Jump to content


Photo

Getting "needs to close error" with 1.70.0.1100 in Windows XP


  • Please log in to reply
10 replies to this topic

#1 sgbrown68

sgbrown68

    New Member

  • Members
  • Pip
  • 25 posts

Posted 14 January 2013 - 07:41 PM

Hi,

Running Windows XP, long time malwarebytes user (free version) never had any problems. It just updated to 1.70.0.1100 and now it won't complete the scans. When running a quick scan, whenever it gets to "windows/system/mciavi" in the scannign process, I get the message "Malwarebytes has enountered an error and needs to close" and then prompts me on whether or not I want to send an error report.

I've tried mbam clean and reinstalled several times. No joy.

Please advise further. Thanks!

#2 sgbrown68

sgbrown68

    New Member

  • Members
  • Pip
  • 25 posts

Posted 14 January 2013 - 08:04 PM

Ok I figured it out, or at least I've found a work around: I disabled SpyBot teatimer and that took care of it. Strange, never had a problem working with teatimer in previous versions I've had. Oh well, at least I've got it to where it will fully run the scan.

Really enjoy your product.

Best

#3 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,155 posts
  • Gender:Male
  • Location:US

Posted 14 January 2013 - 09:16 PM

Glad you were able to get it working. If you continue to have an issue please let us know.

Thanks

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#4 sgbrown68

sgbrown68

    New Member

  • Members
  • Pip
  • 25 posts

Posted 15 January 2013 - 05:37 PM

ok, unfortunately, i spoke too soon. it started happening again. no idea what the catalyst is. i mean, it clearly has to be something w/this new version because i've never had any problems like this before. tried to run it for a full scan today, same thing happened "encountered error and needs to close". done the mbam clean and reinstalled again. no joy.

any suggestions?

#5 Firefox

Firefox

    Forum Deity

  • Trusted Advisors
  • PipPipPipPipPipPip
  • 10,024 posts
  • Gender:Male
  • Location:USA

Posted 15 January 2013 - 05:52 PM

Please provide the following logs so we can assist you further.....

Please post an mbam-check log:

Create an mbam-check log:

  • Download mbam-check.exe from here and save it to your desktop
  • Double-click on mbam-check.exe to run it, it should then open a log file
  • Please attach the CheckResults.txt file which should now be located on your desktop to your next reply


Next, Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop
dds.scr
dds.com


Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool, on Vista or Win 7 right click and select Run as administrator
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment.
  • When done, DDS will open two (2) logs:
  • DDS.txt
  • Attach.txt
  • Save both reports to your desktop
  • Please include the following logs in your next reply: DDS.txt and Attach.txt

    You can ignore the note about zipping the Attach.txt file in most cases.

post-2065-0-92797800-1392234217.jpg


Dell Precision T7500, Win7 Ultimate 64bit fully updated, McAfee Corp Edition v8.8,
Watchguard Firewall, Intel Xeon E5606CPU, Dual Quad Core Processors, 16GB Ram,
E5606 @ 2.13GHz, Nvidia Quadro NVS420, Raid-1 Dual 1TB Sata 10000 rpm Hard Drives
Dual DVD Burners, IE10, Opera, MBAM, MBSB, MBAE


#6 sgbrown68

sgbrown68

    New Member

  • Members
  • Pip
  • 25 posts

Posted 15 January 2013 - 06:20 PM

here's the mbam check log:

mbam-check result log version: 2.0.0.1000

Malwarebytes Version: REG_SZ 1.70.0.1100

Date Log Created: 01/15/13
Time Log Created: 18:11:57

User Account type: Administrator

32 bit Operating System

Product Name: REG_SZ Microsoft Windows XP

Current Build Number: 2600

Current Version Number: 5.1

Current CSDVersion: Service Pack 3

OS Product Info: Professional

Proxy Status: No proxy is Set

Proxy Override:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\
ProxyOverride REG_SZ *.local

LAN Settings:
=============

only 'Automatically detect settings' is selected

SystemPartition:
================

HKEY_LOCAL_MACHINE\SYSTEM\Setup\
SystemPartition REG_SZ \Device\HarddiskVolume1

Balloon Tips Status:
====================

Enabled

Time Format Settings:
=====================

Should be:
h:mm:ss tt
AM
PM
:

Currently:
REG_SZ h:mm:ss tt
REG_SZ AM
REG_SZ PM
REG_SZ :

Language and Regional Settings:
===============================

ACP: Language is English (United States)
MACCP: Language is English (United States)
OEMCP: Language is English (United States)

Startup Folders for Error_Expanding_Variables Check:
====================================================

All Users Startup Folder Exists.
Current User's startup Folder Exists.


Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================

TERMService:
==============
Type : 32
State : 4 (The service is running.) (State is stopped)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0


TermService Start is set to: 3 (Manual Startup)

Compatibility Flag Settings (Any MBAM file listings should be removed):
=======================================================================






Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked

MBAM Startup Entries:
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Service and Driver Status:
==========================

<--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMProtector


<--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMService


<--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMScheduler


<--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon


MBAMProtector Registry Values:
==============================


MBAMService Registry Values:
============================


MBAMScheduler Registry Values:
==============================



MBAM DLL's and Runtime Files:
=============================

HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid
(Default): REG_SZ vbAccelerator Grid Control
HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid\Clsid
(Default): REG_SZ {C5DA1F2B-B2BF-4DFC-BC9A-439133543A67}

HKEY_CLASSES_ROOT\SSubTimer6.GSubclass
(Default): REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\SSubTimer6.GSubclass\Clsid
(Default): REG_SZ {71A27032-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\SSubTimer6.CTimer
(Default): REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\SSubTimer6.CTimer\Clsid
(Default): REG_SZ {71A27034-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\SSubTimer6.ISubclass
(Default): REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\SSubTimer6.ISubclass\Clsid
(Default): REG_SZ {71A2702F-C7D8-11D2-BEF8-525400DFB47A}



HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default): REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default): REG_SZ 1.0

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll
ThreadingModel REG_SZ Apartment
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default): REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default): REG_SZ 1.0

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll
ThreadingModel REG_SZ Apartment
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default): REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default): REG_SZ 1.0



HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1
(Default): REG_SZ vbAccelerator VB6 SGrid Control 2.0
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS
(Default): REG_SZ 2
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0
(Default): REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS
(Default): REG_SZ 0
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ ISubclass
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid
(Default): REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default): REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version REG_SZ 1.0

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ CTimer
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version REG_SZ 1.0

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}
(Default): REG_SZ vbalGrid
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib
(Default): REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}
Version REG_SZ 1.1

MBAM Registry Settings and License Info:
========================================

HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware
advancedheuristics REG_DWORD 1
downloadprogram REG_DWORD 1
hidereg REG_DWORD 0
detectp2p REG_DWORD 0
detectpum REG_DWORD 1
detectpup REG_DWORD 2
updatewarn REG_DWORD 1
updatewarndays REG_DWORD 7
useproxy REG_DWORD 0
useauthentication REG_DWORD 0
contextmenu REG_DWORD 1
reportthreats REG_DWORD 1
startwithwindows REG_DWORD 1
startfsdisabled REG_DWORD 0
startipdisabled REG_DWORD 0
silentipmode REG_DWORD 0
autoquarantine REG_DWORD 1
notifyinstallprogram REG_DWORD 1
trialpromptshown REG_DWORD 0
autoquarantinenotify REG_DWORD 1
InstallPath REG_SZ C:\Program Files\Malwarebytes' Anti-Malware
dbdate REG_SZ Tue, 15 Jan 2013 20:46:11 GMT
dbversion REG_SZ v2013.01.15.14
programversion REG_SZ 1.70.0.1100
programbuild REG_SZ consumer



HKEY_CURRENT_USER\SOFTWARE\Malwarebytes' Anti-Malware
alwaysscanfiles REG_DWORD 1
alwaysscanheuristics REG_DWORD 1
alwaysscanmemory REG_DWORD 1
alwaysscanregistry REG_DWORD 1
alwaysscanstartups REG_DWORD 1
autosavelog REG_DWORD 1
openlog REG_DWORD 1
defaultscan REG_DWORD 0
terminateie REG_DWORD 0
Language REG_SZ English.lng
selectedrives REG_SZ C:\|


