Microsoft WSE 2.0 SP3 Runtime

Move Networks Media Player for Internet Explorer

Mozilla Firefox 10.0.2 (x86 en-US)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 and SOAP Toolkit 3.0

OGA Notifier 2.0.0048.0

Oracle JInitiator 1.3.1.28

PoiZone

Power2Go 5.0

QuickLink Mobile

QuickTime

Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista

Realtek USB 2.0 Card Reader

Rhapsody Player Engine

RoboForm 7-6-9 (All Users)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Spare Backup

Spelling Dictionaries Support For Adobe Reader 9

Synaptics Pointing Device Driver

T-Mobile webConnect Manager

Toolbox

Toxic Biohazard

Trend Micro OfficeScan Client

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

UTStarcom USB Modem Software

UVC Video Camera

VC80CRTRedist - 8.0.50727.762

Windows Live installer

Windows Live Messenger

Windows Live Sign-in Assistant

Xvid 1.2.1 final uninstall

Yahoo! Browser Services

Yahoo! Detect

Yahoo! Install Manager

Yahoo! Internet Mail

Yahoo! Messenger

Yahoo! Software Update

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

4/6/2012 4:17:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

4/6/2012 3:44:28 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom MpFilter spldr tmtdi Wanarpv6

4/6/2012 3:44:28 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

4/6/2012 3:44:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

4/6/2012 3:44:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

4/6/2012 3:44:05 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

4/6/2012 3:43:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

4/6/2012 3:43:31 PM, Error: EventLog [6008] - The previous system shutdown at 3:40:24 PM on 4/6/2012 was unexpected.

4/6/2012 3:22:34 PM, Error: EventLog [6008] - The previous system shutdown at 3:20:20 PM on 4/6/2012 was unexpected.

4/6/2012 3:04:37 PM, Error: EventLog [6008] - The previous system shutdown at 3:01:02 PM on 4/6/2012 was unexpected.

4/6/2012 2:47:10 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

4/6/2012 12:54:37 PM, Error: EventLog [6008] - The previous system shutdown at 2:50:16 AM on 4/6/2012 was unexpected.

4/6/2012 11:53:08 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

4/6/2012 11:48:27 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom

4/6/2012 11:48:27 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

4/6/2012 11:48:27 PM, Error: Service Control Manager [7000] - The Effect Service service failed to start due to the following error: The system cannot find the path specified.

4/6/2012 11:46:59 PM, Error: Microsoft-Windows-TaskScheduler [412] - Task Scheduler service failed to launch tasks triggered by computer startup. Additional Data: Error Value: 2147942402. User Action: restart task scheduler service.

4/6/2012 11:46:47 PM, Error: EventLog [6008] - The previous system shutdown at 11:37:23 PM on 4/6/2012 was unexpected.

4/6/2012 11:30:29 PM, Error: PlugPlayManager [12] - The device 'Optiarc DVD RW AD-7563A ATA Device' (IDE\CdRomOptiarc_DVD_RW_AD-7563A_________________WX05____\5&bd5da89&0&0.1.0) disappeared from the system without first being prepared for removal.

4/6/2012 11:30:14 PM, Error: cdrom [15] - The device, \Device\CdRom0, is not ready for access yet.

4/6/2012 11:25:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Eventlog service.

4/6/2012 11:25:19 PM, Error: Service Control Manager [7000] - The Microsoft Software Shadow Copy Provider service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

4/6/2012 11:25:17 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft Software Shadow Copy Provider service to connect.

4/6/2012 11:23:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service swprv with arguments "" in order to run the server: {65EE1DBA-8FF4-4A58-AC1C-3470EE2F376A}

4/6/2012 11:09:59 PM, Error: Microsoft-Windows-ResourcePublication [1002] - Element Provider\Microsoft.Base.Publication/Publication/Computer failed to publish. Ensure that both PKEY_PUBSVCS_METADATA and PKEY_PUBSVCS_TYPE are set properly on the function instance and there were no errors adding the function instance.

4/6/2012 1:12:48 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: MpFilter spldr tmtdi Wanarpv6

4/6/2012 1:11:32 PM, Error: EventLog [6008] - The previous system shutdown at 1:08:30 PM on 4/6/2012 was unexpected.

4/5/2012 8:00:19 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.6 with the system having network hardware address B8-17-C2-45-86-2F. Network operations on this system may be disrupted as a result.

4/4/2012 7:10:33 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

4/3/2012 9:21:47 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.123.894.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8202.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

4/3/2012 9:21:47 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

4/3/2012 9:11:27 AM, Error: EventLog [6008] - The previous system shutdown at 3:03:57 AM on 4/3/2012 was unexpected.

