TechSpot

Redirected search results, random rebooting

By ydontwenukeu
Nov 20, 2011
  1. Hi. My computer has been redirecting google searches, randomly rebooting, and several occasions where i got a blue screen. I have received help from this forum before and was very glad for the help.

    I tried to do the MBAM and GMER scans but neither seem to work. GMER would scan for a minute or so upon opening the file but would stop. I clicked scan, with and without Devices checked, it would scan for a few minutes until suddenly closing the program and producing no logs. I have tried both in Normal mode as well as Safe mode. I did get DDS to run in Safe mode and have included the results below. Any assistance would be greatly appreciated, thank you.

    Attach:

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume2
    Install Date: 11/8/2006 6:00:08 PM
    System Uptime: 11/20/2011 10:00:26 PM (0 hours ago)
    .
    Motherboard: Dell Inc | | 0HK980
    Processor: AMD Athlon(tm) 64 Processor 3200+ | Socket M2 | 2004/1000mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 70 GiB total, 45.847 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP326: 7/8/2011 8:45:50 PM - System Checkpoint
    RP327: 7/9/2011 10:46:29 PM - System Checkpoint
    RP328: 7/10/2011 11:45:44 PM - System Checkpoint
    RP329: 7/12/2011 12:45:30 AM - System Checkpoint
    RP330: 7/13/2011 12:45:40 AM - System Checkpoint
    RP331: 7/14/2011 1:45:39 AM - System Checkpoint
    RP332: 7/15/2011 2:45:37 AM - System Checkpoint
    RP333: 7/16/2011 3:45:31 AM - System Checkpoint
    RP334: 7/17/2011 4:45:33 AM - System Checkpoint
    RP335: 7/18/2011 5:45:28 AM - System Checkpoint
    RP336: 7/19/2011 6:45:32 AM - System Checkpoint
    RP337: 7/20/2011 7:45:32 AM - System Checkpoint
    RP338: 7/21/2011 8:45:28 AM - System Checkpoint
    RP339: 7/22/2011 9:45:24 AM - System Checkpoint
    RP340: 7/23/2011 11:14:50 AM - System Checkpoint
    RP341: 7/24/2011 11:45:24 AM - System Checkpoint
    RP342: 7/25/2011 12:45:22 PM - System Checkpoint
    RP343: 7/26/2011 7:26:07 PM - System Checkpoint
    RP344: 7/28/2011 2:45:49 AM - System Checkpoint
    RP345: 7/29/2011 3:29:21 AM - System Checkpoint
    RP346: 7/30/2011 4:29:25 AM - System Checkpoint
    RP347: 7/31/2011 5:27:11 AM - System Checkpoint
    RP348: 8/1/2011 5:29:20 AM - System Checkpoint
    RP349: 8/2/2011 6:29:22 AM - System Checkpoint
    RP350: 8/3/2011 7:29:21 AM - System Checkpoint
    RP351: 8/4/2011 7:48:25 PM - System Checkpoint
    RP352: 8/5/2011 7:55:10 PM - System Checkpoint
    RP353: 8/6/2011 8:55:04 PM - System Checkpoint
    RP354: 8/7/2011 9:14:43 PM - System Checkpoint
    RP355: 8/8/2011 9:55:09 PM - System Checkpoint
    RP356: 8/9/2011 10:55:09 PM - System Checkpoint
    RP357: 8/10/2011 11:55:10 PM - System Checkpoint
    RP358: 8/12/2011 12:55:09 AM - System Checkpoint
    RP359: 8/13/2011 1:55:11 AM - System Checkpoint
    RP360: 8/14/2011 2:35:40 AM - System Checkpoint
    RP361: 8/15/2011 3:34:37 AM - System Checkpoint
    RP362: 8/16/2011 4:34:36 AM - System Checkpoint
    RP363: 8/17/2011 5:34:37 AM - System Checkpoint
    RP364: 8/18/2011 6:34:33 AM - System Checkpoint
    RP365: 8/19/2011 7:34:33 AM - System Checkpoint
    RP366: 8/20/2011 8:34:36 AM - System Checkpoint
    RP367: 8/21/2011 9:34:35 AM - System Checkpoint
    RP368: 8/22/2011 10:34:33 AM - System Checkpoint
    RP369: 8/23/2011 11:17:56 AM - System Checkpoint
    RP370: 8/24/2011 12:17:56 PM - System Checkpoint
    RP371: 8/25/2011 12:39:55 PM - System Checkpoint
    RP372: 8/26/2011 12:40:58 PM - System Checkpoint
    RP373: 8/27/2011 1:39:55 PM - System Checkpoint
    RP374: 8/28/2011 2:40:16 PM - System Checkpoint
    RP375: 8/30/2011 11:58:53 PM - System Checkpoint
    RP376: 9/1/2011 12:35:07 AM - System Checkpoint
    RP377: 9/2/2011 1:35:08 AM - System Checkpoint
    RP378: 9/3/2011 2:35:09 AM - System Checkpoint
    RP379: 9/4/2011 3:35:05 AM - System Checkpoint
    RP380: 9/5/2011 4:35:08 AM - System Checkpoint
    RP381: 9/6/2011 5:35:08 AM - System Checkpoint
    RP382: 9/7/2011 5:42:33 AM - System Checkpoint
    RP383: 9/8/2011 6:34:53 AM - System Checkpoint
    RP384: 9/9/2011 7:34:51 AM - System Checkpoint
    RP385: 9/10/2011 8:34:52 AM - System Checkpoint
    RP386: 9/11/2011 9:34:45 AM - System Checkpoint
    RP387: 9/12/2011 10:34:46 AM - System Checkpoint
    RP388: 9/13/2011 11:34:47 AM - System Checkpoint
    RP389: 9/14/2011 12:34:47 PM - System Checkpoint
    RP390: 9/15/2011 1:51:18 PM - System Checkpoint
    RP391: 9/16/2011 2:35:49 PM - System Checkpoint
    RP392: 9/17/2011 3:34:44 PM - System Checkpoint
    RP393: 9/18/2011 4:34:45 PM - System Checkpoint
    RP394: 9/19/2011 5:34:42 PM - System Checkpoint
    RP395: 9/21/2011 1:34:18 AM - System Checkpoint
    RP396: 9/22/2011 2:17:18 AM - System Checkpoint
    RP397: 9/23/2011 1:45:35 PM - System Checkpoint
    RP398: 9/24/2011 2:17:12 PM - System Checkpoint
    RP399: 9/25/2011 3:17:13 PM - System Checkpoint
    RP400: 9/28/2011 1:49:59 AM - System Checkpoint
    RP401: 9/29/2011 2:17:01 AM - System Checkpoint
    RP402: 9/30/2011 2:24:22 AM - System Checkpoint
    RP403: 10/1/2011 3:43:01 AM - System Checkpoint
    RP404: 10/2/2011 4:16:54 AM - System Checkpoint
    RP405: 10/3/2011 5:16:51 AM - System Checkpoint
    RP406: 10/4/2011 6:16:59 AM - System Checkpoint
    RP407: 10/5/2011 7:16:52 AM - System Checkpoint
