15 replies to this topic

[teliciab]

my computer had started crashing over the last month and I recently decided to run a malwarebytes scan. every time i did it would start detecting different viruses and then it would crash. I will get the kernal stack in page error with different numbers sometimes. and now when I start my computer there is an event code that pops up that says failed to perform desired action error code 2. even when I am updating my computer is is crashing. after removing a few viruses the computer seems to be crashing even more often. I have tried to defragment my computer but I am unsure if it is working. I have to use a code I found online to run it because the one built in to the computer is not responding. not sure if it has something to do with roboform or something else that I have done. thanks for any help you can give.

P.S. I am running vista on my computer.

I have downloaded the dds.scr file but i cannot figure out how to disable the script blockers.

I have trend micro office scan, malwarebytes, and the microsoft security essentials that came on the computer.

[teliciab]

As per instructions I am trying to disable the script blockers but I am not able to do that. can someone explain it to me please. thank you!

[teliciab]

my computer keeps crashing. I have attached the files that were asked for. thank you in advance for your help.  Attach1.txt   25.34KB   14 downloads
 DDS1.txt   18.64KB   13 downloads

[teliciab]

thanks I figured out how to disable them. I finally got the program to run. now I just need help figuring out what is wrong with my computer.

[teliciab]

im not sure where your reply went, but will you be able to help me here or do I need to post this again?

[teliciab]

my computer crashes all the time. I am unsure if it is because of the programs I am running or if it is a virus. I am attaching the logs that are required. I posted a topic before but the person who respnded didnt address this issue and their post has recently disappeared. so I am trying again. thank you in advance!  DDS1.txt   18.64KB   10 downloads  Attach1.txt   25.34KB   12 downloads


