vegas Posted June 4, 2012 ID:557400 Share Posted June 4, 2012 I have Vista and McAfee and free MB. I run MB regularly. I saw an errorfix scrren pop up and was able to stop it. The computer seems to work fine but I did a full MB scan anyway and it wound multiple instances of errorfix. When I click to fix these, the computer cursor changes to the "RUN" symbol but nothing happens. Bringin up the windows "applications" screen shows MB not responding. I tried again while disabling McAfee and same result. Do I do the "I'm infected" routine? Link to post Share on other sites More sharing options...
vegas Posted June 4, 2012 Author ID:557428 Share Posted June 4, 2012 I was able to remove most of the entries one at a time except for 2.c:\users\sharon brickner\appdata\roaming\error fix andc:\users\sharon brickner\appdata\roaming\erorfix\resultsWhen I try do remove either of these one at a time, MB freezes Link to post Share on other sites More sharing options...
Maniac Posted June 4, 2012 ID:557432 Share Posted June 4, 2012 Hello vegas! My name is Maniac and I will be glad to help you solve your malware problem.Please note:If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.Make sure you read all of the instructions and fixes thoroughly before continuing with them.Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.ErrorFix seems to be very old rogue application. Follow our instructions and perform a quick scan:http://forums.malwarebytes.org/index.php?showtopic=14446 Link to post Share on other sites More sharing options...
vegas Posted June 4, 2012 Author ID:557434 Share Posted June 4, 2012 I'm sorry. Perhaps you did not understand. The link you provided tells me how to load & execute MB. I've already done that months ago and ran it today when I encountered this problem. For some reason MB freezes when it tires to fix the 2 problems. I have now run the dds.com and got the folowing:.DDS (Ver_2011-08-26.01) - NTFSx86Internet Explorer: 9.0.8112.16421Run by Sharon Brickner at 10:14:14 on 2012-06-04Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2037.824 [GMT -7:00].AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exeC:\Windows\system32\agrsmsvc.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exeC:\Program Files\McAfee\SiteAdvisor\McSACore.exeC:\Windows\system32\rundll32.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exeC:\Program Files\McAfee Online Backup\MOBKbackup.exeC:\Program Files\McAfee Online Backup\MOBKbackup.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files\Common Files\supportsoft\bin\sprtlisten.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Qwest\Quickcare\bin\sprtsvc.exeC:\Program Files\McAfee Online Backup\MOBKbackup.exeC:\Windows\system32\svchost.exe -k imgsvcc:\Toshiba\IVP\swupdate\swupdtmr.exeC:\Program Files\Qwest\Quickcare\bin\tgsrvc.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\TODDSrv.exeC:\Program Files\Toshiba\Power Saver\TosCoSrv.exeC:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exeC:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exeC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Windows\system32\SearchIndexer.exeC:\Program Files\Common Files\McAfee\SystemCore\mcshield.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files\Common Files\McAfee\SystemCore\mfefire.exeC:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exeC:\Windows\System32\alg.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Windows\RtHDVCpl.exeC:\Program Files\Synaptics\SynTP\SynToshiba.exeC:\Program Files\Toshiba\Power Saver\TPwrMain.exeC:\Program Files\Toshiba\FlashCards\TCrdMain.exeC:\Program Files\McAfee.com\Agent\mcagent.exeC:\Program Files\Qwest\Desktop\QwestTouchPointAgent.exeC:\Program Files\Qwest\Quickcare\bin\sprtcmd.exeC:\Program Files\Canon\MyPrinter\BJMYPRT.EXEC:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXEC:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exeC:\Program Files\HP\HP Software Update\hpwuschd2.exeC:\Windows\ehome\ehtray.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\ehome\ehmsas.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exeC:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files\Common Files\McAfee\Core\mchost.exeC:\Windows\system32\wuauclt.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exe.============== Pseudo HJT Report ===============.mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstartuInternet Settings,ProxyOverride = *.localuSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%suURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dllmURLSearchHooks: H - No FileBHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No FileBHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dllBHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dllBHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dllBHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dllBHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120429193401.dllBHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dllBHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dllBHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.361.0\BingExt.dllTB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dllTB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dllTB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\7.1.361.0\BingExt.dll"TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File{555d4d79-4bd2-4094-a395-cfc534424a05}EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dlluRun: [ehTray.exe] c:\windows\ehome\ehTray.exemRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exemRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hidemRun: [RtHDVCpl] RtHDVCpl.exemRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXEmRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exemRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exemRun: [HWSetup] c:\program files\toshiba\utilities\HWSetup.exe hwSetUPmRun: [sVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTILmRun: [<NO NAME>]mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkeymRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exemRun: [QwestTouchPointAgent] "c:\program files\qwest\desktop\QwestTouchPointAgent.exe" /autostartmRun: [QuickCare] c:\program files\qwest\quickcare\bin\sprtcmd.exe /P QuickCaremRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logonmRun: [CanonSolutionMenuEx] c:\program files\canon\solution menu ex\CNSEMAIN.EXE /logonmRun: [iJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.exemRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exemRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silentdRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /backgroundmPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)IE: &ieSpell Options - c:\program files\iespell\iespell.dll/SPELLOPTION.HTMIE: Check &Spelling - c:\program files\iespell\iespell.dll/SPELLCHECK.HTMIE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000IE: eBay Search - c:\program files\ebay\ebay toolbar2\eBayTb.dll/RCSearch.htmlIE: Lookup on Merriam Webster - file://c:\program files\iespell\Merriam Webster.HTMIE: Lookup on Wikipedia - file://c:\program files\iespell\wikipedia.HTMIE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTMIE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTMIE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dllIE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\ssv.dllIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLLTrusted Zone: internetTrusted Zone: mcafee.comTrusted Zone: mgm-mirage.com\secure03Trusted Zone: stumbleupon.comDPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cabDPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} - hxxp://192.168.0.253:50000/JpegInst.cabDPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cabDPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocxDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabTCP: DhcpNameServer = 192.168.0.1 205.171.3.25TCP: Interfaces\{46B899C2-F6CE-4F02-923B-C2FDC17003FB} : DhcpNameServer = 192.168.0.1 205.171.3.25TCP: Interfaces\{CFEBFAA9-942E-43DF-A969-81B27333A70D} : DhcpNameServer = 192.168.0.1 205.171.3.25Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dllHandler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dllHandler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dllHandler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dllNotify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLLNotify: igfxcui - igfxdev.dllSEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL.============= SERVICES / DRIVERS ===============.R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-5-11 464304]R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2010-5-11 64912]R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-5-11 169608]R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2010-6-16 54776]R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-5-21 21504]R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2007-4-16 3712]R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2008-10-3 95200]R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-5-11 214904]R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-5-11 214904]R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-5-11 214904]R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-5-11 166288]R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-5-11 161632]R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-5-11 151880]R2 MOBKbackup;McAfee Online Backup;c:\program files\mcafee online backup\MOBKbackup.exe [2010-2-5 229688]R2 sprtlisten;SupportSoft Listener Service;c:\program files\common files\supportsoft\bin\sprtlisten.exe [2008-1-8 1213728]R2 sprtsvc_quickcare;SupportSoft Sprocket Service (quickcare);c:\program files\qwest\quickcare\bin\sprtsvc.exe [2010-10-7 206120]R2 tgsrvc_quickcare;SupportSoft Repair Service (quickcare);c:\program files\qwest\quickcare\bin\tgsrvc.exe [2010-10-7 185640]R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.361.0\SeaPort.EXE [2012-2-10 240408]R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-5-11 57600]R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-5-11 180848]R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-5-11 340920]S2 !SASCORE;SAS Core Service;"c:\program files\superantispyware\sascore.exe" --> c:\program files\superantispyware\SASCORE.EXE [?]S2 0273041338592074mcinstcleanup;McAfee Application Installer Cleanup (0273041338592074);c:\windows\temp\027304~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service --> c:\windows\temp\027304~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?]S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.361.0\BBSvc.EXE [2012-2-10 193816]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 gupdate1ccb3886f7a3d48;Google Update Service (gupdate1ccb3886f7a3d48);c:\program files\google\update\GoogleUpdate.exe [2011-3-12 136176]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-4 257696]S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2011-4-12 39272]S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-3-12 136176]S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-5-11 59456]S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-5-11 87656]S3 rcmirror;rcmirror;c:\windows\system32\drivers\rcmirror.sys [2010-1-18 3200]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2008-5-21 16896]S3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2009-8-4 19968]S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040].=============== Created Last 30 ================.2012-06-02 15:54:05 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{98a2239e-8d5c-4d3f-83a2-3c738cade135}\offreg.dll2012-06-01 22:56:19 6737808 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{98a2239e-8d5c-4d3f-83a2-3c738cade135}\mpengine.dll2012-05-11 17:21:10 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys2012-05-11 17:21:06 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys.==================== Find3M ====================.2012-05-10 02:06:03 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-05-10 02:06:03 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-04-04 22:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys2012-04-03 08:16:12 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe2012-04-03 08:16:11 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe2012-04-02 13:36:21 2044928 ----a-w- c:\windows\system32\win32k.sys.============= FINISH: 10:15:24.72 =============== Link to post Share on other sites More sharing options...
Maniac Posted June 4, 2012 ID:557439 Share Posted June 4, 2012 Obviously you do not understand.You say:The computer seems to work fine but I did a full MB scan anyway and it wound multiple instances of errorfix.The instructions are:Once the program has loaded, select Perform quick scan, then click Scan.Make sure your Malwarebytes' Anti-Malware is up-to-date and try on this way.What about Attach.txt? Link to post Share on other sites More sharing options...