4/3/2012 6:15:48 PM, Error: PlugPlayManager [12] - The device 'Optiarc DVD RW AD-7563A ATA Device' (IDE\CdRomOptiarc_DVD_RW_AD-7563A_________________WX05____\5&bd5da89&0&0.0.0) disappeared from the system without first being prepared for removal.

4/3/2012 6:15:43 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.

4/3/2012 5:10:10 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

4/3/2012 5:10:10 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).

4/3/2012 5:04:38 PM, Error: EventLog [6008] - The previous system shutdown at 4:53:35 PM on 4/3/2012 was unexpected.

4/3/2012 3:12:47 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the iPod Service service to connect.

4/3/2012 3:12:47 PM, Error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

4/3/2012 3:12:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}

4/3/2012 3:09:34 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

4/3/2012 3:07:45 PM, Error: EventLog [6008] - The previous system shutdown at 2:36:01 PM on 4/3/2012 was unexpected.

4/3/2012 2:30:37 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Installer service to connect.

4/3/2012 2:30:37 PM, Error: Service Control Manager [7000] - The Windows Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

4/3/2012 2:30:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

4/3/2012 10:15:32 AM, Error: EventLog [6008] - The previous system shutdown at 10:04:22 AM on 4/3/2012 was unexpected.

4/2/2012 8:05:00 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

4/2/2012 7:05:48 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.109.1657.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7104.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

4/2/2012 6:55:28 AM, Error: EventLog [6008] - The previous system shutdown at 10:41:15 PM on 4/1/2012 was unexpected.

4/2/2012 6:31:47 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect.

4/2/2012 6:31:47 PM, Error: Service Control Manager [7000] - The MBAMService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

4/2/2012 6:28:06 PM, Error: EventLog [6008] - The previous system shutdown at 6:25:25 PM on 4/2/2012 was unexpected.

4/2/2012 3:06:56 PM, Error: EventLog [6008] - The previous system shutdown at 3:04:25 PM on 4/2/2012 was unexpected.

4/1/2012 7:41:25 PM, Error: EventLog [6008] - The previous system shutdown at 6:18:01 PM on 4/1/2012 was unexpected.

4/1/2012 3:02:07 AM, Error: Service Control Manager [7000] - The Volume Shadow Copy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

4/1/2012 3:02:06 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.

4/1/2012 3:02:04 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

4/1/2012 1:49:41 PM, Error: EventLog [6008] - The previous system shutdown at 1:45:24 PM on 4/1/2012 was unexpected.

4/1/2012 1:41:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service gupdate1ca004cbb77bd67 with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

4/1/2012 1:41:48 PM, Error: Service Control Manager [7000] - The Google Update Service (gupdate1ca004cbb77bd67) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

4/1/2012 1:41:46 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate1ca004cbb77bd67) service to connect.

4/1/2012 1:15:45 AM, Error: EventLog [6008] - The previous system shutdown at 1:08:07 AM on 4/1/2012 was unexpected.

3/31/2012 9:34:28 PM, Error: EventLog [6008] - The previous system shutdown at 9:31:03 PM on 3/31/2012 was unexpected.

3/31/2012 8:33:48 PM, Error: EventLog [6008] - The previous system shutdown at 8:13:28 PM on 3/31/2012 was unexpected.

3/31/2012 6:42:05 PM, Error: EventLog [6008] - The previous system shutdown at 6:37:36 PM on 3/31/2012 was unexpected.

3/31/2012 6:09:44 PM, Error: EventLog [6008] - The previous system shutdown at 6:04:54 PM on 3/31/2012 was unexpected.

3/31/2012 5:56:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

3/31/2012 5:54:38 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

3/31/2012 5:54:33 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC MpFilter NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr tdx tmtdi Wanarpv6

3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.

3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The OfficeScan NT Listener service depends on the Network Connections service which failed to start because of the following error: The dependency service or group failed to start.

3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.

3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

3/31/2012 5:53:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

3/31/2012 5:53:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

3/31/2012 5:53:17 PM, Error: EventLog [6008] - The previous system shutdown at 5:25:00 PM on 3/31/2012 was unexpected.

3/31/2012 12:44:06 PM, Error: EventLog [6008] - The previous system shutdown at 12:34:40 PM on 3/31/2012 was unexpected.

3/31/2012 12:11:55 PM, Error: EventLog [6008] - The previous system shutdown at 2:14:20 AM on 3/31/2012 was unexpected.

3/31/2012 11:41:55 PM, Error: Service Control Manager [7022] - The KtmRm for Distributed Transaction Coordinator service hung on starting.

3/31/2012 10:48:21 PM, Error: EventLog [6008] - The previous system shutdown at 10:42:25 PM on 3/31/2012 was unexpected.