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1
Inno Setup: Setup Version REG_SZ 5.5.3-dev (a)
Inno Setup: App Path REG_SZ C:\Program Files\Malwarebytes' Anti-Malware
InstallLocation REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\
Inno Setup: Icon Group REG_SZ Malwarebytes' Anti-Malware
Inno Setup: No Icons REG_DWORD 1
Inno Setup: User REG_SZ Steve
Inno Setup: Selected Tasks REG_SZ desktopicon
Inno Setup: Deselected Tasks REG_SZ quicklaunchicon
Inno Setup: Language REG_SZ English
DisplayName REG_SZ Malwarebytes Anti-Malware version 1.70.0.1100
DisplayIcon REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
UninstallString REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
QuietUninstallString REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" /SILENT
DisplayVersion REG_SZ 1.70.0.1100
Publisher REG_SZ Malwarebytes Corporation
URLInfoAbout REG_SZ http://www.malwarebytes.org
NoModify REG_DWORD 1
NoRepair REG_DWORD 1
InstallDate REG_SZ 20130114
MajorVersion REG_DWORD 1
MinorVersion REG_DWORD 70

Pending File Rename Operations:
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.

Scheduler Queue:
================



Context Menu Entries:
=====================

HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt
(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt
(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt
(Default): REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID
(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer
(Default): REG_SZ MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1
(Default): REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID
(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}


HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}
(Default): REG_SZ IMBAMShlExt
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid
(Default): REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32
(Default): REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib
(Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
Version REG_SZ 1.0
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}
(Default): REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
ThreadingModel REG_SZ Apartment
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID
(Default): REG_SZ MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib
(Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID
(Default): REG_SZ MBAMExt.MBAMShlExt

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0
(Default): REG_SZ MBAMExt 1.0 Type Library
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win32
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS
(Default): REG_SZ 0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\



MBAM Drivers:
=============

C:\WINDOWS\system32\drivers\mbam.sys File Size: 21104 BYTES FileVersion: 1.60.2.0
C:\WINDOWS\system32\drivers\mbamswissarmy.sys File Size: 40776 BYTES FileVersion: 1.60.0.0


Required Dependencies:
======================

fltmgr:
==============
Type : 2
State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
Type REG_DWORD 2
Start REG_DWORD 0
ErrorControl REG_DWORD 1
Tag REG_DWORD 4
ImagePath REG_EXPAND_SZ system32\DRIVERS\fltMgr.sys
DisplayName REG_SZ FltMgr
Group REG_SZ FSFilter Infrastructure
Description REG_SZ File System Filter Manager Driver
AttachWhenLoaded REG_DWORD 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Security
Security REG_BINARY Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
0 REG_SZ Root\LEGACY_FLTMGR\0000
Count REG_DWORD 1
NextInstance REG_DWORD 1
C:\WINDOWS\system32\drivers\fltmgr.sys File Size: 129792 BYTES FileVersion: 5.1.2600.5512
C:\WINDOWS\system32\mscomctl.ocx File Size: 1070352 BYTES FileVersion: 6.1.98.33
C:\WINDOWS\system32\olepro32.dll File Size: 84992 BYTES FileVersion: 5.1.2600.5512


List of MBAM Related Directories:
=================================

C:\Program Files\Malwarebytes' Anti-Malware
changes.txt File Size: 2128 BYTES
license.rtf File Size: 17916 BYTES
mbam.chm File Size: 469873 BYTES
mbam.dll File Size: 508264 BYTES FileVersion: 1.70.0.0
mbam.exe File Size: 824232 BYTES FileVersion: 1.70.0.9
mbamcore.dll File Size: 1091432 BYTES FileVersion: 1.70.0.0
mbamext.dll File Size: 79208 BYTES FileVersion: 1.70.0.0
mbamgui.exe File Size: 512360 BYTES FileVersion: 1.70.0.0
mbamnet.dll File Size: 2171240 BYTES FileVersion: 1.70.0.0
mbampt.exe File Size: 38248 BYTES FileVersion: 1.70.0.0
mbamscheduler.exe File Size: 398184 BYTES FileVersion: 1.70.0.0
mbamservice.exe File Size: 682344 BYTES FileVersion: 1.70.0.0
ssubtmr6.dll File Size: 46416 BYTES FileVersion: 1.1.0.3
unins000.dat File Size: 14188 BYTES
unins000.exe File Size: 710504 BYTES FileVersion: 51.52.0.0
unins000.msg File Size: 11277 BYTES
vbalsgrid6.ocx File Size: 496976 BYTES FileVersion: 2.0.0.40