vegas Posted June 4, 2012 Author ID:557454 Share Posted June 4, 2012 You are right. I did not read instructions. After I did the full scan and it froze, I then did quick scans. The quick scans found the same isues which I deleted one at a time except for the 2 remaining. When I tried to fix each of these, one at a time, MB still froze on each attempt..UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft® Windows Vista™ Home PremiumBoot Device: \Device\HarddiskVolume2Install Date: 1/25/2007 4:49:32 PMSystem Uptime: 6/2/2012 9:26:10 PM (37 hours ago).Motherboard: TOSHIBA | | IAKAAProcessor: Genuine Intel® CPU T2250 @ 1.73GHz | U2E1 | 1333/mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 148 GiB total, 62.736 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP491: 4/28/2012 3:43:09 PM - Windows UpdateRP492: 4/29/2012 6:28:34 AM - Windows UpdateRP493: 4/29/2012 7:15:51 AM - Windows UpdateRP494: 4/30/2012 9:33:48 AM - Windows UpdateRP495: 5/1/2012 9:43:27 AM - Windows UpdateRP496: 5/10/2012 12:29:33 PM - Windows UpdateRP497: 5/11/2012 10:02:38 AM - Windows UpdateRP498: 5/11/2012 11:36:09 AM - Windows UpdateRP499: 5/12/2012 12:42:49 PM - Windows UpdateRP500: 5/13/2012 6:19:22 AM - Windows UpdateRP501: 5/15/2012 10:18:35 AM - Windows UpdateRP502: 6/1/2012 3:44:54 PM - Windows UpdateRP503: 6/4/2012 1:53:11 AM - Scheduled Checkpoint.==== Installed Programs ======================.. Update for Microsoft Office 2007 (KB2508958)32 Bit HP CIO Components InstallerActivation Assistant for the 2007 Microsoft Office suitesAdobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)Adobe Common File InstallerAdobe Flash Player 11 ActiveXAdobe Help Center 2.0Adobe Media PlayerAdobe Photoshop Elements 4.0Adobe Premiere Elements 2.0Adobe Reader 8.1.2Adobe Reader 8.1.2 Security Update 1 (KB403742)Adobe Shockwave PlayerApple Application SupportApple Mobile Device SupportApple Software UpdateAtheros Driver Installation ProgramBCL easyConverter SDK 1.0.0 ModuleBing BarBluetooth Stack for Windows by ToshibaBonjourCanon Easy-PhotoPrint EXCanon Easy-PhotoPrint ProCanon Easy-PhotoPrint Pro - Pro9000 series Extention DataCanon Easy-PhotoPrint Pro - Pro9500 series Extention DataCanon Easy-WebPrint EXCanon IJ Network Scan UtilityCanon IJ Network ToolCANON iMAGE GATEWAY Task for ZoomBrowser EXCanon Inkjet Printer Driver Add-On ModuleCanon Internet Library for ZoomBrowser EXCanon MG6100 series MP DriversCanon MG6100 series User RegistrationCanon MOV DecoderCanon MP Navigator EX 4.0Canon My PrinterCanon RAW CodecCanon RAW Image Task for ZoomBrowser EXCanon Solution Menu EXCanon Utilities CameraWindowCanon Utilities CameraWindow DCCanon Utilities CameraWindow DC_DV 6 for ZoomBrowser EXCanon Utilities Digital Photo Professional 3.2Canon Utilities EOS UtilityCanon Utilities MyCameraCanon Utilities MyCamera DCCanon Utilities PhotoStitchCanon Utilities RemoteCapture Task for ZoomBrowser EXCanon Utilities ZoomBrowser EXCanon ZoomBrowser EX Memory Card UtilityCD/DVD Drive Acoustic SilencerCoupon Printer for WindowsD3DX10Desktop DialerDVD MovieFactory for TOSHIBAGarmin WebUpdaterGoogle Update HelperHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)HP Deskjet 3000 J310 series Basic Device SoftwareHP Deskjet 3000 J310 series HelpHP Deskjet 3000 J310 series Product Improvement StudyHP Photo CreationsHP UpdateHPDiagnosticAlertieSpellImgBurnIntel® Graphics Media Accelerator DriverIPSetupiTunesJava SE Runtime Environment 6Junk Mail filter updateKhalSetupLightroomLogitech Desktop MessengerLogitech Harmony Remote Software 7Logitech SetPointMalwarebytes Anti-Malware version 1.61.0.1400McAfee Online BackupMcAfee Total ProtectionMcAfee Virtual TechnicianMesh RuntimeMessenger CompanionMicrosoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office 2003 Web ComponentsMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access 2003 RuntimeMicrosoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Home and Student 2007Microsoft Office Live Add-in 1.5Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook ConnectorMicrosoft Office PowerPoint MUI (English) 2007Microsoft Office Professional Edition 2003Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft Office XP Web ComponentsMicrosoft Primary Interoperability Assemblies 2005Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft WorksMicrosoft WSE 3.0Microsoft XML ParserMobileMe Control PanelMSVCRTMSXML 4.0 SP2 (KB927978)MSXML 4.0 SP2 (KB936181)MSXML 4.0 SP2 (KB941833)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)OGA Notifier 2.0.0048.0Photo Loader 2.3EPhotohands 1.0EQuickTimeQwest InstallerQwest QuickAssist Desktop ToolsQwest Quickcare 2.7Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows VistaRealtek High Definition Audio DriverRemote Control USB DriverRevo Uninstaller 1.93SafariSecurity Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596880) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597162) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2598041) 32-Bit EditionSecurity Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2596917) 32-Bit EditionSegoe UISynaptics Pointing Device DriverTexas Instruments PCIxx21/x515/xx12 drivers.TIPCITOSHIBA AssistTOSHIBA ConfigFreeTOSHIBA Disc CreatorTOSHIBA Extended Tiles for Windows Mobility CenterTOSHIBA Flash Cards Support UtilityTOSHIBA Game ConsoleTOSHIBA Hardware SetupTOSHIBA Media Center Game ConsoleToshiba RegistrationTOSHIBA SD Memory UtilitiesTOSHIBA Software ModemTOSHIBA Software UpgradesTOSHIBA Speech System ApplicationsTOSHIBA Speech System SR Engine(U.S.) Version1.0TOSHIBA Speech System TTS Engine(U.S.) Version1.0TOSHIBA Supervisor PasswordTOSHIBA Value Added PackageUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)Utility Common DriverWindows Live Communications PlatformWindows Live EssentialsWindows Live Family SafetyWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live MailWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live Messenger Companion CoreWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWinDVD for TOSHIBA.==== Event Viewer Messages From Past Week ========.6/4/2012 7:28:42 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer SHARON-HP that believes that it is the master browser for the domain on transport NetBT_Tcpip_{CFEBFAA9-942E-43DF-A969-81B27333. The master browser is stopping or an election is being forced.6/4/2012 7:16:43 AM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.6/1/2012 2:59:52 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.6/1/2012 2:59:49 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.6/1/2012 2:59:24 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASKUTIL Tosrfcom6/1/2012 2:59:24 PM, Error: Service Control Manager [7000] - The SAS Core Service service failed to start due to the following error: The system cannot find the file specified.6/1/2012 2:58:28 PM, Error: Microsoft-Windows-HttpEvent [15021] - An error occured while using SSL configuration for socket address 0.0.0.0:4482. The error status code is contained within the returned data..==== End Of File =========================== Link to post Share on other sites More sharing options...
vegas Posted June 4, 2012 Author ID:557456 Share Posted June 4, 2012 PS. MB is up to date Link to post Share on other sites More sharing options...