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by bestbuy at 0:22:59 on 2012-04-07
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1014.148 [GMT -5:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
C:\WINDOWS\TEMP\HC94CB.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Camera Assistant Software for Gateway\traybar.exe
C:\Program Files\Spare Backup\SpareBackup.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\sttray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Trend Micro\OfficeScan Client\PccNTMon.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchFilterHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=P-6822
mDefault_Page_URL = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=P-6822
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=P-6822
uURLSearchHooks: SweetIM For Internet Explorer: {bc4ffe41-de9f-46fa-b455-aad49b9f9938} -
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn2\YTNavAssist.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: SWEETIE Class: {1a0aadcd-3a72-4b5f-900f-e3bb5a838e2a} - c:\progra~1\macrog~1\sweeti~1\toolbar.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\windows\system32\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn2\YTSingleInstance.dll
TB: SweetIM For Internet Explorer: {bc4ffe41-de9f-46fa-b455-aad49b9f9938} -
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Desktop Software] "c:\program files\common files\supportsoft\bin\bcont.exe" /ini "c:\program files\comcastui\desktop software\uinstaller.ini" /fromrun /starthidden
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [googletalk] c:\users\bestbuy\appdata\roaming\google\google talk\googletalk.exe /autostart
uRun: [Facebook Update] "c:\users\bestbuy\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Google Update] "c:\users\bestbuy\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [SynTPEnh] "c:\program files\synaptics\syntp\SynTPEnh.exe"
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for gateway\traybar.exe"
mRun: [Spare Backup] "c:\program files\spare backup\SpareBackup.exe" /silent
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SigmatelSysTrayApp] sttray.exe
mRun: [RunUVC] "f:\studio.vs\RUNUVC.exe"
mRun: [UVCSti] "f:\studio.vs\UVCSti.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [T-Mobile webConnect Manager] "c:\program files\t-mobile\webconnect manager\TMobileCM.exe" -a
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [OfficeScanNT Monitor] "c:\program files\trend micro\officescan client\pccntmon.exe" -HideWindow
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Show RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: go.com\community.abcfamily
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFECAFE-0013-0001-0028-ABCDEFABCDEF}
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7522F32D-206B-40F7-A11B-6FD4586C521C} : DhcpNameServer = 10.177.0.34 10.163.103.140
TCP: Interfaces\{876F1865-E9B2-492C-9E68-23F446C5AB61} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{AF71050C-E02E-47C2-8FD8-77BB345FE01E} : DhcpNameServer = 10.133.20.11 10.132.20.11
TCP: Interfaces\{C772FBCA-7F94-4C4C-91CC-4DF1F97FAD10} : DhcpNameServer = 10.133.20.11 10.132.20.11
TCP: Interfaces\{F40A351C-5A5B-41ED-9F85-4ACCBD529E40} : DhcpNameServer = 10.133.20.11 10.132.20.11
Notify: DfLogon - LogonDll.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\bestbuy\appdata\roaming\mozilla\firefox\profiles\4uhirxrd.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPJinit13128.dll
FF - plugin: c:\users\bestbuy\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\bestbuy\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\users\bestbuy\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\bestbuy\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_228.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648]
R2 TmFilter;Trend Micro Filter;c:\program files\trend micro\officescan client\TmXpflt.sys [2009-5-22 249424]
R2 TmPreFilter;Trend Micro PreFilter;c:\program files\trend micro\officescan client\TmPreflt.sys [2009-5-22 36432]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-10-30 20464]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]
R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]
R3 tmobile_mf691_dc_enum;T-Mobile MF691 DC Enumerator;c:\windows\system32\drivers\tmobile_mf691_dc_enum.sys [2010-4-9 80000]
S3 ATMFBUS;A600 USB Composite Device Driver;c:\windows\system32\drivers\ATMFBUS.sys [2010-6-18 47360]
S3 ATMFCVsp;A600 Cricket CM Port;c:\windows\system32\drivers\ATMFCVsp.sys [2010-6-18 153600]