    RP408: 10/6/2011 8:16:53 AM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    AIM 7
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Avira AntiVir Personal - Free Antivirus
    Axis and Allies Starter Pack Full v5.1
    Bonjour
    Broadcom Management Programs
    Cabos
    CCleaner
    Conexant D850 56K V.9x DFVc Modem
    Dell CinePlayer
    Dell Support 3.2
    Dell System Restore
    Digital Content Portal
    Digital Line Detect
    Disc2Phone
    Documentation & Support Launcher
    Download Updater (AOL LLC)
    EarthLink Setup Files
    EducateU
    Foxit Reader
    Free Audio CD Burner version 1.4.7
    Free YouTube Download 3 version 3.0.11.727
    Free YouTube to MP3 Converter version 3.10.6.727
    FrostWire 4.21.3
    Full Tilt Poker
    Games, Music, & Photos Launcher
    GemMaster Mystic
    High Definition Audio Driver Package - KB835221
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Player 10 (KB903157)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB981793)
    Internet Service Offers Launcher
    iPod Updater 2004-11-15
    ISO Recorder
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 23
    Malwarebytes' Anti-Malware version 1.51.2.1300
    MCU
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Small Business Edition 2003
    Microsoft Plus! Digital Media Edition Installer
    Microsoft Plus! Photo Story 2 LE
    Microsoft Silverlight
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Works
    Microsoft_VC80_ATL_x86
    Microsoft_VC80_CRT_x86
    Microsoft_VC80_MFC_x86
    Microsoft_VC80_MFCLOC_x86
    Microsoft_VC90_ATL_x86
    Microsoft_VC90_CRT_x86
    Microsoft_VC90_MFC_x86
    Modem Diagnostic Tool
    MSN
    MSVCRT
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 6 Service Pack 2 (KB973686)
    NetWaiting
    NVIDIA Drivers
    PokerStars
    PokerStove version 1.23
    PokerTracker 3 (remove only)
    PostgreSQL 8.4
    QuickTime
    Revo Uninstaller 1.91
    Rhapsody Player Engine
    Roxio DLA
    SA23xx Device Manager
    Secunia PSI (2.0.0.3001)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB982381)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB981349)
    Segoe UI
    SimCity 4 Deluxe
    Skype Toolbars
    Skype™ 5.1
    Sonic Activation Module
    Sonic Encoders
    Sonic Update Manager
    TeamViewer 6
    Uninstall 1.0.0.1
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Media Player 10 (KB910393)
    Update for Windows Media Player 10 (KB913800)
    Update for Windows Media Player 10 (KB926251)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB961503)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Update Rollup 2 for Windows XP Media Center Edition 2005
    WebFldrs XP
    Windows Imaging Component
    Windows Installer 3.1 (KB893803)
    Windows Installer Clean Up
    Windows Internet Explorer 7
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Messenger
    Windows Live Sign-in Assistant
    Windows Live Upload Tool
    Windows Media Format Runtime
    Windows Media Player 10
    Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
    Windows XP Media Center Edition 2005 KB908246
    Windows XP Media Center Edition 2005 KB912067
    Windows XP Media Center Edition 2005 KB973768
    Windows XP Service Pack 3
    WinRAR archiver
    WOT for Internet Explorer
    .
    ==== Event Viewer Messages From Past Week ========
    .
    11/20/2011 9:54:18 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK8 avgio avipbb Fips IPSec MRxSmb NetBIOS NetBT nvatabus nvraid RasAcd Rdbss SbcpHid ssmdrv Tcpip
    11/20/2011 9:54:18 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
    11/20/2011 9:54:18 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
    11/20/2011 9:54:18 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    11/20/2011 9:54:18 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
    11/20/2011 9:54:18 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    11/20/2011 9:54:18 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    11/20/2011 9:50:26 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
    11/20/2011 9:50:11 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    11/20/2011 9:23:02 PM, error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
    11/20/2011 9:19:46 PM, error: Service Control Manager [7000] - The Machine Debug Manager service failed to start due to the following error: Access is denied.
    11/20/2011 9:19:45 PM, error: DCOM [10005] - DCOM got error "%5" attempting to start the service MDM with arguments "" in order to run the server: {943B6A75-BB5E-41A7-A6D3-A1A5E892B33B}
    11/20/2011 9:17:46 PM, error: DCOM [10005] - DCOM got error "%5" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
    11/20/2011 9:16:29 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
    11/20/2011 9:12:41 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
    11/20/2011 9:08:45 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: nvatabus nvraid
    11/20/2011 9:06:52 PM, error: Service Control Manager [7000] - The Avira AntiVir Guard service failed to start due to the following error: Access is denied.
    11/20/2011 10:12:02 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
    11/20/2011 10:02:27 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AmdK8 avgio avipbb Fips nvatabus nvraid SbcpHid ssmdrv
    .
    ==== End Of File ===========================