Maniac Posted June 4, 2012 ID:557459 Share Posted June 4, 2012 That's strange. Please follow the instructions here to add MBAM to exclusions:http://forums.malwarebytes.org/index.php?showtopic=10138&view=findpost&p=162098Then follow the instructions here:http://forums.malwarebytes.org/index.php?showtopic=10138&view=findpost&p=417944Those instructions should help to resolve this. Link to post Share on other sites More sharing options...
vegas Posted June 4, 2012 Author ID:557570 Share Posted June 4, 2012 The links you supplied apply to the comercial version of McAfee, not the home version. After much investigation, I can not find a way to perform the exclusions. I have bought MBAM Pro and the problem persists. I'll try to get help from the Pro source. Link to post Share on other sites More sharing options...
Maniac Posted June 5, 2012 ID:557669 Share Posted June 5, 2012 Okay, let me know when you finish there. Link to post Share on other sites More sharing options...
vegas Posted June 6, 2012 Author ID:557995 Share Posted June 6, 2012 I'm back. The help desk said I shoukd return to you to fix it. As I said before, the instructions provided in the FAQ you linked appear to be for the enterprise version of McAfee. The screens they reference do not exist on the home version. I am able to turn off the access restrictions in McAfee but I can not find any way to add the exclusions mentioned in the FAQ. I turned off access protection in McAfee and bought the MB Pro version, did a quick scan, got the same to infection notices, and MB hung up again when I tried to remove them. Windows says MB is not responding yet it shows MBAM.exe using 10% of the CPU. After several minutes, I closed the process. Fortunately, my computer seems to be operating normally during all this. Link to post Share on other sites More sharing options...
Maniac Posted June 6, 2012 ID:558086 Share Posted June 6, 2012 Temporarily uninstall your McAfee and try again. Link to post Share on other sites More sharing options...
vegas Posted June 8, 2012 Author ID:558515 Share Posted June 8, 2012 Well that was a total waste of time. I just uninstalled McAfee and ran MB Pro with the same results. Without re-installing McAfee, I uninstalled MB Pro and reloaded MB free with the same results. The new DDS results are below. I think it is time to stop blaming the problem on something else and work on a bug in MB. Since my computer seems to be OK, is this just a false report?.DDS (Ver_2011-08-26.01) - NTFSx86Internet Explorer: 9.0.8112.16421Run by Sharon Brickner at 19:17:34 on 2012-06-07Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2037.856 [GMT -7:00].SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exeC:\Windows\system32\agrsmsvc.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Windows\System32\svchost.exe -k HPZ12C:\Windows\System32\svchost.exe -k HPZ12C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files\Common Files\supportsoft\bin\sprtlisten.exeC:\Program Files\Qwest\Quickcare\bin\sprtsvc.exeC:\Windows\system32\svchost.exe -k imgsvcc:\Toshiba\IVP\swupdate\swupdtmr.exeC:\Program Files\Qwest\Quickcare\bin\tgsrvc.exeC:\Windows\system32\TODDSrv.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Toshiba\Power Saver\TosCoSrv.exeC:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exeC:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exeC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Windows\system32\SearchIndexer.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\System32\alg.exeC:\Windows\system32\taskeng.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Synaptics\SynTP\SynToshiba.exeC:\Windows\RtHDVCpl.exeC:\Program Files\Toshiba\Power Saver\TPwrMain.exeC:\Program Files\Toshiba\FlashCards\TCrdMain.exeC:\Program Files\Qwest\Desktop\QwestTouchPointAgent.exeC:\Program Files\Qwest\Quickcare\bin\sprtcmd.exeC:\Program Files\Canon\MyPrinter\BJMYPRT.EXEC:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXEC:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exeC:\Program Files\HP\HP Software Update\hpwuschd2.exeC:\Windows\ehome\ehtray.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Windows\ehome\ehmsas.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exeC:\Windows\system32\SearchProtocolHost.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exeC:\Windows\system32\SearchFilterHost.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\wbem\wmiprvse.exe.============== Pseudo HJT Report ===============.mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstartuInternet Settings,ProxyOverride = *.localuSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%smURLSearchHooks: H - No FileBHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No FileBHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dllBHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No FileBHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dllBHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dllTB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dllTB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File{555d4d79-4bd2-4094-a395-cfc534424a05}EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dlluRun: [ehTray.exe] c:\windows\ehome\ehTray.exeuRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exemRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exemRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hidemRun: [RtHDVCpl] RtHDVCpl.exemRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXEmRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exemRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exemRun: [HWSetup] c:\program files\toshiba\utilities\HWSetup.exe hwSetUPmRun: [sVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTILmRun: [<NO NAME>]mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exemRun: [QwestTouchPointAgent] "c:\program files\qwest\desktop\QwestTouchPointAgent.exe" /autostartmRun: [QuickCare] c:\program files\qwest\quickcare\bin\sprtcmd.exe /P QuickCaremRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logonmRun: [CanonSolutionMenuEx] c:\program files\canon\solution menu ex\CNSEMAIN.EXE /logonmRun: [iJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.exemRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exemRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silentdRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /backgroundmPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)IE: &ieSpell Options - c:\program files\iespell\iespell.dll/SPELLOPTION.HTMIE: Check &Spelling - c:\program files\iespell\iespell.dll/SPELLCHECK.HTMIE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000IE: eBay Search - c:\program files\ebay\ebay toolbar2\eBayTb.dll/RCSearch.htmlIE: Lookup on Merriam Webster - file://c:\program files\iespell\Merriam Webster.HTMIE: Lookup on Wikipedia - file://c:\program files\iespell\wikipedia.HTMIE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTMIE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTMIE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dllIE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\ssv.dllIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLLTrusted Zone: internetTrusted Zone: mcafee.comTrusted Zone: mgm-mirage.com\secure03Trusted Zone: stumbleupon.comDPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cabDPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} - hxxp://192.168.0.253:50000/JpegInst.cabDPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cabDPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocxDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabTCP: DhcpNameServer = 192.168.0.1 205.171.3.25TCP: Interfaces\{46B899C2-F6CE-4F02-923B-C2FDC17003FB} : DhcpNameServer = 192.168.0.1 205.171.3.25TCP: Interfaces\{CFEBFAA9-942E-43DF-A969-81B27333A70D} : DhcpNameServer = 192.168.0.1 205.171.3.25Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dllNotify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLLNotify: igfxcui - igfxdev.dllSEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL.============= SERVICES / DRIVERS ===============.R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-5-21 21504]R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2007-4-16 3712]R2 sprtlisten;SupportSoft Listener Service;c:\program files\common files\supportsoft\bin\sprtlisten.exe [2008-1-8 1213728]R2 sprtsvc_quickcare;SupportSoft Sprocket Service (quickcare);c:\program files\qwest\quickcare\bin\sprtsvc.exe [2010-10-7 206120]R2 tgsrvc_quickcare;SupportSoft Repair Service (quickcare);c:\program files\qwest\quickcare\bin\tgsrvc.exe [2010-10-7 185640]R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-6-4 40776]S2 !SASCORE;SAS Core Service;"c:\program files\superantispyware\sascore.exe" --> c:\program files\superantispyware\SASCORE.EXE [?]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 gupdate1ccb3886f7a3d48;Google Update Service (gupdate1ccb3886f7a3d48);c:\program files\google\update\GoogleUpdate.exe [2011-3-12 136176]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-4 257696]S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2011-4-12 39272]S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-3-12 136176]S3 rcmirror;rcmirror;c:\windows\system32\drivers\rcmirror.sys [2010-1-18 3200]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2008-5-21 16896]S3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2009-8-4 19968]S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040].=============== Created Last 30 ================.2012-06-08 01:57:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys2012-06-08 01:57:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2012-06-07 18:57:48 -------- d-----w- c:\program files\Citrix2012-06-07 18:57:20 -------- d-----w- c:\users\sharon brickner\appdata\local\Citrix2012-06-07 18:57:15 103784 ----a-w- c:\users\sharon brickner\GoToAssistDownloadHelper.exe2012-06-07 13:23:31 -------- d-----w- c:\users\sharon brickner\appdata\roaming\WinBatch2012-06-05 10:22:44 6737808 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c9768a32-46ef-4b86-afec-244ce84efafe}\mpengine.dll2012-06-04 19:22:27 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2012-05-11 17:21:10 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys2012-05-11 17:21:06 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys.==================== Find3M ====================.2012-05-10 02:06:03 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-05-10 02:06:03 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-04-03 08:16:12 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe2012-04-03 08:16:11 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe2012-04-02 13:36:21 2044928 ----a-w- c:\windows\system32\win32k.sys.============= FINISH: 19:19:04.13 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft® Windows Vista™ Home PremiumBoot Device: \Device\HarddiskVolume2Install Date: 1/25/2007 4:49:32 PMSystem Uptime: 6/7/2012 6:10:44 PM (1 hours ago).Motherboard: TOSHIBA | | IAKAAProcessor: Genuine Intel® CPU T2250 @ 1.73GHz | U2E1 | 1733/mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 148 GiB total, 62.583 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================..==== Installed Programs ======================.. Update for Microsoft Office 2007 (KB2508958)32 Bit HP CIO Components InstallerActivation Assistant for the 2007 Microsoft Office suitesAdobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)Adobe Common File InstallerAdobe Flash Player 11 ActiveXAdobe Help Center 2.0Adobe Media PlayerAdobe Photoshop Elements 4.0Adobe Premiere Elements 2.0Adobe Reader 8.1.2Adobe Reader 8.1.2 Security Update 1 (KB403742)Adobe Shockwave PlayerApple Application SupportApple Mobile Device SupportApple Software UpdateAtheros Driver Installation ProgramBCL easyConverter SDK 1.0.0 ModuleBluetooth Stack for Windows by ToshibaBonjourCanon Easy-PhotoPrint EXCanon Easy-PhotoPrint ProCanon Easy-PhotoPrint Pro - Pro9000 series Extention DataCanon Easy-PhotoPrint Pro - Pro9500 series Extention DataCanon Easy-WebPrint EXCanon IJ Network Scan UtilityCanon IJ Network ToolCANON iMAGE GATEWAY Task for ZoomBrowser EXCanon Inkjet Printer Driver Add-On ModuleCanon Internet Library for ZoomBrowser EXCanon MG6100 series MP DriversCanon MG6100 series User RegistrationCanon MOV DecoderCanon MP Navigator EX 4.0Canon My PrinterCanon RAW CodecCanon RAW Image Task for ZoomBrowser EXCanon Solution Menu EXCanon Utilities CameraWindowCanon Utilities CameraWindow DCCanon