C:\Program Files\Malwarebytes' Anti-Malware\Chameleon
chameleon.chm File Size: 186068 BYTES
firefox.com File Size: 216424 BYTES
firefox.exe File Size: 216424 BYTES
firefox.pif File Size: 216424 BYTES
firefox.scr File Size: 216424 BYTES
iexplore.exe File Size: 216424 BYTES
mbam-chameleon.com File Size: 216424 BYTES
mbam-chameleon.exe File Size: 216424 BYTES
mbam-chameleon.pif File Size: 216424 BYTES
mbam-chameleon.scr File Size: 216424 BYTES
mbam-killer.exe File Size: 894312 BYTES
rundll32.exe File Size: 216424 BYTES
svchost.exe File Size: 216424 BYTES
winlogon.exe File Size: 216424 BYTES

C:\Program Files\Malwarebytes' Anti-Malware\Languages
arabic.lng File Size: 21728 BYTES
belarusian.lng File Size: 26766 BYTES
bosnian.lng File Size: 26988 BYTES
bulgarian.lng File Size: 27400 BYTES
catalan.lng File Size: 28114 BYTES
chineseSI.lng File Size: 10970 BYTES
chineseTR.lng File Size: 11894 BYTES
croatian.lng File Size: 26576 BYTES
czech.lng File Size: 24682 BYTES
danish.lng File Size: 26434 BYTES
dutch.lng File Size: 28142 BYTES
english.lng File Size: 24418 BYTES
estonian.lng File Size: 25014 BYTES
finnish.lng File Size: 25770 BYTES
french.lng File Size: 29674 BYTES
german.lng File Size: 29698 BYTES
greek.lng File Size: 29116 BYTES
hebrew.lng File Size: 19202 BYTES
hungarian.lng File Size: 28430 BYTES
italian.lng File Size: 28022 BYTES
japanese.lng File Size: 16140 BYTES
korean.lng File Size: 14096 BYTES
latvian.lng File Size: 26916 BYTES
lithuanian.lng File Size: 27664 BYTES
macedonian.lng File Size: 28864 BYTES
norwegian.lng File Size: 24978 BYTES
polish.lng File Size: 26484 BYTES
portugueseBR.lng File Size: 28544 BYTES
portuguesePT.lng File Size: 28904 BYTES
romanian.lng File Size: 28090 BYTES
russian.lng File Size: 27134 BYTES
serbian.lng File Size: 26662 BYTES
slovak.lng File Size: 25486 BYTES
slovenian.lng File Size: 24696 BYTES
spanish.lng File Size: 29902 BYTES
swedish.lng File Size: 25800 BYTES
thai.lng File Size: 25884 BYTES
turkish.lng File Size: 25800 BYTES
vietnamese.lng File Size: 29400 BYTES

C:\Documents and Settings\Steve\Application Data\Malwarebytes\Malwarebytes' Anti-Malware

C:\Documents and Settings\Steve\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs
mbam-log-2013-01-14 (21-08-45).txt File Size: 1852 BYTES
mbam-log-2013-01-14 (21-12-17).txt File Size: 1866 BYTES

C:\Documents and Settings\Steve\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine

===============================================================
END OF FILE




here is the DDS.txt:

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_37
Run by Steve at 18:13:40 on 2013-01-15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1513 [GMT -5:00]
.
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Easy Dock] c:\documents and settings\steve\my documents\rca easyrip\EZDock.exe
uRun: [Google Update] "c:\documents and settings\steve\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [ISBMgr.exe] c:\program files\sony\isb utility\ISBMgr.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [VAIOCameraUtility] "c:\program files\sony\vaio camera utility\VCUServe.exe"
mRun: [SonyPowerCfg] "c:\program files\sony\vaio power management\SPMgr.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
mRun: [Conime] c:\windows\system32\conime.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Easy Dock] <no file>
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
SecurityProviders: SecurityProviders = msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\steve\application data\mozilla\firefox\profiles\rlolerzl.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.drudgereport.com/
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\steve\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\steve\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\steve\local settings\application data\google\update\1.3.21.124\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
============= SERVICES / DRIVERS ===============
.
R3 5U870UVC;Sony Visual Communication Camera VGP-VCC7;c:\windows\system32\drivers\5U870.sys [2012-3-9 90240]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [2012-3-12 31104]
R3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\drivers\SonyPI.sys [2012-3-8 71961]
S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [2012-3-24 6016]
S3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2012-3-9 36608]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-1-15 40776]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2012-3-24 20480]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2012-3-24 8320]
S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [2012-3-24 23424]
S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [2012-3-24 11008]
S4 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\EKAiOHostService.exe [2012-3-16 389120]
S4 MotoHelper;MotoHelper Service;c:\program files\motorola\motohelper\MotoHelperService.exe [2011-12-6 214896]
S4 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-7-5 3048136]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
.
=============== Created Last 30 ================
.
2013-01-15 22:28:54 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-01-15 02:06:55 -------- d-----w- c:\documents and settings\steve\application data\Malwarebytes
2013-01-15 02:06:49 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2013-01-15 02:06:48 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-15 02:06:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-12-22 15:23:06 -------- d-----w- c:\program files\Dropbox
2012-12-18 14:28:14 186584 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2012-12-18 14:28:14 186584 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2013-01-09 17:59:19 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-09 17:59:19 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
.
============= FINISH: 18:14:07.01 ===============