    DDS:

    .
    DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
    Internet Explorer: 7.0.5730.13
    Run by Administrator at 22:21:06 on 2011-11-20
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.446.195 [GMT -5:00]
    .
    AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\4030726373:452968207.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\WINDOWS\System32\ping.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3061106
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - c:\program files\wot\WOT.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\program files\wot\WOT.dll
    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [ehTray] c:\windows\ehome\ehtray.exe
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [nwiz] nwiz.exe /install
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
    mRun: [SigmatelSysTrayApp] stsystra.exe
    mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
    mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
    mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    mRun: [B3pmG5sQJd8234A] c:\windows\system32\oekIVrzONx0v2b.exe
    mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
    IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    IE: &Translate English Word - c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
    IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
    IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
    IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    IE: Translate Page into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
    LSP: mswsock.dll
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - hxxp://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    TCP: DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{2DFD8EF7-AFEC-4CE5-974C-9D1043FC8E42} : DhcpNameServer = 192.168.2.1
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    S1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2011-1-21 11608]
    S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-1-21 135336]
    S2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-1-21 269480]
    S2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-1-21 61960]
    S2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
    S2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4;C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files/PostgreSQL/8.4/data" -w --> C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 [?]
    S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-1-10 993848]
    S2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-1-10 399416]
    S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
    .
    =============== Created Last 30 ================
    .
    .
    ==================== Find3M ====================
    .
    2011-10-06 17:55:33 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-08-31 21:00:50 22216 -c--a-w- c:\windows\system32\drivers\mbam.sys
    .
    ============= FINISH: 22:22:01.10 ===============
     