Utilities CameraWindow DC_DV 6 for ZoomBrowser EXCanon Utilities Digital Photo Professional 3.2Canon Utilities EOS UtilityCanon Utilities MyCameraCanon Utilities MyCamera DCCanon Utilities PhotoStitchCanon Utilities RemoteCapture Task for ZoomBrowser EXCanon Utilities ZoomBrowser EXCanon ZoomBrowser EX Memory Card UtilityCD/DVD Drive Acoustic SilencerCoupon Printer for WindowsD3DX10Desktop DialerDVD MovieFactory for TOSHIBAGarmin WebUpdaterGoogle Update HelperHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)HP Deskjet 3000 J310 series Basic Device SoftwareHP Deskjet 3000 J310 series HelpHP Deskjet 3000 J310 series Product Improvement StudyHP Photo CreationsHP UpdateHPDiagnosticAlertieSpellImgBurnIntel® Graphics Media Accelerator DriverIPSetupiTunesJava SE Runtime Environment 6Junk Mail filter updateKhalSetupLightroomLogitech Desktop MessengerLogitech Harmony Remote Software 7Logitech SetPointMalwarebytes Anti-Malware version 1.61.0.1400McAfee Virtual TechnicianMesh RuntimeMessenger CompanionMicrosoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office 2003 Web ComponentsMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access 2003 RuntimeMicrosoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Home and Student 2007Microsoft Office Live Add-in 1.5Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook ConnectorMicrosoft Office PowerPoint MUI (English) 2007Microsoft Office Professional Edition 2003Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft Office XP Web ComponentsMicrosoft Primary Interoperability Assemblies 2005Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft WorksMicrosoft WSE 3.0Microsoft XML ParserMobileMe Control PanelMSVCRTMSXML 4.0 SP2 (KB927978)MSXML 4.0 SP2 (KB936181)MSXML 4.0 SP2 (KB941833)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)OGA Notifier 2.0.0048.0Photo Loader 2.3EPhotohands 1.0EQuickTimeQwest InstallerQwest QuickAssist Desktop ToolsQwest Quickcare 2.7Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows VistaRealtek High Definition Audio DriverRemote Control USB DriverRevo Uninstaller 1.93SafariSecurity Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596880) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597162) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2598041) 32-Bit EditionSecurity Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2596917) 32-Bit EditionSegoe UISynaptics Pointing Device DriverTexas Instruments PCIxx21/x515/xx12 drivers.TIPCITOSHIBA AssistTOSHIBA ConfigFreeTOSHIBA Disc CreatorTOSHIBA Extended Tiles for Windows Mobility CenterTOSHIBA Flash Cards Support UtilityTOSHIBA Game ConsoleTOSHIBA Hardware SetupTOSHIBA Media Center Game ConsoleToshiba RegistrationTOSHIBA SD Memory UtilitiesTOSHIBA Software ModemTOSHIBA Software UpgradesTOSHIBA Speech System ApplicationsTOSHIBA Speech System SR Engine(U.S.) Version1.0TOSHIBA Speech System TTS Engine(U.S.) Version1.0TOSHIBA Supervisor PasswordTOSHIBA Value Added PackageUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)Utility Common DriverWindows Live Communications PlatformWindows Live EssentialsWindows Live Family SafetyWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live MailWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live Messenger Companion CoreWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWinDVD for TOSHIBA.==== Event Viewer Messages From Past Week ========.6/7/2012 6:51:38 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.6/7/2012 6:36:51 AM, Error: Service Control Manager [7034] - The ConfigFree Service service terminated unexpectedly. It has done this 1 time(s).6/7/2012 6:12:36 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.6/7/2012 6:12:29 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.6/7/2012 6:12:12 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASKUTIL Tosrfcom6/7/2012 6:12:12 PM, Error: Service Control Manager [7000] - The SAS Core Service service failed to start due to the following error: The system cannot find the file specified.6/7/2012 6:11:18 PM, Error: Microsoft-Windows-HttpEvent [15021] - An error occured while using SSL configuration for socket address 0.0.0.0:4482. The error status code is contained within the returned data.6/7/2012 5:53:28 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.6/7/2012 5:52:02 PM, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.6/6/2012 5:28:48 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.6/6/2012 5:28:28 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.6/6/2012 5:28:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}6/6/2012 5:27:55 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC mfehidk mfenlfk mfewfpk MOBKFilter NetBIOS netbt nsiproxy PSched RasAcd rdbss SASKUTIL Smb spldr Tcpip tdx Tosrfcom Wanarpv66/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The TCP/IP Registry Compatibility service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The McAfee McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The McAfee Anti-Spam Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.6/6/2012 5:27:55 PM, Error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.6/6/2012 5:27:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}6/6/2012 5:27:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}6/6/2012 5:27:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}6/6/2012 5:27:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}6/6/2012 5:27:07 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}6/6/2012 5:27:00 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}6/6/2012 5:26:48 PM, Error: Microsoft-Windows-TerminalServices-LocalSessionManager [1048] - Terminal Service start failed. The relevant status code was This service cannot be started in Safe Mode .6/6/2012 5:26:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}6/6/2012 12:11:21 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.6/4/2012 7:28:42 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer SHARON-HP that believes that it is the master browser for the domain on transport NetBT_Tcpip_{CFEBFAA9-942E-43DF-A969-81B27333. The master browser is stopping or an election is being forced..==== End Of File =========================== Link to post Share on other sites More sharing options...