here is the Attach.txt:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 3/9/2012 8:20:03 AM
System Uptime: 1/15/2013 6:09:22 PM (0 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel® Core™2 Duo CPU T7500 @ 2.20GHz | N/A | 2194/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 1.579 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel® Wireless WiFi Link 4965AGN
Device ID: PCI\VEN_8086&DEV_4229&SUBSYS_11008086&REV_61\4&29E2C51B&0&00E1
Manufacturer: Intel Corporation
Name: Intel® Wireless WiFi Link 4965AGN
PNP Device ID: PCI\VEN_8086&DEV_4229&SUBSYS_11008086&REV_61\4&29E2C51B&0&00E1
Service: NETw5x32
.
Class GUID:
Description: Toshiba RFBUS Driver
Device ID: BLUETOOTH\TOSRFBD\TOSRFBD
Manufacturer:
Name: Toshiba RFBUS Driver
PNP Device ID: BLUETOOTH\TOSRFBD\TOSRFBD
Service:
.
Class GUID: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Description: Windows XP / Windows Server 2003 device driver for the Infineon Trusted Platform Module
Device ID: ACPI\IFX0102\1
Manufacturer: Infineon Technologies AG
Name: Infineon Trusted Platform Module
PNP Device ID: ACPI\IFX0102\1
Service: IFXTPM
.
==== System Restore Points ===================
.
RP226: 10/17/2012 10:07:24 PM - System Checkpoint
RP227: 10/18/2012 11:36:26 AM - Installed Java™ 6 Update 37
RP228: 10/19/2012 4:28:23 PM - System Checkpoint
RP229: 10/20/2012 4:55:24 PM - System Checkpoint
RP230: 10/21/2012 5:55:20 PM - System Checkpoint
RP231: 10/22/2012 6:04:15 PM - System Checkpoint
RP232: 10/23/2012 8:43:44 AM - Installed QuickTime
RP233: 10/24/2012 5:07:09 PM - System Checkpoint
RP234: 10/25/2012 6:02:48 PM - System Checkpoint
RP235: 10/26/2012 6:04:34 PM - System Checkpoint
RP236: 10/27/2012 7:04:33 PM - System Checkpoint
RP237: 10/28/2012 7:39:47 PM - System Checkpoint
RP238: 10/29/2012 8:04:34 PM - System Checkpoint
RP239: 10/30/2012 8:04:51 PM - System Checkpoint
RP240: 10/31/2012 9:04:52 PM - System Checkpoint
RP241: 11/1/2012 10:04:51 PM - System Checkpoint
RP242: 11/2/2012 11:04:52 PM - System Checkpoint
RP243: 11/3/2012 11:04:52 PM - System Checkpoint
RP244: 11/5/2012 12:04:52 AM - System Checkpoint
RP245: 11/6/2012 1:04:52 AM - System Checkpoint
RP246: 11/7/2012 1:39:07 AM - System Checkpoint
RP247: 11/8/2012 1:59:32 AM - System Checkpoint
RP248: 11/9/2012 2:59:33 AM - System Checkpoint
RP249: 11/10/2012 3:59:32 AM - System Checkpoint
RP250: 11/11/2012 8:30:56 AM - System Checkpoint
RP251: 11/12/2012 5:07:31 PM - System Checkpoint
RP252: 11/13/2012 6:10:28 PM - System Checkpoint
RP253: 11/14/2012 6:41:07 PM - System Checkpoint
RP254: 11/14/2012 10:01:20 PM - Installed WModem_Installer
RP255: 11/15/2012 10:41:08 PM - System Checkpoint
RP256: 11/16/2012 10:42:13 PM - System Checkpoint
RP257: 11/17/2012 11:41:07 PM - System Checkpoint
RP258: 11/19/2012 12:41:07 AM - System Checkpoint
RP259: 11/20/2012 1:04:25 AM - System Checkpoint
RP260: 11/21/2012 1:04:49 AM - System Checkpoint
RP261: 11/22/2012 2:04:49 AM - System Checkpoint
RP262: 11/23/2012 3:04:50 AM - System Checkpoint
RP263: 11/24/2012 4:04:50 AM - System Checkpoint
RP264: 11/25/2012 5:04:49 AM - System Checkpoint
RP265: 11/26/2012 6:04:50 AM - System Checkpoint
RP266: 11/27/2012 3:07:50 PM - System Checkpoint
RP267: 11/28/2012 5:11:11 PM - System Checkpoint
RP268: 11/29/2012 5:25:11 PM - System Checkpoint
RP269: 11/30/2012 6:20:03 PM - System Checkpoint
RP270: 12/1/2012 7:18:57 PM - System Checkpoint
RP271: 12/2/2012 8:18:58 PM - System Checkpoint
RP272: 12/3/2012 8:36:47 PM - System Checkpoint
RP273: 12/4/2012 9:22:32 PM - System Checkpoint
RP274: 12/5/2012 10:22:31 PM - System Checkpoint
RP275: 12/6/2012 10:47:38 PM - System Checkpoint
RP276: 12/7/2012 11:47:02 PM - System Checkpoint
RP277: 12/9/2012 12:47:02 AM - System Checkpoint
RP278: 12/10/2012 12:53:02 AM - System Checkpoint
RP279: 12/10/2012 1:46:30 PM - Removed Claro Chrome Toolbar
RP280: 12/11/2012 6:04:24 AM - Restore Operation
RP281: 12/11/2012 9:27:42 AM - Restore Operation
RP282: 12/12/2012 5:19:26 PM - System Checkpoint
RP283: 12/13/2012 6:18:27 PM - System Checkpoint
RP284: 12/14/2012 7:14:00 PM - System Checkpoint
RP285: 12/15/2012 7:41:41 PM - System Checkpoint
RP286: 12/16/2012 8:09:05 PM - System Checkpoint
RP287: 12/17/2012 8:14:49 PM - System Checkpoint
RP288: 12/18/2012 8:15:03 PM - System Checkpoint
RP289: 12/19/2012 8:26:27 PM - System Checkpoint
RP290: 12/20/2012 9:26:27 PM - System Checkpoint
RP291: 12/21/2012 10:05:52 PM - System Checkpoint
RP292: 12/22/2012 10:24:14 PM - System Checkpoint
RP293: 12/23/2012 11:24:13 PM - System Checkpoint
RP294: 12/24/2012 11:48:22 PM - System Checkpoint
RP295: 12/26/2012 12:48:21 AM - System Checkpoint
RP296: 12/27/2012 1:48:21 AM - System Checkpoint