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Putting GMER aside for now, can you be more specific about what happens when you try to run Malwarebytes or DDS?

    You can do the following then see if they will run. Please attempt the scans in Normal Mode:

    Please download and run the tool below named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

    There are 3 different versions. If one of them won't run then download and try to run the other one.
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
    • Rkill.com
    • Rkill.scr
    • Rkill.exe
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.

    Once you've gotten one of them to run then try to immediately run the following>>>>.

    Please download exeHelper by Raktor and save it to your desktop.
    • Double-click on exeHelper.com or exeHelper.scr to run the fix tool.
    • A black window should pop up, press any key to close once the fix is completed.
    • A log file called exehelperlog.txt will be created and should open at the end of the scan)
    • A copy of that log will also be saved in the directory where you ran exeHelper.com
    • Copy and paste the contents of exehelperlog.txt in your next reply.

    Note: If the window shows a message that says "Error deleting file", please re-run the tool again before posting a log and then post the two logs together (they both will be in the one file).
    =====================================================
    Run the tools in Normal Mode if you can, then try Mbam and DDS without booting after RKill & exehelper
     
  3. ydontwenukeu

    ydontwenukeu TS Rookie Topic Starter Posts: 30

    The two logs above were from DDS in Safe mode (the only program in the 5 steps that would actually run.) When I attempt to run MBAM or GMER I get: "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item" this message appears whether in normal mode or safe mode.

    I ran RKill and ExeHelper in normal mode the log is at the bottom. I attempted MBAM and GMER again in normal mode without rebooting, both gave the same errors. DDS did run in normal mode that is included at the bottom. Thank you for your time.

    Attach:


    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume2
    Install Date: 11/8/2006 6:00:08 PM
    System Uptime: 11/22/2011 3:15:41 AM (0 hours ago)
    .
    Motherboard: Dell Inc | | 0HK980
    Processor: AMD Athlon(tm) 64 Processor 3200+ | Socket M2 | 2004/1000mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 70 GiB total, 45.222 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP326: 7/8/2011 8:45:50 PM - System Checkpoint
    RP327: 7/9/2011 10:46:29 PM - System Checkpoint
    RP328: 7/10/2011 11:45:44 PM - System Checkpoint
    RP329: 7/12/2011 12:45:30 AM - System Checkpoint
    RP330: 7/13/2011 12:45:40 AM - System Checkpoint
    RP331: 7/14/2011 1:45:39 AM - System Checkpoint
    RP332: 7/15/2011 2:45:37 AM - System Checkpoint
    RP333: 7/16/2011 3:45:31 AM - System Checkpoint
    RP334: 7/17/2011 4:45:33 AM - System Checkpoint
    RP335: 7/18/2011 5:45:28 AM - System Checkpoint
    RP336: 7/19/2011 6:45:32 AM - System Checkpoint
    RP337: 7/20/2011 7:45:32 AM - System Checkpoint
    RP338: 7/21/2011 8:45:28 AM - System Checkpoint
    RP339: 7/22/2011 9:45:24 AM - System Checkpoint
    RP340: 7/23/2011 11:14:50 AM - System Checkpoint
    RP341: 7/24/2011 11:45:24 AM - System Checkpoint
    RP342: 7/25/2011 12:45:22 PM - System Checkpoint
    RP343: 7/26/2011 7:26:07 PM - System Checkpoint
    RP344: 7/28/2011 2:45:49 AM - System Checkpoint
    RP345: 7/29/2011 3:29:21 AM - System Checkpoint
    RP346: 7/30/2011 4:29:25 AM - System Checkpoint
    RP347: 7/31/2011 5:27:11 AM - System Checkpoint
    RP348: 8/1/2011 5:29:20 AM - System Checkpoint
    RP349: 8/2/2011 6:29:22 AM - System Checkpoint
    RP350: 8/3/2011 7:29:21 AM - System Checkpoint
    RP351: 8/4/2011 7:48:25 PM - System Checkpoint
    RP352: 8/5/2011 7:55:10 PM - System Checkpoint
    RP353: 8/6/2011 8:55:04 PM - System Checkpoint
    RP354: 8/7/2011 9:14:43 PM - System Checkpoint
    RP355: 8/8/2011 9:55:09 PM - System Checkpoint
    RP356: 8/9/2011 10:55:09 PM - System Checkpoint
    RP357: 8/10/2011 11:55:10 PM - System Checkpoint
    RP358: 8/12/2011 12:55:09 AM - System Checkpoint
    RP359: 8/13/2011 1:55:11 AM - System Checkpoint
    RP360: 8/14/2011 2:35:40 AM - System Checkpoint
    RP361: 8/15/2011 3:34:37 AM - System Checkpoint
    RP362: 8/16/2011 4:34:36 AM - System Checkpoint
    RP363: 8/17/2011 5:34:37 AM - System Checkpoint
    RP364: 8/18/2011 6:34:33 AM - System Checkpoint
    RP365: 8/19/2011 7:34:33 AM - System Checkpoint
    RP366: 8/20/2011 8:34:36 AM - System Checkpoint
    RP367: 8/21/2011 9:34:35 AM - System Checkpoint
    RP368: 8/22/2011 10:34:33 AM - System Checkpoint
    RP369: 8/23/2011 11:17:56 AM - System Checkpoint
    RP370: 8/24/2011 12:17:56 PM - System Checkpoint
    RP371: 8/25/2011 12:39:55 PM - System Checkpoint
    RP372: 8/26/2011 12:40:58 PM - System Checkpoint
    RP373: 8/27/2011 1:39:55 PM - System Checkpoint
    RP374: 8/28/2011 2:40:16 PM - System Checkpoint
    RP375: 8/30/2011 11:58:53 PM - System Checkpoint
    RP376: 9/1/2011 12:35:07 AM - System Checkpoint
    RP377: 9/2/2011 1:35:08 AM - System Checkpoint
    RP378: 9/3/2011 2:35:09 AM - System Checkpoint
    RP379: 9/4/2011 3:35:05 AM - System Checkpoint
    RP380: 9/5/2011 4:35:08 AM - System Checkpoint
    RP381: 9/6/2011 5:35:08 AM - System Checkpoint
    RP382: 9/7/2011 5:42:33 AM - System Checkpoint
    RP383: 9/8/2011 6:34:53 AM - System Checkpoint
    RP384: 9/9/2011 7:34:51 AM - System Checkpoint
    RP385: 9/10/2011 8:34:52 AM - System Checkpoint
    RP386: 9/11/2011 9:34:45 AM - System Checkpoint
    RP387: 9/12/2011 10:34:46 AM - System Checkpoint
    RP388: 9/13/2011 11:34:47 AM - System Checkpoint
    RP389: 9/14/2011 12:34:47 PM - System Checkpoint
    RP390: 9/15/2011 1:51:18 PM - System Checkpoint
    RP391: 9/16/2011 2:35:49 PM - System Checkpoint
    RP392: 9/17/2011 3:34:44 PM - System Checkpoint
    RP393: 9/18/2011 4:34:45 PM - System Checkpoint
    RP394: 9/19/2011 5:34:42 PM - System Checkpoint
    RP395: 9/21/2011 1:34:18 AM - System Checkpoint
    RP396: 9/22/2011 2:17:18 AM - System Checkpoint
    RP397: 9/23/2011 1:45:35 PM - System Checkpoint
    RP398: 9/24/2011 2:17:12 PM - System Checkpoint
    RP399: 9/25/2011 3:17:13 PM - System Checkpoint
    RP400: 9/28/2011 1:49:59 AM - System Checkpoint
    RP401: 9/29/2011 2:17:01 AM - System Checkpoint
    RP402: 9/30/2011 2:24:22 AM - System Checkpoint
    RP403: 10/1/2011 3:43:01 AM - System Checkpoint
    RP404: 10/2/2011 4:16:54 AM - System Checkpoint
