malwarebytes crashes

[tsdwoodruff]

Hello,

When I try to run Malwarebytes, it scans for a few seconds, then crashes/aborts. Running windows XP. Any ideas?

Thanks!

[Jintan]

Welcome to Malwarebytes forum tsdwoodruff,

Crashes, in just shuts down without warning, or shuts down the computer? Same with "aborts" - what occurs when these issues occur you can post some details on?

To avoid delays while awaiting your reply on that, let's also go ahead and get some scan log info posted here for review.

To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs. Here are some antivirus disable tips if needed.

Download RSIT (random's system information tool) from here to your desktop. Then click on the RSIT.exe to open the RSIT display, and click the Continue button.

If RSIT downloads/installs HijackThis be sure to agree to the install of that.

Once the scan completes a textbox will open - copy/paste those contents here for review please. The log can also be found at C:\rsit\log.txt.

RSIT will also create a second log, info.txt, which will be minimized to your taskbar. Post that here as well please (it will also be stored at C:\rsit\info.txt).

You can break logs into parts and use separate posts here when replying and posting the log files, if needed.

--------------

Also click here and download the installer for Gmer to your desktop, then click that file to run Gmer.

Once the opening scan finishes, click on Scan (before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan).

When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.

[tsdwoodruff]

Thank you! attached are the log files.

log.txt

info.txt

New_Text_Document.txt

[Jintan]

You didn't provide any additional details on the Malwarebytes "crash" you had mentioned, so to keep things flowing smoothly here be sure to help me with requested information. You also need to post any logs here, in your forum thread. Since I have them I will just go ahead and post them for you for now.

Logfile of random's system information tool 1.07 (written by random/random)

Run by Tim at 2010-05-16 11:23:43

Microsoft Windows XP Home Edition Service Pack 3

System drive C: has 61 GB (53%) free of 114 GB

Total RAM: 511 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:23:44 AM, on 5/16/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.17023)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe

C:\Program Files\flexnet\i486_nt\obj\lmgrd.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\flexnet\i486_nt\obj\lmgrd.exe

C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

C:\Program Files\flexnet\i486_nt\obj\ptc_d.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe

C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Documents and Settings\Tim\Local Settings\Temporary Internet Files\Content.IE5\DNM1C034\RSIT[1].exe

C:\Program Files\trend micro\Tim.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"

O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"

O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.18\AMVConverter\grab.html

O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll

O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab

O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1228574988031

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1187658503968

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Blue Coat K9 Web Protection (bckwfs) - Unknown owner - C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe

O23 - Service: FLEXlm server for PTC - Macrovision Corporation - C:\Program Files\flexnet\i486_nt\obj\lmgrd.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe

O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe

O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--

End of file - 9491 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]

HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-07 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-07 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-07 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2010-04-02 320928]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"UfSeAgnt.exe"=C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [2009-10-20 995528]

"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2003-05-22 110592]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2003-05-22 610304]

"RoxioEngineUtility"=C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe [2003-05-01 65536]

"RoxioDragToDisc"=C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe [2003-06-27 868352]

"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2010-04-02 624056]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]

"MSConfig"=C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [2008-04-13 169984]

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-02-01 385024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cpqset]

C:\Program Files\HPQ\Default Settings\cpqset.exe [2003-06-03 180316]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DACSMiniApp]

C:\Program Files\Fisher-Price\DACS\MiniApp\DACSMiniApp.exe [2007-07-24 197888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eabconfg.cpl]

C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe [2003-07-07 274432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files\iTunes\iTunesHelper.exe [2008-02-04 267048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

C:\WINDOWS\System32\NvCpl.dll [2003-06-24 4800512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

nwiz.exe /installquiet []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\qttask.exe [2008-02-01 385024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-07 136600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoCAD Startup Accelerator.lnk]

C:\PROGRA~1\COMMON~1\AUTODE~1\ACSTAR~1.EXE [2005-03-05 10872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Find Fast.lnk]