RP297: 12/28/2012 1:55:02 AM - System Checkpoint
RP298: 12/29/2012 2:27:36 AM - System Checkpoint
RP299: 12/30/2012 3:24:26 AM - System Checkpoint
RP300: 12/31/2012 4:00:46 AM - System Checkpoint
RP301: 1/1/2013 4:48:02 AM - System Checkpoint
RP302: 1/2/2013 5:08:12 AM - System Checkpoint
RP303: 1/3/2013 6:08:11 AM - System Checkpoint
RP304: 1/4/2013 6:37:10 AM - System Checkpoint
RP305: 1/5/2013 7:16:12 AM - System Checkpoint
RP306: 1/6/2013 7:55:12 AM - System Checkpoint
RP307: 1/7/2013 11:27:30 AM - System Checkpoint
RP308: 1/8/2013 5:03:53 PM - System Checkpoint
RP309: 1/9/2013 5:32:23 PM - System Checkpoint
RP310: 1/10/2013 6:21:26 PM - System Checkpoint
RP311: 1/11/2013 7:16:27 PM - System Checkpoint
RP312: 1/12/2013 7:55:08 PM - System Checkpoint
RP313: 1/13/2013 8:08:25 PM - System Checkpoint
RP314: 1/15/2013 10:11:33 AM - System Checkpoint
.
==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.5)
aioscnnr
Apple Application Support
Apple Mobile Device Support
Apple Software Update
BitTorrent
Bonjour
C4USelfUpdater
calibre
CCleaner
CDisplayEx 1.8
center
Dropbox
essentials
FLAC 1.2.1b (remove only)
Free M4a to MP3 Converter 7.1
Google Chrome
Google Talk Plugin
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB954550-v5)
IrfanView (remove only)
iTunes
Java Auto Updater
Java™ 6 Update 37
Kodak AIO Printer
KODAK AiO Software
ksDIP
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
mIRC
MotoHelper 2.1.32 Driver 5.4.0
MotoHelper MergeModules
Motorola Mobile Drivers Installation 5.4.0
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
MSXML 6.0 Parser
ocr
PreReq
QuickTime
RCA Detective™ 3.0.3.0
RCA easyRip 2.5.7.0
RCA Updater 2.1.7.0
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB975558)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2483614)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
Setting Utility Series
SigmaTel Audio
Skype Click to Call
Skype™ 5.10
Soft Data Fax Modem with SmartCP
Sony Utilities DLL
Sony Video Shared Library
Sony Visual Communication Camera VGP-VCC7 Ver.6.3000.210.0
Spybot - Search & Destroy
StreamTorrent 1.0
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition
Update for Windows XP (KB2345886)
Update for Windows XP (KB2641690)
VAIO Camera Capture Utility
VAIO Camera Utility
VAIO Event Service
VAIO Power Management
VLC media player 2.0.1
WBFS Manager 3.0
WBFS to ISO
WebFldrs XP
Winamp
Winamp Detector Plug-in
Windows Driver Package - Alps (ApfiltrService) Mouse (05/25/2007 5.3.512.7)
Windows Driver Package - CXT (winachsf) Modem (07/11/2006 7.50.00.00)
Windows Driver Package - Intel Corporation (ialm) Display (06/22/2007 6.14.10.4847)
Windows Driver Package - Marvell (yukonwxp) Net (05/03/2007 10.14.6.3)
Windows Driver Package - Sony Corporation (SNC) HIDClass (06/04/2002 6.0.0.2)
Windows Driver Package - Sony Corporation (SPI) HIDCLASS (08/20/2002 7.0.3.820)
WinRAR 4.20 (32-bit)
WModem Driver Installer
.
==== Event Viewer Messages From Past Week ========
.
1/15/2013 5:55:36 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DMICall Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
1/15/2013 5:55:36 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
1/15/2013 5:55:36 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/15/2013 5:55:36 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/15/2013 5:55:36 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
1/15/2013 5:55:36 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/15/2013 5:55:36 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/15/2013 5:55:03 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
1/15/2013 5:55:03 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
1/13/2013 11:15:24 AM, error: yukonwxp [101] - Driver has encountered an internal error
1/13/2013 11:14:59 AM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 001A8063E391. The following error occurred: The semaphore timeout period has expired. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
1/13/2013 11:14:13 AM, error: PlugPlayManager [12] - The device 'Docking Station' (ACPI\DockDevice\_SB_.DOCK) disappeared from the system without first being prepared for removal.
1/13/2013 11:14:04 AM, error: yukonwxp [106] - Adapter hardware initialization failed
1/10/2013 6:51:01 PM, error: IFXTPM [3] - IFXTPM: Device driver could not be started - c000009c
1/10/2013 12:10:10 PM, error: PlugPlayManager [12] - The device 'Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller' (PCI\VEN_11AB&DEV_4362&SUBSYS_81FE104D&REV_23\4&1b09a299&0&00E3) disappeared from the system without first being prepared for removal.
.
==== End Of File ===========================