Maniac Posted June 8, 2012 ID:558597 Share Posted June 8, 2012 We will have in another way to solve the problem with ErrorFix.Please visit this webpage for download links, and instructions for running the tool: http://www.bleepingcomputer.com/combofix/how-to-use-combofix* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Please include the C:\ComboFix.txt in your next reply for further review. Link to post Share on other sites More sharing options...
vegas Posted June 9, 2012 Author ID:558851 Share Posted June 9, 2012 Here it isComboFix 12-06-08.02 - Sharon Brickner 06/08/2012 20:22:22.1.2 - x86Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2037.1181 [GMT -7:00]Running from: c:\users\Sharon Brickner\Downloads\ComboFix.exeAV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..C:\install.exec:\programdata\xpc:\programdata\xp\EBLib.dllc:\programdata\xp\TPwSav.sysc:\users\Sharon Brickner\GoToAssistDownloadHelper.exec:\windows\XSxS..((((((((((((((((((((((((( Files Created from 2012-05-09 to 2012-06-09 )))))))))))))))))))))))))))))))..2012-06-09 03:34 . 2012-06-09 03:35 -------- d-----w- c:\users\Sharon Brickner\AppData\Local\temp2012-06-09 03:34 . 2012-06-09 03:34 -------- d-----w- c:\users\Default\AppData\Local\temp2012-06-08 03:43 . 2012-04-04 22:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys2012-06-08 03:43 . 2012-06-08 03:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2012-06-08 03:22 . 2011-04-11 21:29 64048 ----a-w- c:\windows\system32\drivers\McPvDrv.sys2012-06-08 03:22 . 2012-06-08 03:22 -------- d-----w- c:\users\Sharon Brickner\AppData\Local\McAfee Anti-Theft2012-06-08 03:18 . 2012-02-22 20:29 9608 ----a-w- c:\windows\system32\drivers\mfeclnk.sys2012-06-08 03:17 . 2012-02-22 20:29 64912 ----a-w- c:\windows\system32\drivers\mfenlfk.sys2012-06-08 03:17 . 2012-02-22 20:29 169608 ----a-w- c:\windows\system32\drivers\mfewfpk.sys2012-06-08 03:17 . 2012-02-22 20:29 87656 ----a-w- c:\windows\system32\drivers\mferkdet.sys2012-06-08 03:17 . 2012-02-22 20:29 59456 ----a-w- c:\windows\system32\drivers\mfebopk.sys2012-06-08 03:17 . 2012-02-22 20:29 340920 ----a-w- c:\windows\system32\drivers\mfefirek.sys2012-06-08 03:17 . 2012-02-22 20:29 180848 ----a-w- c:\windows\system32\drivers\mfeavfk.sys2012-06-08 03:17 . 2012-02-22 20:29 57600 ----a-w- c:\windows\system32\drivers\cfwids.sys2012-06-08 03:16 . 2012-06-08 03:20 -------- d-----w- c:\program files\Common Files\Mcafee2012-06-08 03:16 . 2012-06-09 02:50 -------- d-----w- c:\program files\McAfee2012-06-08 02:42 . 2012-03-20 20:11 151880 ----a-w- c:\windows\system32\mfevtps.exe2012-06-08 02:42 . 2012-06-09 03:06 -------- d-----w- c:\programdata\McAfee2012-06-07 18:57 . 2012-06-07 18:57 -------- d-----w- c:\program files\Citrix2012-06-07 18:57 . 2012-06-07 18:57 -------- d-----w- c:\users\Sharon Brickner\AppData\Local\Citrix2012-06-07 13:23 . 2012-06-07 13:23 -------- d-----w- c:\users\Sharon Brickner\AppData\Roaming\WinBatch2012-06-05 10:22 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C9768A32-46EF-4B86-AFEC-244CE84EFAFE}\mpengine.dll2012-06-04 06:57 . 2012-06-04 06:57 -------- d-----w- c:\programdata\WindowsSearch2012-05-11 17:21 . 2012-03-20 23:28 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys2012-05-11 17:21 . 2012-03-30 12:39 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-05-10 02:06 . 2012-04-04 14:49 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-05-10 02:06 . 2011-12-27 01:14 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-03-20 1451304]"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704]"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2006-12-20 411768]"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-08 55416]"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2006-12-15 530552]"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2006-11-01 413696]"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-01-19 421888]"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-15 47904]"QwestTouchPointAgent"="c:\program files\Qwest\Desktop\QwestTouchPointAgent.exe" [2010-08-27 45992]"QuickCare"="c:\program files\Qwest\Quickcare\bin\sprtcmd.exe" [2010-01-16 206120]"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-30 421888]"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2516296]"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]"IJNetworkScanUtility"="c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2010-03-03 140640]"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-22 1318816]"McPvTray_exe"="c:\program files\McAfee\MAT\McPvTray.exe" [2011-04-08 419904]"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]@="".[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnkbackup=c:\windows\pss\Adobe Reader Speed Launch.lnk.CommonStartupbackupExtension=.CommonStartup.[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]backup=c:\windows\pss\Logitech Desktop Messenger.lnk.CommonStartupbackupExtension=.CommonStartup.[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartupbackupExtension=.CommonStartup.[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Photo Loader supervisory.lnk]backup=c:\windows\pss\Photo Loader supervisory.lnk.CommonStartupbackupExtension=.CommonStartup.[HKLM\~\startupfolder\C:^Users^Sharon Brickner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]path=c:\users\Sharon Brickner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnkbackup=c:\windows\pss\Adobe Gamma.lnk.StartupbackupExtension=.Startup.[HKLM\~\startupfolder\C:^Users^Sharon Brickner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]path=c:\users\Sharon Brickner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnkbackup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.StartupbackupExtension=.StartupHKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]2005-09-09 08:18 57344 ----a-w- c:\program files\Adobe\Photoshop Elements 4.0\apdproxy.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]2010-12-15 01:17 47904 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]2008-02-12 03:13 166424 ----a-w- c:\windows\System32\hkcmd.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]2008-02-12 03:13 141848 ----a-w- c:\windows\System32\igfxtray.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]2011-03-07 23:33 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeNotify]2006-11-07 01:14 34352 ----a-w- c:\program files\Toshiba\Utilities\KeNotify.