Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus or malware unsure of what it is please help


  • This topic is locked This topic is locked
2 replies to this topic

#1 Carrie26

Carrie26

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:21 AM

Posted 24 May 2009 - 11:14 AM

It says windows shut down unexpectedly and windows will contact me when they have a solution?? Also ran malware bytes on it last night and removed 18 infected things and it still is not working I suppose its because it won't shut down or restart properly please help!


DDS (Ver_09-05-14.01) - NTFSx86 NETWORK
Run by Carrie at 12:00:52.33 on Sun 05/24/2009
Internet Explorer: 8.0.6001.18702
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1014.491 [GMT -4:00]

SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\System32\WerFault.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Carrie\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=ML6720
mDefault_Page_URL = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=ML6720
mSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=ML6720
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {089fd14d-132b-48fc-8861-0048ae113215} - c:\program files\siteadvisor\6261\SiteAdv.dll
BHO: McAfee Phishing Filter: {377c180e-6f0e-4d4c-980f-f45bd3d40cf4} - c:\program files\mcafee\msk\mcapbho.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\windows\system32\BAE.dll
TB: McAfee SiteAdvisor: {0bf43445-2f28-4351-9252-17fe6e806aa0} - c:\program files\siteadvisor\6261\SiteAdv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Spare Backup] "c:\program files\spare backup\SpareBackup.exe" /silent
mRun: [mcagent_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey
mRun: [SiteAdvisor] "c:\program files\siteadvisor\6261\SiteAdv.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"
mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"
mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\programdata\scansoft\paperport\11\config\ereg\Ereg.ini"
mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: brother.com\www
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader5.cab
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUplden-us.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {95D88B35-A521-472B-A182-BB1A98356421} - hxxp://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} - hxxp://asp.mathxl.com/books/_Players/MathPlayer.cab
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - c:\program files\siteadvisor\6261\SiteAdv.dll
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\carrie\appdata\roaming\mozilla\firefox\profiles\n28ynodn.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query=
FF - prefs.js: browser.search.selectedEngine - AIM Search
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrab&query=
FF - component: c:\program files\siteadvisor\6261\ff\components\FFHook.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R3 RTL8187B;Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8187B.sys [2007-8-23 251904]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-11-21 24652]
S3 NETw2v32;Intel® PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\system32\drivers\NETw2v32.sys [2006-11-2 2589184]

=============== Created Last 30 ================

2009-05-24 02:23 <DIR> --dsh--- C:\found.000
2009-05-23 22:02 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-05-23 22:02 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-23 22:02 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-05-22 18:09 165,988,397 a------- c:\windows\MEMORY.DMP
2009-05-01 09:39 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-04-30 18:36 97,800 a------- c:\windows\system32\infocardapi.dll
2009-04-30 18:36 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-04-30 18:36 37,384 a------- c:\windows\system32\infocardcpl.cpl
2009-04-30 18:36 622,080 a------- c:\windows\system32\icardagt.exe
2009-04-30 18:36 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
2009-04-30 18:36 11,264 a------- c:\windows\system32\icardres.dll
2009-04-30 18:36 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
2009-04-30 18:36 326,160 a------- c:\windows\system32\PresentationHost.exe
2009-04-30 18:21 96,760 a------- c:\windows\system32\dfshim.dll
2009-04-30 18:20 282,112 a------- c:\windows\system32\mscoree.dll
2009-04-30 18:20 41,984 a------- c:\windows\system32\netfxperf.dll
2009-04-30 18:20 158,720 a------- c:\windows\system32\mscorier.dll
2009-04-30 18:19 83,968 a------- c:\windows\system32\mscories.dll