S3 ATMFFLT;A600 USB Modem Installation CD;c:\windows\system32\drivers\ATMFFLT.sys [2010-6-18 13312]
S3 ATMFMdm;A600 Cricket EVDO Modem;c:\windows\system32\drivers\ATMFMdm.sys [2010-6-18 153472]
S3 ATMFNET;A600 Cricket EVDO Network Adapter;c:\windows\system32\drivers\ATMFNET.sys [2010-6-18 103424]
S3 ATMFNVsp;A600 Cricket NMEA Port Serial Port;c:\windows\system32\drivers\ATMFNVsp.sys [2010-6-18 153600]
S3 ATMFVsp;A600 Cricket Diagnostics Port;c:\windows\system32\drivers\ATMFVsp.sys [2010-6-18 153472]
S3 Cam3820;Cam3820 PC Camera Driver;c:\windows\system32\drivers\cam3820a.sys [2009-1-10 300544]
S3 NETw2v32;Intel® PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\system32\drivers\NETw2v32.sys [2006-11-2 2589184]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
S3 tmobile_mf691_cdc_acm;T-Mobile MF691 CDC-ACM driver;c:\windows\system32\drivers\tmobile_mf691_cdc_acm.sys [2010-4-9 86016]
S3 tmobile_mf691_cdc_ecm;tmobile_mf691_cdc_ecm;c:\windows\system32\drivers\tmobile_mf691_cdc_ecm.sys [2010-4-9 50304]
S3 tmobile_mf691_cpo;T-Mobile webConnect CPO device;c:\windows\system32\drivers\tmobile_mf691_cpo.sys [2010-4-9 9728]
S3 uts_bus;UTStarcom USB Composite Device driver (WDM);c:\windows\system32\drivers\uts_bus.sys [2009-1-22 84352]
S3 uts_mdfl;UTStarcom USB Modem Filter;c:\windows\system32\drivers\uts_mdfl.sys [2009-1-22 14976]
S3 uts_mdm;UTStarcom USB Modem Drivers;c:\windows\system32\drivers\uts_mdm.sys [2009-1-22 110848]
S3 uts_serd;UTStarcom USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\uts_serd.sys [2009-1-22 90880]
.
=============== Created Last 30 ================
.
2012-04-07 05:03:26 6582328 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{a0042183-6462-42ef-82ea-d4a78839566b}\mpengine.dll
2012-04-07 04:47:09 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9d6a8f1b-bd51-4141-9213-f1d1cd703f75}\offreg.dll
2012-04-07 04:29:01 -------- d-----w- C:\44efb52931bff47de567d1201b
2012-04-07 04:18:50 6582328 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9d6a8f1b-bd51-4141-9213-f1d1cd703f75}\mpengine.dll
2012-04-06 20:37:43 -------- d-----w- C:\3ea26bb5c63edd4fa5b93462715d0e
2012-04-06 20:17:38 -------- d-----w- C:\0b44ee466b2eee41635e5243
2012-04-06 19:59:13 -------- d-----w- C:\94af74d86f48a349828ba3caeb
2012-04-06 18:06:20 -------- d-----w- C:\271a758b5aa98ea9f3d6c95a08c9b4d9
2012-04-06 07:48:23 -------- d-----w- C:\577f216263167f95789eed9a8b70a1e5
2012-04-03 19:27:41 -------- d-----w- C:\0edf190d8a536e58b74bb1a0764921
2012-04-03 08:02:22 -------- d-----w- C:\cb0886249bb2ba04f0acf75d
2012-04-02 23:22:13 -------- d-----w- C:\fed6fdea37845f660d0030c4d3d3cd
2012-04-02 23:15:08 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-02 20:02:11 -------- d-----w- C:\a5b5dab20bf180719940247f4278
2012-04-02 12:08:20 713784 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9a49293d-9946-4bc2-80f7-9f87db6daba0}\gapaengine.dll
2012-04-01 18:43:50 -------- d-----w- C:\5c2c5d95dabf358124bd6f491c
2012-04-01 06:06:34 -------- d-----w- C:\27bca232314e34e084bbf2990592bdce
2012-04-01 05:55:38 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-04-01 05:55:30 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-04-01 05:55:30 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-04-01 05:55:30 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-04-01 05:55:29 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-04-01 05:55:29 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-04-01 05:55:15 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-04-01 05:55:14 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-01 05:09:54 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-04-01 03:37:05 -------- d-----w- C:\f3cdcf9314593ab81aeb8292
2012-04-01 03:25:04 3993600 ----a-w- c:\program files\GUTAFCF.tmp
2012-04-01 03:25:04 -------- d-----w- c:\program files\GUMAFCE.tmp
2012-03-31 23:36:23 -------- d-----w- C:\9d98849fa84a7e86d4bc1f9f46fe
2012-03-31 17:31:35 -------- d-----w- C:\e4a4a05a77e677896cbbe0fd20
2012-03-30 23:39:42 -------- d-----w- C:\26ecb0768b60eccc83ed9775a72b63
.
==================== Find3M ====================
.
2012-04-02 23:35:56 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-01 04:55:15 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 0:25:41.57 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 9/12/2007 1:30:32 PM
System Uptime: 4/6/2012 11:46:19 PM (1 hours ago)
.
Motherboard: Gateway | | P-6822