#7 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,155 posts
  • Gender:Male
  • Location:US

Posted 15 January 2013 - 07:33 PM

The computer appears to possibly be infected.

Please follow the advice from here: Available Assistance for Possibly Infected Computers and someone will assist you with this further.

Thanks

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#8 daledoc1

daledoc1

    Forum Deity

  • Spam Hunters
  • PipPipPipPipPipPip
  • 11,904 posts
  • Gender:Not Telling

Posted 16 January 2013 - 05:33 AM

==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 1.579 GiB free.


It also looks as if you are just about out of space on your hard drive. ;)

Having said that, it appears that you have taken AdvancedSetup's advice to have an expert assist with cleaning your computer of possible infections: http://forums.malwar...howtopic=121105

When you get the "all clear" from your malware helper, you'll probably need to free up some space on your hard drive, in order for Windows and your programs to run properly.

<just a thought>

daledoc1

Just a home user & forum volunteer
DT1: Win7/Ult/64 SP1; Intel Core i7-3770 @3.4 GHz; 16 GB RAM; NVidia GeForce GT620; IE9; Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner
DT2: Win7 Ult/64 SP1; Intel Core i7-860 @2.8 GHz; 8 GB RAM; ATI Radeon HD 5770; IE 9, Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner.
LT: Win7 Pro/64 SP1; Intel Core i7-3632 cached @3.2 GHz; 16 GB RAM; NVidia GeForce GT640M; IE 10; Fx; TB; WLAN; MBAM PRO 1.75.0.1300; Sophos ES 10.3; SAS Free; CCleaner.


#9 sgbrown68

sgbrown68

    New Member

  • Members
  • Pip
  • 25 posts

Posted 16 January 2013 - 06:31 AM

well, in truth, it's gotten worse. this morning windows wouldn't fully load. it got to where it would load up to the desktop, but the desktop wouldn't fully load (no start button, no icons on desktop, no taskbar, just the wallpaper). i could get taskmanager to run, ran chkdsk from "run" prompt in taskmanager, it found several problems, but on reboot, did the same thing, got the wallpaper but nothing else. rebooted in safe mode and am now attempting to restore to an earlier date. if that doesn't work, i'll go back into safe mode and free up space on my hard drive and see if that helps.

#10 daledoc1

daledoc1

    Forum Deity

  • Spam Hunters
  • PipPipPipPipPipPip
  • 11,904 posts
  • Gender:Not Telling

Posted 16 January 2013 - 06:34 AM

Hi:

If I were in your shoes, I'd be reluctant to do any significant "self-medicating", for fear of making the problem worse.
I was just pointing out an observation from your scan log.

It's best to wait for expert help in your other topic over in the malware removal section.
Your helper will guide you through the process.
Please be patient -- someone will be along to assist you soon.

Good luck!

daledoc1

Just a home user & forum volunteer
DT1: Win7/Ult/64 SP1; Intel Core i7-3770 @3.4 GHz; 16 GB RAM; NVidia GeForce GT620; IE9; Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner
DT2: Win7 Ult/64 SP1; Intel Core i7-860 @2.8 GHz; 8 GB RAM; ATI Radeon HD 5770; IE 9, Fx; TB; Cable HSI; MBAM PRO 1.75.0.1300; KIS2014; SAS Free; CCleaner.
LT: Win7 Pro/64 SP1; Intel Core i7-3632 cached @3.2 GHz; 16 GB RAM; NVidia GeForce GT640M; IE 10; Fx; TB; WLAN; MBAM PRO 1.75.0.1300; Sophos ES 10.3; SAS Free; CCleaner.


#11 sgbrown68

sgbrown68

    New Member

  • Members
  • Pip
  • 25 posts

Posted 16 January 2013 - 06:35 AM

ok will do and thanks




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users