==================== Find3M ====================

2009-03-16 23:38 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-16 23:38 13,824 a------- c:\windows\system32\apilogen.dll
2009-03-16 23:38 24,064 a------- c:\windows\system32\amxread.dll
2009-03-08 07:34 914,944 a------- c:\windows\system32\wininet.dll
2009-03-08 07:34 43,008 a------- c:\windows\system32\licmgr10.dll
2009-03-08 07:33 18,944 a------- c:\windows\system32\corpol.dll
2009-03-08 07:33 109,056 a------- c:\windows\system32\iesysprep.dll
2009-03-08 07:33 109,568 a------- c:\windows\system32\PDMSetup.exe
2009-03-08 07:33 132,608 a------- c:\windows\system32\ieUnatt.exe
2009-03-08 07:33 107,520 a------- c:\windows\system32\RegisterIEPKEYs.exe
2009-03-08 07:33 107,008 a------- c:\windows\system32\SetIEInstalledDate.exe
2009-03-08 07:33 103,936 a------- c:\windows\system32\SetDepNx.exe
2009-03-08 07:33 420,352 a------- c:\windows\system32\vbscript.dll
2009-03-08 07:32 72,704 a------- c:\windows\system32\admparse.dll
2009-03-08 07:32 71,680 a------- c:\windows\system32\iesetup.dll
2009-03-08 07:32 66,560 a------- c:\windows\system32\wextract.exe
2009-03-08 07:32 169,472 a------- c:\windows\system32\iexpress.exe
2009-03-08 07:31 34,816 a------- c:\windows\system32\imgutil.dll
2009-03-08 07:31 48,128 a------- c:\windows\system32\mshtmler.dll
2009-03-08 07:31 45,568 a------- c:\windows\system32\mshta.exe
2009-03-08 07:22 156,160 a------- c:\windows\system32\msls31.dll
2009-03-03 00:46 3,599,328 a------- c:\windows\system32\ntkrnlpa.exe
2009-03-03 00:46 3,547,632 a------- c:\windows\system32\ntoskrnl.exe
2009-03-03 00:39 183,296 a------- c:\windows\system32\sdohlp.dll
2009-03-03 00:39 551,424 a------- c:\windows\system32\rpcss.dll
2009-03-03 00:39 26,112 a------- c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 00:37 98,304 a------- c:\windows\system32\iasrecst.dll
2009-03-03 00:37 54,784 a------- c:\windows\system32\iasads.dll
2009-03-03 00:37 44,032 a------- c:\windows\system32\iasdatastore.dll
2009-03-02 23:04 666,624 a------- c:\windows\system32\printfilterpipelinesvc.exe
2009-03-02 22:38 17,408 a------- c:\windows\system32\iashost.exe
2009-02-01 19:35 86,016 a------- c:\windows\inf\infstrng.dat
2009-02-01 19:35 86,016 a------- c:\windows\inf\infstor.dat
2009-02-01 19:35 51,200 a------- c:\windows\inf\infpub.dat
2009-01-11 22:06 2,000 a------- c:\users\carrie\appdata\roaming\wklnhst.dat
2008-09-27 22:24 174 a--sh--- c:\program files\desktop.ini
2008-09-27 22:06 665,600 a------- c:\windows\inf\drvindex.dat
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2009-02-01 19:50 0 ---shr-- c:\windows\FFSSET.BIN
2008-04-29 10:24 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2008-04-29 10:24 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2008-04-29 10:24 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat
2008-01-03 18:23 16,384 a--sh--- c:\windows\temp\cookies\index.dat
2008-01-03 18:24 32,768 a--sh--- c:\windows\temp\history\history.ie5\index.dat
2008-01-03 18:23 32,768 a--sh--- c:\windows\temp\temporary internet files\content.ie5\index.dat

============= FINISH: 12:03:17.05 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-05-14.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 8/23/2007 9:37:00 PM
System Uptime: 5/24/2009 11:34:14 AM (1 hours ago)

Motherboard: Gateway | |
Processor: Intel® Pentium® Dual CPU T2310 @ 1.46GHz | uFCPGA2 | 1463/533mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 101 GiB total, 61.549 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 3.885 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP537: 5/2/2009 12:12:27 AM - Scheduled Checkpoint
RP538: 5/3/2009 12:00:07 AM - Scheduled Checkpoint
RP539: 5/4/2009 3:04:15 AM - Scheduled Checkpoint
RP540: 5/5/2009 12:00:08 AM - Scheduled Checkpoint
RP541: 5/6/2009 12:00:06 AM - Scheduled Checkpoint
RP542: 5/7/2009 4:02:52 AM - Scheduled Checkpoint
RP543: 5/8/2009 12:00:08 AM - Scheduled Checkpoint
RP544: 5/8/2009 3:00:13 AM - Windows Update
RP545: 5/9/2009 12:28:19 AM - Scheduled Checkpoint
RP546: 5/10/2009 12:00:07 AM - Scheduled Checkpoint
RP547: 5/11/2009 8:26:05 PM - Scheduled Checkpoint
RP548: 5/13/2009 12:00:06 AM - Scheduled Checkpoint
RP549: 5/13/2009 3:00:26 AM - Windows Update
RP550: 5/14/2009 12:00:11 AM - Scheduled Checkpoint
RP551: 5/14/2009 3:00:13 AM - Windows Update
RP552: 5/15/2009 12:00:12 AM - Scheduled Checkpoint
RP553: 5/16/2009 12:33:13 AM - Scheduled Checkpoint
RP554: 5/17/2009 12:00:07 AM - Scheduled Checkpoint
RP555: 5/18/2009 12:00:09 AM - Scheduled Checkpoint
RP556: 5/19/2009 12:00:07 AM - Scheduled Checkpoint
RP557: 5/20/2009 12:14:07 PM - Scheduled Checkpoint
RP558: 5/22/2009 12:00:12 AM - Scheduled Checkpoint
RP562: 5/24/2009 7:56:40 AM - Scheduled Checkpoint
RP563: 5/24/2009 11:28:07 AM - Restore Operation