C:\PROGRA~1\MICROS~2\Office\FINDFAST.EXE [1997-08-19 111376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Office Startup.lnk]

C:\PROGRA~1\MICROS~2\Office\OSA.EXE [1997-08-19 51984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Desktop Search.lnk]

C:\PROGRA~1\WINDOW~3\WINDOW~1.EXE [2007-02-05 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tim^Start Menu^Programs^Startup^LimeWire On Startup.lnk]

C:\PROGRA~1\LimeWire\LimeWire.exe [2009-09-30 503808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 294400]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=323

"NoDrives"=0

"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=

"NoDriveAutoRun"=

"NoDriveTypeAutoRun"=

"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\proeWildfire 3.0\i486_nt\nms\nmsd.exe"="C:\Program Files\proeWildfire 3.0\i486_nt\nms\nmsd.exe:*:Enabled:nmsd"

"C:\Program Files\proeWildfire 3.0\i486_nt\obj\pro_comm_msg.exe"="C:\Program Files\proeWildfire 3.0\i486_nt\obj\pro_comm_msg.exe:*:Enabled:pro_comm_msg"

"C:\Program Files\proeWildfire 3.0\i486_nt\obj\xtop.exe"="C:\Program Files\proeWildfire 3.0\i486_nt\obj\xtop.exe:*:Enabled:xtop"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"

"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"

"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"

"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

"C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe"="C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax"

"C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe"="C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"

"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe"="C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server"

"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"

"C:\Program Files\proeWildfire 4.0\i486_nt\nms\nmsd.exe"="C:\Program Files\proeWildfire 4.0\i486_nt\nms\nmsd.exe:*:Enabled:nmsd"

"C:\Program Files\proeWildfire 4.0\i486_nt\obj\pro_comm_msg.exe"="C:\Program Files\proeWildfire 4.0\i486_nt\obj\pro_comm_msg.exe:*:Enabled:pro_comm_msg"

"C:\Program Files\proeWildfire 4.0\i486_nt\obj\xtop.exe"="C:\Program Files\proeWildfire 4.0\i486_nt\obj\xtop.exe:*:Enabled:xtop"

"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java Platform SE binary"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3bd9ca66-c1ec-11dc-a6d6-00904b450159}]

shell\AutoRun\command - E:\LaunchU3.exe -a

======File associations======

.scr - open - "C:\WINDOWS\system32\notepad.exe" "%1"

.scr - install -

.scr - config -

======List of files/folders created in the last 1 months======

2010-05-16 11:23:43 ----D---- C:\rsit

2010-05-15 15:00:55 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2010-05-15 08:58:18 ----D---- C:\Documents and Settings\Tim\Application Data\Malwarebytes

2010-05-15 08:57:59 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2010-05-15 08:57:17 ----A---- C:\Program Files\mbam-setup-1.46.exe

2010-05-13 07:23:46 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$

2010-04-18 21:11:00 ----D---- C:\Program Files\WinZip

======List of files/folders modified in the last 1 months======

2010-05-16 11:23:44 ----D---- C:\Program Files\Trend Micro

2010-05-16 11:21:05 ----D---- C:\WINDOWS\Prefetch

2010-05-15 16:44:20 ----RD---- C:\Program Files

2010-05-15 15:08:05 ----D---- C:\WINDOWS\system32\CatRoot2

2010-05-15 15:06:13 ----D---- C:\Program Files\Blue Coat K9 Web Protection

2010-05-15 15:06:07 ----D---- C:\WINDOWS\temp

2010-05-15 15:03:48 ----A---- C:\WINDOWS\SchedLgU.Txt

2010-05-15 15:01:06 ----D---- C:\WINDOWS\system32\drivers

2010-05-14 23:09:10 ----D---- C:\WINDOWS

2010-05-13 19:56:11 ----D---- C:\Documents and Settings\Tim\Application Data\LimeWire