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]2007-04-17 04:12 32768 ----a-w- c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]2006-05-10 16:48 94208 ----a-w- c:\windows\KHALMNPR.Exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcui_exe]2012-03-22 04:16 1318816 ----a-w- c:\program files\McAfee.com\Agent\mcagent.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]2008-02-12 03:13 133656 ----a-w- c:\windows\System32\igfxpers.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]2010-11-30 01:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPStart]2007-07-27 13:00 204800 ----a-w- c:\program files\Synaptics\SynTP\SynTPStart.exe.R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-10 257696]..--- Other Services/Drivers In Memory ---.*Deregistered* - mfeavfk01.[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]LocalServiceAndNoImpersonation REG_MULTI_SZ FontCacheHPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12.Contents of the 'Scheduled Tasks' folder.2012-06-09 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 02:06].2012-06-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-12 16:37].2012-06-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-12 16:37].2012-06-09 c:\windows\Tasks\User_Feed_Synchronization-{25281647-F143-4583-A8B2-3C62E50709CB}.job- c:\windows\system32\msfeedssync.exe [2011-04-09 14:40]..------- Supplementary Scan -------.uInternet Settings,ProxyOverride = *.localuSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%sIE: &ieSpell Options - c:\program files\ieSpell\iespell.dll/SPELLOPTION.HTMIE: Check &Spelling - c:\program files\ieSpell\iespell.dll/SPELLCHECK.HTMIE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000IE: eBay Search - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.htmlIE: Lookup on Merriam Webster - file://c:\program files\ieSpell\Merriam Webster.HTMIE: Lookup on Wikipedia - file://c:\program files\ieSpell\wikipedia.HTMTrusted Zone: internetTrusted Zone: mcafee.comTrusted Zone: mgm-mirage.com\secure03Trusted Zone: stumbleupon.comTCP: DhcpNameServer = 192.168.250.1 209.210.150.8 67.136.243.254Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll.- - - - ORPHANS REMOVED - - - -.ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\SUPERAntiSpyware\SASSEH.DLLNotify-!SASWinLogon - c:\program files\SUPERAntiSpyware\SASWINLO.DLLMSConfigStartUp-PCOptimizerProTray - c:\program files\PC Optimizer Pro\PCOptProTrays.exeMSConfigStartUp-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exeAddRemove-com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 - c:\program files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exeAddRemove-McAfee Virtual Technician - c:\program files\McAfee\Supportability\MVT\MVTInstaller.exe...**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2012-06-08 20:35Windows 6.0.6002 Service Pack 2 NTFS.scanning hidden processes ... .scanning hidden autostart entries ....scanning hidden files ... .scan completed successfullyhidden files: 0.**************************************************************************.--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000"MSCurrentCountry"=dword:000000b5.Completion time: 2012-06-08 20:39:22ComboFix-quarantined-files.txt 2012-06-09 03:39.Pre-Run: 71,917,514,752 bytes freePost-Run: 72,763,068,416 bytes free.- - End Of File - - F74756C7F50CCD67873D02D58A4BDA04 Link to post Share on other sites More sharing options...
vegas Posted June 9, 2012 Author ID:558853 Share Posted June 9, 2012 I ran a quick scan of MBAM and the problem remains Link to post Share on other sites More sharing options...
Maniac Posted June 9, 2012 ID:558883 Share Posted June 9, 2012 I ran a quick scan of MBAM and the problem remainsStill detect ErrorFix? Link to post Share on other sites More sharing options...
vegas Posted June 9, 2012 Author ID:558926 Share Posted June 9, 2012 Yes, same 2 entries posted earlier Link to post Share on other sites More sharing options...
Maniac Posted June 10, 2012 ID:559182 Share Posted June 10, 2012 Please try to run Malwarebytes' Anti-Malware again:Launch Malwarebytes' Anti-MalwareGo to Update tab and select Check for Updates. If an update is found, it will download and install the latest version. Go to Scanner tab and select Perform Quick Scan, then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately. Link to post Share on other sites More sharing options...
vegas Posted June 11, 2012 Author ID:559306 Share Posted June 11, 2012 My previous update was June 8. Updated today and ran the quick scan. Got the same two items. Ran the fix and got the same indication from Windows Task Manager that MBAM "not responding". Let it run anyway. 20 minutes later I got a message that the 2 items had been succesfully deleted. Don't know why the update did anything but thanks for the support. May I suggest that MBAM include some on-screen indicator that it is working during the fix stage? All you see is a static screen. Link to post Share on other sites More sharing options...
vegas Posted June 11, 2012 Author ID:559308 Share Posted June 11, 2012 PS, every other fix I have ever done on MBAM completed in about a minute or less. Link to post Share on other sites More sharing options...
Maniac Posted June 11, 2012 ID:559402 Share Posted June 11, 2012 I guess malware somehow affects the Malwarebytes' Anti-Malware. Actually, Malwarebytes' Anti-Malware is well known for cyber criminals and they always have one in mind for it. Don't give up.Download OTL to your DesktopDouble click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic. Link to post Share on other sites More sharing options...
vegas Posted June 11, 2012 Author ID:559599 Share Posted June 11, 2012 Don't know if you noticed my post prior to the last one. The malware is now gone, it just took a long time. Do you still want me to run OTL? Link to post Share on other sites More sharing options...
Maniac Posted June 11, 2012 ID:559615 Share Posted June 11, 2012 There is something that stops Malwarebytes' Anti-Malware. We should find it, so I'd still like to see the scan results. Link to post Share on other sites More sharing options...
Maurice Naggar Posted June 15, 2012 ID:560750 Share Posted June 15, 2012 <moderator kibbitz>@vegasPlease do the OTL run as requested by Maniac. Link to post Share on other sites More sharing options...
Recommended Posts