==== Installed Programs ======================

Activation Assistant for the 2007 Microsoft Office suites
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.1
Adobe Reader 8.1.2
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Agere Systems HDA Modem
AIM 6
AOL Instant Messenger
BigFix
BookScan&Whiteboard Suite
Brother MFL-Pro Suite MFC-490CW
Browser Address Error Redirector
BufferChm
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
CustomerResearchQFolder
D1400
D1400_Help
DeviceManagementQFolder
dj_sf_ProductContext
dj_sf_software
dj_sf_software_req
Download Updater (AOL LLC)
eSupportQFolder
FaceFilter Studio Brother Edition
Gateway Connect
Gateway Games
Gateway Recovery Center Installer
Geek Squad 24 Hour Computer Support
Google Toolbar for Internet Explorer
Google Updater
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 8.0
HP Deskjet 8.0 Software
HP Imaging Device Functions 8.0
HP Photosmart Essential
HP Product Assistant
HP Solution Center 8.0
HP Update
HPProductAssistant
HPSSupply
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Java™ SE Runtime Environment 6 Update 1
LabelPrint
LimeWire 4.16.6
Malwarebytes' Anti-Malware
MarketResearch
McAfee SecurityCenter
McAfee SiteAdvisor
Microsoft .NET Framework 3.5 SP1
Microsoft Money Essentials
Microsoft Money Shared Libraries
Microsoft Office 2000 Professional
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft WSE 2.0 SP3 Runtime
Move Networks Media Player for Internet Explorer
Mozilla Firefox (3.0.1)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
Napster
Napster Burn Engine
PaperPort Image Printer
Power2Go 5.0
RealPlayer
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
Realtek USB 2.0 Card Reader
REALTEK USB Wireless LAN Driver
ScanSoft PaperPort 11
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
SigmaTel Audio
SolutionCenter
Spare Backup
Status
Synaptics Pointing Device Driver
Toolbox
TrayApp
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Viewpoint Media Player
WeatherBug
WebReg
Windows Live installer
Windows Live Mail
Windows Live Sign-in Assistant

==== Event Viewer Messages From Past Week ========

5/24/2009 12:00:50 AM, Error: EventLog [6008] - The previous system shutdown at 11:59:12 PM on 5/23/2009 was unexpected.
5/24/2009 12:00:31 AM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
5/24/2009 11:15:16 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
5/23/2009 11:45:50 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: mfehidk spldr Wanarpv6
5/23/2009 11:41:21 PM, Error: Service Control Manager [7023] - The Secure Socket Tunneling Protocol Service service terminated with the following error: The RPC server is unavailable.
5/23/2009 11:41:21 PM, Error: Service Control Manager [7001] - The Remote Access Connection Manager service depends on the Secure Socket Tunneling Protocol Service service which failed to start because of the following error: The RPC server is unavailable.
5/23/2009 11:39:47 PM, Error: EventLog [6008] - The previous system shutdown at 11:38:20 PM on 5/23/2009 was unexpected.
5/23/2009 10:18:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNASvc with arguments "" in order to run the server: {24F616A1-B755-4053-8018-C3425DC8B68A}
5/23/2009 10:15:42 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC mfehidk MPFP NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr Tcpip tdx Wanarpv6
5/23/2009 10:15:42 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
5/23/2009 10:15:42 PM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
5/23/2009 10:15:42 PM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.
5/23/2009 10:15:42 PM, Error: Service Control Manager [7001] - The TCP/IP Registry Compatibility service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
5/23/2009 10:15:42 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
5/23/2009 10:15:42 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
5/23/2009 10:15:42 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
5/23/2009 10:15:42 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
5/23/2009 10:15:42 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
5/23/2009 10:15:42 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
5/23/2009 10:15:42 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
5/23/2009 10:15:42 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
5/23/2009 10:15:42 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
5/23/2009 10:15:42 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
5/23/2009 10:15:42 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
5/23/2009 10:15:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
5/23/2009 10:14:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
5/23/2009 10:14:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
5/23/2009 10:14:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
5/23/2009 10:14:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/23/2009 10:14:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
5/23/2009 10:10:47 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
5/22/2009 6:52:04 PM, Error: EventLog [6008] - The previous system shutdown at 6:50:37 PM on 5/22/2009 was unexpected.
5/22/2009 6:16:17 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
5/22/2009 6:14:50 PM, Error: EventLog [6008] - The previous system shutdown at 6:13:11 PM on 5/22/2009 was unexpected.
5/22/2009 5:36:15 PM, Error: Service Control Manager [7000] - The Windows Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/22/2009 5:36:12 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Installer service to connect.
5/22/2009 5:35:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
5/20/2009 9:13:05 PM, Error: Microsoft-Windows-Dhcp-Client [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 001644727795. The following error occurred: The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

==== End Of File ===========================

BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 11,909 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bement, ILL
  • Local time:11:21 PM

Posted 07 June 2009 - 08:23 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


un03.png

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 harrythook

harrythook


  • Members
  • 4,151 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Philadelphia
  • Local time:11:21 PM

Posted 10 June 2009 - 12:34 PM

Due to the lack of activity, this topic is now closed. If you are still in need of assistance please contact me to reopen your request for help.

Veni Vidi Vici
THE FIGHT AGAINST MALWARE


Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users