Processor: Intel® Core™2 Duo CPU T5250 @ 1.50GHz | U2E1 | 1000/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 223 GiB total, 150.214 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 3.886 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0001
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #2
PNP Device ID: ROOT\*ISATAP\0001
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Tun Miniport Adapter
Device ID: ROOT\*TUNMP\0001
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TUNMP\0001
Service: tunmp
.
==== System Restore Points ===================
.
RP1262: 3/16/2012 7:10:04 PM - Windows Update
RP1263: 3/17/2012 8:45:40 PM - Windows Update
RP1264: 3/18/2012 9:55:41 PM - Windows Update
RP1265: 3/20/2012 2:30:42 PM - Windows Update
RP1266: 3/21/2012 10:13:37 PM - Windows Update
RP1267: 3/23/2012 8:57:47 AM - Windows Update
RP1268: 3/23/2012 10:03:29 PM - Windows Update
RP1269: 3/25/2012 3:09:13 PM - Windows Update
RP1270: 3/25/2012 6:08:57 PM - Windows Update
RP1271: 3/27/2012 7:44:36 AM - Windows Update
RP1272: 3/28/2012 3:33:32 PM - Windows Update
RP1273: 3/29/2012 6:39:23 PM - Windows Update
RP1274: 3/30/2012 6:37:46 PM - Windows Update
RP1275: 3/30/2012 7:46:47 PM - Windows Update
RP1276: 3/31/2012 12:19:30 PM - Windows Update
RP1277: 3/31/2012 6:23:02 PM - Windows Update
RP1278: 3/31/2012 6:34:06 PM - Windows Update
RP1279: 3/31/2012 10:25:46 PM - Windows Update
RP1280: 3/31/2012 11:50:24 PM - Installed Java™ 6 Update 31
RP1281: 3/31/2012 11:58:33 PM - Windows Update
RP1282: 4/1/2012 1:00:06 AM - Windows Update
RP1284: 4/2/2012 2:58:59 PM - Windows Update
RP1285: 4/2/2012 6:18:27 PM - Windows Update
RP1286: 4/3/2012 3:00:15 AM - Windows Update
RP1288: 4/3/2012 3:26:19 PM - Windows Update
RP1289: 4/4/2012 7:32:38 PM - Windows Update
RP1290: 4/5/2012 8:24:15 PM - Windows Update
RP1291: 4/6/2012 2:45:56 AM - Windows Update
RP1292: 4/6/2012 1:03:02 PM - Windows Update
RP1293: 4/6/2012 2:55:16 PM - Windows Update
RP1294: 4/6/2012 3:13:58 PM - Windows Update
RP1295: 4/6/2012 3:31:27 PM - Windows Update
RP1297: 4/6/2012 11:58:29 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
AC3Filter (remove only)
Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.0
Adobe® Photoshop® Album Starter Edition 3.2
Agere Systems HDA Modem
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bonjour
Browser Address Error Redirector
Camera Assistant Software for Gateway
Cricket Broadband 1.0
Cricket EVDO Modem
DivX Web Player
dj_sf_software_req
Electronic Listening Guides
Facebook Video Calling 1.2.0.159
Gateway Connect
Gateway Recovery Center Installer
Geek Squad 24 Hour Computer Support
Google Chrome
Google Desktop
Google Talk (remove only)
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Deskjet Printer Driver Software 9.0
IDT Audio
IL Download Manager
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
InterAct Math Plugin (32-bit)
iTunes
Java Auto Updater
Java™ 6 Update 31
Java™ SE Runtime Environment 6 Update 1
LabelPrint
Malwarebytes Anti-Malware version 1.60.1.1000
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Money Essentials
Microsoft Money Shared Libraries
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft WSE 2.0 SP3 Runtime
Move Networks Media Player for Internet Explorer
Mozilla Firefox 10.0.2 (x86 en-US)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
OGA Notifier 2.0.0048.0
Oracle JInitiator 1.3.1.28
PoiZone
Power2Go 5.0
QuickLink Mobile
QuickTime
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
Realtek USB 2.0 Card Reader
Rhapsody Player Engine
RoboForm 7-6-9 (All Users)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Spare Backup
Spelling Dictionaries Support For Adobe Reader 9
Synaptics Pointing Device Driver
T-Mobile webConnect Manager
Toolbox
Toxic Biohazard
Trend Micro OfficeScan Client
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
UTStarcom USB Modem Software
UVC Video Camera
VC80CRTRedist - 8.0.50727.762
Windows Live installer
Windows Live Messenger
Windows Live Sign-in Assistant
Xvid 1.2.1 final uninstall
Yahoo! Browser Services
Yahoo! Detect
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
4/6/2012 4:17:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
4/6/2012 3:44:28 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom MpFilter spldr tmtdi Wanarpv6
4/6/2012 3:44:28 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
4/6/2012 3:44:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
4/6/2012 3:44:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
4/6/2012 3:44:05 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/6/2012 3:43:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