3/31/2012 10:13:17 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Font Cache Service service to connect.

3/31/2012 10:13:17 PM, Error: Service Control Manager [7000] - The Windows Font Cache Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/31/2012 1:21:33 AM, Error: EventLog [6008] - The previous system shutdown at 1:18:53 AM on 3/31/2012 was unexpected.

.

==== End Of File ===========================

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

Link to post
Share on other sites

I updated the version that I have. DDS2.txt

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31

Run by bestbuy at 14:37:40 on 2012-04-09

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1014.279 [GMT -5:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\agrsmsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe

C:\WINDOWS\TEMP\UR20A8.EXE

C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Camera Assistant Software for Gateway\traybar.exe

C:\Program Files\Spare Backup\SpareBackup.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Windows\sttray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Trend Micro\OfficeScan Client\PccNTMon.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\taskeng.exe

C:\Windows\ehome\mcupdate.EXE

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\RacAgent.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com/

mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=P-6822

mDefault_Page_URL = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=P-6822

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

mSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=P-6822

uURLSearchHooks: SweetIM For Internet Explorer: {bc4ffe41-de9f-46fa-b455-aad49b9f9938} -

uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll

uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn2\YTNavAssist.dll

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: SWEETIE Class: {1a0aadcd-3a72-4b5f-900f-e3bb5a838e2a} - c:\progra~1\macrog~1\sweeti~1\toolbar.dll

BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll

BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\windows\system32\BAE.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn2\YTSingleInstance.dll

TB: SweetIM For Internet Explorer: {bc4ffe41-de9f-46fa-b455-aad49b9f9938} -

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll

TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [Desktop Software] "c:\program files\common files\supportsoft\bin\bcont.exe" /ini "c:\program files\comcastui\desktop software\uinstaller.ini" /fromrun /starthidden

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [googletalk] c:\users\bestbuy\appdata\roaming\google\google talk\googletalk.exe /autostart

uRun: [Facebook Update] "c:\users\bestbuy\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver

uRun: [Google Update] "c:\users\bestbuy\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"

mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide

mRun: [iAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"

mRun: [synTPEnh] "c:\program files\synaptics\syntp\SynTPEnh.exe"

mRun: [Camera Assistant Software] "c:\program files\camera assistant software for gateway\traybar.exe"

mRun: [spare Backup] "c:\program files\spare backup\SpareBackup.exe" /silent

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [sigmatelSysTrayApp] sttray.exe

mRun: [RunUVC] "f:\studio.vs\RUNUVC.exe"

mRun: [uVCSti] "f:\studio.vs\UVCSti.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [T-Mobile webConnect Manager] "c:\program files\t-mobile\webconnect manager\TMobileCM.exe" -a

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [OfficeScanNT Monitor] "c:\program files\trend micro\officescan client\pccntmon.exe" -HideWindow

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html

IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html

IE: Show RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\roboform.dll

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\roboform.dll

IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll

IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

Trusted Zone: go.com\community.abcfamily

DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFECAFE-0013-0001-0028-ABCDEFABCDEF}

DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{7522F32D-206B-40F7-A11B-6FD4586C521C} : DhcpNameServer = 10.177.0.34 10.163.103.140

TCP: Interfaces\{876F1865-E9B2-492C-9E68-23F446C5AB61} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{AF71050C-E02E-47C2-8FD8-77BB345FE01E} : DhcpNameServer = 10.133.20.11 10.132.20.11

TCP: Interfaces\{C772FBCA-7F94-4C4C-91CC-4DF1F97FAD10} : DhcpNameServer = 10.133.20.11 10.132.20.11

TCP: Interfaces\{F40A351C-5A5B-41ED-9F85-4ACCBD529E40} : DhcpNameServer = 10.133.20.11 10.132.20.11

Notify: DfLogon - LogonDll.dll

Notify: igfxcui - igfxdev.dll

AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\bestbuy\appdata\roaming\mozilla\firefox\profiles\4uhirxrd.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/

FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\NPJinit13128.dll

FF - plugin: c:\users\bestbuy\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll

FF - plugin: c:\users\bestbuy\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: c:\users\bestbuy\appdata\roaming\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\users\bestbuy\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_228.dll

.

============= SERVICES / DRIVERS ===============

.