2010-05-13 07:24:11 ----HD---- C:\WINDOWS\inf

2010-05-13 07:23:55 ----RSHDC---- C:\WINDOWS\system32\dllcache

2010-05-13 07:23:54 ----D---- C:\Program Files\Outlook Express

2010-05-13 07:23:53 ----D---- C:\WINDOWS\system32

2010-05-12 07:18:46 ----HD---- C:\WINDOWS\$hf_mig$

2010-05-01 19:24:53 ----SHD---- C:\WINDOWS\Installer

2010-05-01 19:24:47 ----HD---- C:\Config.Msi

2010-05-01 03:00:34 ----D---- C:\WINDOWS\system32\ReinstallBackups

2010-04-30 14:51:06 ----A---- C:\WINDOWS\system32\MRT.exe

2010-04-30 14:45:08 ----D---- C:\Work

2010-04-30 09:21:47 ----D---- C:\Program Files\DWGeditor

2010-04-30 08:52:08 ----RASH---- C:\boot.ini

2010-04-30 08:52:08 ----N---- C:\WINDOWS\system.ini

2010-04-30 08:52:08 ----A---- C:\WINDOWS\win.ini

2010-04-18 21:19:40 ----A---- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt

2010-04-18 21:11:22 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 bckd;bckd; C:\WINDOWS\system32\drivers\bckd.sys [2009-01-13 72992]

R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2003-06-27 66992]

R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2003-06-27 24698]

R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2003-06-27 259328]

R1 eabfiltr;EABFiltr; \??\C:\WINDOWS\System32\drivers\EABFiltr.sys []

R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]

R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2003-06-27 118409]

R1 tmtdi;Trend Micro TDI Driver; C:\WINDOWS\system32\DRIVERS\tmtdi.sys [2009-03-03 80400]

R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2003-06-27 213120]

R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-13 8832]

R2 irda;IrDA Protocol; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192]

R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2002-12-11 11044]

R2 StreamDispatcher;StreamDispatcher; C:\WINDOWS\System32\DRIVERS\strmdisp.sys [2003-05-01 30592]

R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []

R2 tmpreflt;tmpreflt; C:\WINDOWS\system32\DRIVERS\tmpreflt.sys [2009-12-04 36368]

R2 tmxpflt;tmxpflt; C:\WINDOWS\system32\DRIVERS\tmxpflt.sys [2009-12-04 230928]

R2 vsapint;vsapint; C:\WINDOWS\system32\DRIVERS\vsapint.sys [2009-12-04 1322680]

R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]

R3 BCM43XX;Broadcom 802.11 OneDriver; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [2003-07-31 254208]

R3 CAMCAUD;Conexant AMC 3D Environmental Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2003-06-12 291712]

R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2003-06-12 272896]

R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-13 13952]

R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2003-06-27 21993]

R3 EMCR;EMCR; C:\WINDOWS\System32\DRIVERS\EMCR7SK.sys [2003-08-15 68480]

R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]

R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2003-05-01 1107200]

R3 HSFHWICH;HSFHWICH; C:\WINDOWS\System32\DRIVERS\HSFHWICH.sys [2003-05-01 165504]

R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []

R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]

R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]

R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\System32\DRIVERS\nscirda.sys [2008-04-13 28672]

R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-06-24 1326203]

R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]

R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [2002-10-04 46976]

R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2003-05-22 273072]

R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2003-05-01 622848]

S2 tmactmon;tmactmon; \??\C:\WINDOWS\system32\drivers\tmactmon.sys []

S2 tmevtmgr;tmevtmgr; \??\C:\WINDOWS\system32\drivers\tmevtmgr.sys []

S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 eabusb;eabusb; \??\C:\WINDOWS\System32\drivers\eabusb.sys []

S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-12-06 85969]

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]

S3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2003-06-27 22745]

S3 mr7910;Photo Viewer; C:\WINDOWS\system32\DRIVERS\mr7910.sys [2006-08-02 114560]

S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []

S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]

S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]

S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]

S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-11-02 82560]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-03-31 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-10-31 110592]

R2 bckwfs;Blue Coat K9 Web Protection; C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2009-01-13 1078560]