4/6/2012 3:43:31 PM, Error: EventLog [6008] - The previous system shutdown at 3:40:24 PM on 4/6/2012 was unexpected.
4/6/2012 3:22:34 PM, Error: EventLog [6008] - The previous system shutdown at 3:20:20 PM on 4/6/2012 was unexpected.
4/6/2012 3:04:37 PM, Error: EventLog [6008] - The previous system shutdown at 3:01:02 PM on 4/6/2012 was unexpected.
4/6/2012 2:47:10 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
4/6/2012 12:54:37 PM, Error: EventLog [6008] - The previous system shutdown at 2:50:16 AM on 4/6/2012 was unexpected.
4/6/2012 11:53:08 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
4/6/2012 11:48:27 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
4/6/2012 11:48:27 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
4/6/2012 11:48:27 PM, Error: Service Control Manager [7000] - The Effect Service service failed to start due to the following error: The system cannot find the path specified.
4/6/2012 11:46:59 PM, Error: Microsoft-Windows-TaskScheduler [412] - Task Scheduler service failed to launch tasks triggered by computer startup. Additional Data: Error Value: 2147942402. User Action: restart task scheduler service.
4/6/2012 11:46:47 PM, Error: EventLog [6008] - The previous system shutdown at 11:37:23 PM on 4/6/2012 was unexpected.
4/6/2012 11:30:29 PM, Error: PlugPlayManager [12] - The device 'Optiarc DVD RW AD-7563A ATA Device' (IDE\CdRomOptiarc_DVD_RW_AD-7563A_________________WX05____\5&bd5da89&0&0.1.0) disappeared from the system without first being prepared for removal.
4/6/2012 11:30:14 PM, Error: cdrom [15] - The device, \Device\CdRom0, is not ready for access yet.
4/6/2012 11:25:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Eventlog service.
4/6/2012 11:25:19 PM, Error: Service Control Manager [7000] - The Microsoft Software Shadow Copy Provider service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/6/2012 11:25:17 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft Software Shadow Copy Provider service to connect.
4/6/2012 11:23:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service swprv with arguments "" in order to run the server: {65EE1DBA-8FF4-4A58-AC1C-3470EE2F376A}
4/6/2012 11:09:59 PM, Error: Microsoft-Windows-ResourcePublication [1002] - Element Provider\Microsoft.Base.Publication/Publication/Computer failed to publish. Ensure that both PKEY_PUBSVCS_METADATA and PKEY_PUBSVCS_TYPE are set properly on the function instance and there were no errors adding the function instance.
4/6/2012 1:12:48 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: MpFilter spldr tmtdi Wanarpv6
4/6/2012 1:11:32 PM, Error: EventLog [6008] - The previous system shutdown at 1:08:30 PM on 4/6/2012 was unexpected.
4/5/2012 8:00:19 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.6 with the system having network hardware address B8-17-C2-45-86-2F. Network operations on this system may be disrupted as a result.
4/4/2012 7:10:33 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
4/3/2012 9:21:47 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.123.894.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8202.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
4/3/2012 9:21:47 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
4/3/2012 9:11:27 AM, Error: EventLog [6008] - The previous system shutdown at 3:03:57 AM on 4/3/2012 was unexpected.
4/3/2012 6:15:48 PM, Error: PlugPlayManager [12] - The device 'Optiarc DVD RW AD-7563A ATA Device' (IDE\CdRomOptiarc_DVD_RW_AD-7563A_________________WX05____\5&bd5da89&0&0.0.0) disappeared from the system without first being prepared for removal.
4/3/2012 6:15:43 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
4/3/2012 5:10:10 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
4/3/2012 5:10:10 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
4/3/2012 5:04:38 PM, Error: EventLog [6008] - The previous system shutdown at 4:53:35 PM on 4/3/2012 was unexpected.
4/3/2012 3:12:47 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the iPod Service service to connect.
4/3/2012 3:12:47 PM, Error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/3/2012 3:12:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
4/3/2012 3:09:34 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
4/3/2012 3:07:45 PM, Error: EventLog [6008] - The previous system shutdown at 2:36:01 PM on 4/3/2012 was unexpected.
4/3/2012 2:30:37 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Installer service to connect.