S3 ATMFBUS;A600 USB Composite Device Driver;c:\windows\system32\drivers\ATMFBUS.sys [2010-6-18 47360]

S3 ATMFCVsp;A600 Cricket CM Port;c:\windows\system32\drivers\ATMFCVsp.sys [2010-6-18 153600]

S3 ATMFFLT;A600 USB Modem Installation CD;c:\windows\system32\drivers\ATMFFLT.sys [2010-6-18 13312]

S3 ATMFMdm;A600 Cricket EVDO Modem;c:\windows\system32\drivers\ATMFMdm.sys [2010-6-18 153472]

S3 ATMFNET;A600 Cricket EVDO Network Adapter;c:\windows\system32\drivers\ATMFNET.sys [2010-6-18 103424]

S3 ATMFNVsp;A600 Cricket NMEA Port Serial Port;c:\windows\system32\drivers\ATMFNVsp.sys [2010-6-18 153600]

S3 ATMFVsp;A600 Cricket Diagnostics Port;c:\windows\system32\drivers\ATMFVsp.sys [2010-6-18 153472]

S3 Cam3820;Cam3820 PC Camera Driver;c:\windows\system32\drivers\cam3820a.sys [2009-1-10 300544]

.

=============== Created Last 30 ================

.

2012-04-09 19:31:38 6582328 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{510942d0-65f4-4400-8d41-1ccf2aefe48b}\mpengine.dll

2012-04-08 22:54:01 -------- d-----w- C:\d40ed3624df61f09816add40bb

2012-04-08 22:26:13 -------- d-----w- C:\06a2e68ae6efc43a9b8aa8f62d2677

2012-04-07 04:29:01 -------- d-----w- C:\44efb52931bff47de567d1201b

2012-04-06 20:37:43 -------- d-----w- C:\3ea26bb5c63edd4fa5b93462715d0e

2012-04-06 20:17:38 -------- d-----w- C:\0b44ee466b2eee41635e5243

2012-04-06 19:59:13 -------- d-----w- C:\94af74d86f48a349828ba3caeb

2012-04-06 18:06:20 -------- d-----w- C:\271a758b5aa98ea9f3d6c95a08c9b4d9

2012-04-06 07:48:23 -------- d-----w- C:\577f216263167f95789eed9a8b70a1e5

2012-04-03 19:27:41 -------- d-----w- C:\0edf190d8a536e58b74bb1a0764921

2012-04-03 08:02:22 -------- d-----w- C:\cb0886249bb2ba04f0acf75d

2012-04-02 23:22:13 -------- d-----w- C:\fed6fdea37845f660d0030c4d3d3cd

2012-04-02 23:15:08 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-04-02 20:02:11 -------- d-----w- C:\a5b5dab20bf180719940247f4278

2012-04-02 12:08:20 713784 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9a49293d-9946-4bc2-80f7-9f87db6daba0}\gapaengine.dll

2012-04-01 18:43:50 -------- d-----w- C:\5c2c5d95dabf358124bd6f491c

2012-04-01 06:06:34 -------- d-----w- C:\27bca232314e34e084bbf2990592bdce

2012-04-01 05:55:38 2044416 ----a-w- c:\windows\system32\win32k.sys

2012-04-01 05:55:30 219648 ----a-w- c:\windows\system32\d3d10_1core.dll

2012-04-01 05:55:30 1172480 ----a-w- c:\windows\system32\d3d10warp.dll

2012-04-01 05:55:30 1068544 ----a-w- c:\windows\system32\DWrite.dll

2012-04-01 05:55:29 683008 ----a-w- c:\windows\system32\d2d1.dll

2012-04-01 05:55:29 160768 ----a-w- c:\windows\system32\d3d10_1.dll

2012-04-01 05:55:15 613376 ----a-w- c:\windows\system32\rdpencom.dll

2012-04-01 05:55:14 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-04-01 05:09:54 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

2012-04-01 03:37:05 -------- d-----w- C:\f3cdcf9314593ab81aeb8292

2012-04-01 03:25:04 3993600 ----a-w- c:\program files\GUTAFCF.tmp

2012-04-01 03:25:04 -------- d-----w- c:\program files\GUMAFCE.tmp

2012-03-31 23:36:23 -------- d-----w- C:\9d98849fa84a7e86d4bc1f9f46fe

2012-03-31 17:31:35 -------- d-----w- C:\e4a4a05a77e677896cbbe0fd20

2012-03-30 23:39:42 -------- d-----w- C:\26ecb0768b60eccc83ed9775a72b63

.

==================== Find3M ====================

.

2012-04-04 20:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-04-02 23:35:56 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-04-01 04:55:15 472808 ----a-w- c:\windows\system32\deployJava1.dll

2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe

.

============= FINISH: 14:42:36.34 ===============

Link to post
Share on other sites

  • Staff

Hi,

I apologize for the delay; I thought I replied last week.

Update MBAM. Don't run a scan yet.

Please reboot to Safe Mode (tap the F8 key just before Windows starts to load and select the Safe Mode option from the menu).

Log in to your regular account. Open MBAM, run a Quick Scan, and post its log.

Link to post
Share on other sites

  • 1 month later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.