R2 FLEXlm server for PTC;FLEXlm server for PTC; C:\Program Files\flexnet\i486_nt\obj\lmgrd.exe [2007-08-28 1294336]

R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

R2 IntuitUpdateService;Intuit Update Service; C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe [2008-10-10 13088]

R2 Irmon;Infrared Monitor; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-07 152984]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]

R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-06-24 73728]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]

R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2001-05-01 53248]

R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2007-02-05 300032]

R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-09-20 654848]

R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 SfCtlCom;Trend Micro Central Control Component; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [2009-10-20 711248]

S2 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [2009-03-03 341256]

S2 TmProxy;Trend Micro Proxy Service; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [2009-09-03 677128]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2007-08-23 77944]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-02-04 504104]

S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2009-12-03 79360]

S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-04-13 69632]

S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

S4 msvsmon80;Visual Studio 2005 Remote Debugger; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Jintan]

info.txt logfile of random's system information tool 1.06 2010-05-16 11:23:46

======Uninstall list======

-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}

Adobe Acrobat 8.2.2 Standard-->msiexec /I {AC76BA86-1033-0000-BA7E-000000000003}

Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}

Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player 10 Plugin-->MsiExec.exe /X{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}

Advertisement Service-->C:\WINDOWS\system32\prunnet.exe Uninstall

AnswerWorks 4.0 Runtime - English-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}\setup.exe" -l0x9 -removeonly

AnswerWorks 5.0 English Runtime-->MsiExec.exe /I{9E5A03E3-6246-4920-9630-0527D5DA9B07}

Apple Mobile Device Support-->MsiExec.exe /I{D8AB8F0C-CEEB-4A29-8EF5-219B064813F4}

Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}

AutoCAD 2006 - English-->MsiExec.exe /I{5783F2D7-4001-0409-0002-0060B0CE6BBA}

Autodesk DWF Viewer-->C:\PROGRA~1\Autodesk\AUTODE~1\Setup.exe /remove

Blue Coat

[Jintan]

And Gmer.

Running d4bwl7yw[1].exe; Driver CDOCUME~1TimLOCALS~1Tempkxrdqpow.sys

---- Devices - GMER 1.0.15 ----

AttachedDevice FileSystemFastfat Fat fltmgr.sys (Microsoft Filesystem Filter ManagerMicrosoft Corporation)

AttachedDevice DriverTcpip DeviceIp bckd.sys

AttachedDevice DriverTcpip DeviceTcp bckd.sys

AttachedDevice DriverTcpip DeviceUdp bckd.sys

AttachedDevice DriverTcpip DeviceRawIp bckd.sys

AttachedDevice DriverKbdclass DeviceKeyboardClass0 SynTP.sys (Synaptics Touchpad DriverSynaptics, Inc.)

AttachedDevice DriverKbdclass DeviceKeyboardClass0 mouclass.sys (Mouse Class DriverMicrosoft Corporation)

AttachedDevice DriverKbdclass DeviceKeyboardClass0 EABFiltr.sys (QLB PS2 Keyboard filter driverHewlett-Packard Company)

AttachedDevice DriverKbdclass DeviceKeyboardClass1 SynTP.sys (Synaptics Touchpad DriverSynaptics, Inc.)

AttachedDevice DriverKbdclass DeviceKeyboardClass1 EABFiltr.sys (QLB PS2 Keyboard filter driverHewlett-Packard Company)

---- EOF - GMER 1.0.15 ----

[Jintan]

No malware showing in these views, but really hadn't been any indications there was infection active there. The K9 web security software shows as running, but I am not sure it's functions would interfere with Malwarebytes, or at least not with just Malwarebytes running without glitches. You do have Trend's antivirus installed there. Their Internet Security package is known to interfere with Malwarebytes, as indicated at the top of this thread. See if the steps linked to there relate enough to your Trend version that you can make the necessary changes to Trend, to ensure it is not the cause of these "crashes".

Post back an update once you have done that please.