4/3/2012 2:30:37 PM, Error: Service Control Manager [7000] - The Windows Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/3/2012 2:30:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
4/3/2012 10:15:32 AM, Error: EventLog [6008] - The previous system shutdown at 10:04:22 AM on 4/3/2012 was unexpected.
4/2/2012 8:05:00 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
4/2/2012 7:05:48 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.109.1657.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7104.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
4/2/2012 6:55:28 AM, Error: EventLog [6008] - The previous system shutdown at 10:41:15 PM on 4/1/2012 was unexpected.
4/2/2012 6:31:47 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect.
4/2/2012 6:31:47 PM, Error: Service Control Manager [7000] - The MBAMService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/2/2012 6:28:06 PM, Error: EventLog [6008] - The previous system shutdown at 6:25:25 PM on 4/2/2012 was unexpected.
4/2/2012 3:06:56 PM, Error: EventLog [6008] - The previous system shutdown at 3:04:25 PM on 4/2/2012 was unexpected.
4/1/2012 7:41:25 PM, Error: EventLog [6008] - The previous system shutdown at 6:18:01 PM on 4/1/2012 was unexpected.
4/1/2012 3:02:07 AM, Error: Service Control Manager [7000] - The Volume Shadow Copy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/1/2012 3:02:06 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.
4/1/2012 3:02:04 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
4/1/2012 1:49:41 PM, Error: EventLog [6008] - The previous system shutdown at 1:45:24 PM on 4/1/2012 was unexpected.
4/1/2012 1:41:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service gupdate1ca004cbb77bd67 with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
4/1/2012 1:41:48 PM, Error: Service Control Manager [7000] - The Google Update Service (gupdate1ca004cbb77bd67) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/1/2012 1:41:46 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate1ca004cbb77bd67) service to connect.
4/1/2012 1:15:45 AM, Error: EventLog [6008] - The previous system shutdown at 1:08:07 AM on 4/1/2012 was unexpected.
3/31/2012 9:34:28 PM, Error: EventLog [6008] - The previous system shutdown at 9:31:03 PM on 3/31/2012 was unexpected.
3/31/2012 8:33:48 PM, Error: EventLog [6008] - The previous system shutdown at 8:13:28 PM on 3/31/2012 was unexpected.
3/31/2012 6:42:05 PM, Error: EventLog [6008] - The previous system shutdown at 6:37:36 PM on 3/31/2012 was unexpected.
3/31/2012 6:09:44 PM, Error: EventLog [6008] - The previous system shutdown at 6:04:54 PM on 3/31/2012 was unexpected.
3/31/2012 5:56:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
3/31/2012 5:54:38 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
3/31/2012 5:54:33 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC MpFilter NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr tdx tmtdi Wanarpv6
3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.
3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The OfficeScan NT Listener service depends on the Network Connections service which failed to start because of the following error: The dependency service or group failed to start.
3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/31/2012 5:54:33 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
3/31/2012 5:53:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
3/31/2012 5:53:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
3/31/2012 5:53:17 PM, Error: EventLog [6008] - The previous system shutdown at 5:25:00 PM on 3/31/2012 was unexpected.
3/31/2012 12:44:06 PM, Error: EventLog [6008] - The previous system shutdown at 12:34:40 PM on 3/31/2012 was unexpected.
3/31/2012 12:11:55 PM, Error: EventLog [6008] - The previous system shutdown at 2:14:20 AM on 3/31/2012 was unexpected.
3/31/2012 11:41:55 PM, Error: Service Control Manager [7022] - The KtmRm for Distributed Transaction Coordinator service hung on starting.
3/31/2012 10:48:21 PM, Error: EventLog [6008] - The previous system shutdown at 10:42:25 PM on 3/31/2012 was unexpected.
3/31/2012 10:13:17 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Font Cache Service service to connect.
3/31/2012 10:13:17 PM, Error: Service Control Manager [7000] - The Windows Font Cache Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/31/2012 1:21:33 AM, Error: EventLog [6008] - The previous system shutdown at 1:18:53 AM on 3/31/2012 was unexpected.
.
==== End Of File ===========================

[screen317]

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

[teliciab]

thanks for your help. what is MBAM? I ran the dds scan already. do you want me to do it again? the links are above. I accidentally labeled it DDS1.

[teliciab]

I am sorry I figured out what MBAM is. I have the trail version of malwarebytes pro on my computer now. which one do I need to change it to?

[teliciab]

I updated the version that I have.  DDS2.txt   16.8KB   11 downloads




.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by bestbuy at 14:37:40 on 2012-04-09
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1014.279 [GMT -5:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\WINDOWS\TEMP\UR20A8.EXE
C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Camera Assistant Software for Gateway\traybar.exe
C:\Program Files\Spare Backup\SpareBackup.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\sttray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Trend Micro\OfficeScan Client\PccNTMon.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\ehome\mcupdate.EXE
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\RacAgent.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=P-6822
mDefault_Page_URL = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=P-6822
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=P-6822
uURLSearchHooks: SweetIM For Internet Explorer: {bc4ffe41-de9f-46fa-b455-aad49b9f9938} -
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn2\YTNavAssist.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: SWEETIE Class: {1a0aadcd-3a72-4b5f-900f-e3bb5a838e2a} - c:\progra~1\macrog~1\sweeti~1\toolbar.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\windows\system32\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn2\YTSingleInstance.dll
TB: SweetIM For Internet Explorer: {bc4ffe41-de9f-46fa-b455-aad49b9f9938} -
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Desktop Software] "c:\program files\common files\supportsoft\bin\bcont.exe" /ini "c:\program files\comcastui\desktop software\uinstaller.ini" /fromrun /starthidden
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [googletalk] c:\users\bestbuy\appdata\roaming\google\google talk\googletalk.exe /autostart
uRun: [Facebook Update] "c:\users\bestbuy\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Google Update] "c:\users\bestbuy\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [SynTPEnh] "c:\program files\synaptics\syntp\SynTPEnh.exe"
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for gateway\traybar.exe"
mRun: [Spare Backup] "c:\program files\spare backup\SpareBackup.exe" /silent
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SigmatelSysTrayApp] sttray.exe
mRun: [RunUVC] "f:\studio.vs\RUNUVC.exe"
mRun: [UVCSti] "f:\studio.vs\UVCSti.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [T-Mobile webConnect Manager] "c:\program files\t-mobile\webconnect manager\TMobileCM.exe" -a
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [OfficeScanNT Monitor] "c:\program files\trend micro\officescan client\pccntmon.exe" -HideWindow
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Show RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: go.com\community.abcfamily
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFECAFE-0013-0001-0028-ABCDEFABCDEF}
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7522F32D-206B-40F7-A11B-6FD4586C521C} : DhcpNameServer = 10.177.0.34 10.163.103.140
TCP: Interfaces\{876F1865-E9B2-492C-9E68-23F446C5AB61} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{AF71050C-E02E-47C2-8FD8-77BB345FE01E} : DhcpNameServer = 10.133.20.11 10.132.20.11
TCP: Interfaces\{C772FBCA-7F94-4C4C-91CC-4DF1F97FAD10} : DhcpNameServer = 10.133.20.11 10.132.20.11
TCP: Interfaces\{F40A351C-5A5B-41ED-9F85-4ACCBD529E40} : DhcpNameServer = 10.133.20.11 10.132.20.11
Notify: DfLogon - LogonDll.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\bestbuy\appdata\roaming\mozilla\firefox\profiles\4uhirxrd.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPJinit13128.dll
FF - plugin: c:\users\bestbuy\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\bestbuy\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\users\bestbuy\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\bestbuy\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_228.dll
.
============= SERVICES / DRIVERS ===============
.
S3 ATMFBUS;A600 USB Composite Device Driver;c:\windows\system32\drivers\ATMFBUS.sys [2010-6-18 47360]
S3 ATMFCVsp;A600 Cricket CM Port;c:\windows\system32\drivers\ATMFCVsp.sys [2010-6-18 153600]
S3 ATMFFLT;A600 USB Modem Installation CD;c:\windows\system32\drivers\ATMFFLT.sys [2010-6-18 13312]
S3 ATMFMdm;A600 Cricket EVDO Modem;c:\windows\system32\drivers\ATMFMdm.sys [2010-6-18 153472]
S3 ATMFNET;A600 Cricket EVDO Network Adapter;c:\windows\system32\drivers\ATMFNET.sys [2010-6-18 103424]
S3 ATMFNVsp;A600 Cricket NMEA Port Serial Port;c:\windows\system32\drivers\ATMFNVsp.sys [2010-6-18 153600]
S3 ATMFVsp;A600 Cricket Diagnostics Port;c:\windows\system32\drivers\ATMFVsp.sys [2010-6-18 153472]
S3 Cam3820;Cam3820 PC Camera Driver;c:\windows\system32\drivers\cam3820a.sys [2009-1-10 300544]
.
=============== Created Last 30 ================
.
2012-04-09 19:31:38 6582328 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{510942d0-65f4-4400-8d41-1ccf2aefe48b}\mpengine.dll
2012-04-08 22:54:01 -------- d-----w- C:\d40ed3624df61f09816add40bb
2012-04-08 22:26:13 -------- d-----w- C:\06a2e68ae6efc43a9b8aa8f62d2677
2012-04-07 04:29:01 -------- d-----w- C:\44efb52931bff47de567d1201b
2012-04-06 20:37:43 -------- d-----w- C:\3ea26bb5c63edd4fa5b93462715d0e
2012-04-06 20:17:38 -------- d-----w- C:\0b44ee466b2eee41635e5243
2012-04-06 19:59:13 -------- d-----w- C:\94af74d86f48a349828ba3caeb
2012-04-06 18:06:20 -------- d-----w- C:\271a758b5aa98ea9f3d6c95a08c9b4d9
2012-04-06 07:48:23 -------- d-----w- C:\577f216263167f95789eed9a8b70a1e5
2012-04-03 19:27:41 -------- d-----w- C:\0edf190d8a536e58b74bb1a0764921
2012-04-03 08:02:22 -------- d-----w- C:\cb0886249bb2ba04f0acf75d
2012-04-02 23:22:13 -------- d-----w- C:\fed6fdea37845f660d0030c4d3d3cd
2012-04-02 23:15:08 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-02 20:02:11 -------- d-----w- C:\a5b5dab20bf180719940247f4278
2012-04-02 12:08:20 713784 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9a49293d-9946-4bc2-80f7-9f87db6daba0}\gapaengine.dll
2012-04-01 18:43:50 -------- d-----w- C:\5c2c5d95dabf358124bd6f491c
2012-04-01 06:06:34 -------- d-----w- C:\27bca232314e34e084bbf2990592bdce
2012-04-01 05:55:38 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-04-01 05:55:30 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-04-01 05:55:30 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-04-01 05:55:30 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-04-01 05:55:29 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-04-01 05:55:29 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-04-01 05:55:15 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-04-01 05:55:14 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-01 05:09:54 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-04-01 03:37:05 -------- d-----w- C:\f3cdcf9314593ab81aeb8292
2012-04-01 03:25:04 3993600 ----a-w- c:\program files\GUTAFCF.tmp
2012-04-01 03:25:04 -------- d-----w- c:\program files\GUMAFCE.tmp
2012-03-31 23:36:23 -------- d-----w- C:\9d98849fa84a7e86d4bc1f9f46fe
2012-03-31 17:31:35 -------- d-----w- C:\e4a4a05a77e677896cbbe0fd20
2012-03-30 23:39:42 -------- d-----w- C:\26ecb0768b60eccc83ed9775a72b63
.
==================== Find3M ====================
.
2012-04-04 20:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-02 23:35:56 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-01 04:55:15 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 14:42:36.34 ===============

[screen317]

teliciab, on 08 April 2012 - 06:13 PM, said:

I am sorry I figured out what MBAM is. I have the trail version of malwarebytes pro on my computer now. which one do I need to change it to?

What do you mean change it? Just update it run a Quick Scan, and post its log.

[teliciab]

I meant do I need to change it to the free version. but I did post the log. I posted it after I posted that.

[teliciab]

hello again. I just wanted to check in with you and remind you that I am unable to get the scan log from malwarebytes because my computer crashes whenever I run a scan. I will keep trying though. but as of right now the info above is all that is available

[screen317]

Hi,

I apologize for the delay; I thought I replied last week.

Update MBAM. Don't run a scan yet.

Please reboot to Safe Mode (tap the F8 key just before Windows starts to load and select the Safe Mode option from the menu).

Log in to your regular account. Open MBAM, run a Quick Scan, and post its log.

[screen317]

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!