    RP405: 10/3/2011 5:16:51 AM - System Checkpoint
    RP406: 10/4/2011 6:16:59 AM - System Checkpoint
    RP407: 10/5/2011 7:16:52 AM - System Checkpoint
    RP408: 10/6/2011 8:16:53 AM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    AIM 7
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Avira AntiVir Personal - Free Antivirus
    Axis and Allies Starter Pack Full v5.1
    Bonjour
    Broadcom Management Programs
    Cabos
    CarbonPoker
    CCleaner
    Conexant D850 56K V.9x DFVc Modem
    Dell CinePlayer
    Dell Support 3.2
    Dell System Restore
    Digital Content Portal
    Digital Line Detect
    Disc2Phone
    Documentation & Support Launcher
    Download Updater (AOL LLC)
    EarthLink Setup Files
    EducateU
    Foxit Reader
    Free Audio CD Burner version 1.4.7
    Free YouTube Download 3 version 3.0.11.727
    Free YouTube to MP3 Converter version 3.10.6.727
    FrostWire 4.21.3
    Full Tilt Poker
    Games, Music, & Photos Launcher
    GemMaster Mystic
    High Definition Audio Driver Package - KB835221
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Player 10 (KB903157)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB981793)
    Internet Service Offers Launcher
    iPod Updater 2004-11-15
    ISO Recorder
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 23
    Lock Poker
    Malwarebytes' Anti-Malware version 1.51.2.1300
    MCU
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Small Business Edition 2003
    Microsoft Plus! Digital Media Edition Installer
    Microsoft Plus! Photo Story 2 LE
    Microsoft Silverlight
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Works
    Microsoft_VC80_ATL_x86
    Microsoft_VC80_CRT_x86
    Microsoft_VC80_MFC_x86
    Microsoft_VC80_MFCLOC_x86
    Microsoft_VC90_ATL_x86
    Microsoft_VC90_CRT_x86
    Microsoft_VC90_MFC_x86
    Modem Diagnostic Tool
    MSN
    MSVCRT
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 6 Service Pack 2 (KB973686)
    NetWaiting
    NVIDIA Drivers
    PokerStars
    PokerStove version 1.23
    PokerTracker 3 (remove only)
    PostgreSQL 8.4
    QuickTime
    Revo Uninstaller 1.91
    Rhapsody Player Engine
    Roxio DLA
    SA23xx Device Manager
    Secunia PSI (2.0.0.3001)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB982381)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB981349)
    Segoe UI
    SimCity 4 Deluxe
    Skype Toolbars
    Skype™ 5.1
    Sonic Activation Module
    Sonic Encoders
    Sonic Update Manager
    TeamViewer 6
    Uninstall 1.0.0.1
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Media Player 10 (KB910393)
    Update for Windows Media Player 10 (KB913800)
    Update for Windows Media Player 10 (KB926251)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB961503)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Update Rollup 2 for Windows XP Media Center Edition 2005
    Warcraft III
    WebFldrs XP
    Windows Imaging Component
    Windows Installer 3.1 (KB893803)
    Windows Installer Clean Up
    Windows Internet Explorer 7
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Messenger
    Windows Live Sign-in Assistant
    Windows Live Upload Tool
    Windows Media Format Runtime
    Windows Media Player 10
    Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
    Windows XP Media Center Edition 2005 KB908246
    Windows XP Media Center Edition 2005 KB912067
    Windows XP Media Center Edition 2005 KB973768
    Windows XP Service Pack 3
    WinRAR archiver
    WOT for Internet Explorer
    .
    ==== Event Viewer Messages From Past Week ========
    .
    11/20/2011 9:55:10 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
    11/20/2011 9:54:18 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK8 avgio avipbb Fips IPSec MRxSmb NetBIOS NetBT nvatabus nvraid RasAcd Rdbss SbcpHid ssmdrv Tcpip
    11/20/2011 9:54:18 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
    11/20/2011 9:54:18 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
    11/20/2011 9:54:18 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    11/20/2011 9:54:18 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
    11/20/2011 9:54:18 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    11/20/2011 9:54:18 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    11/20/2011 9:47:55 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
    11/20/2011 9:41:19 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
    11/20/2011 9:28:59 PM, error: Service Control Manager [7000] - The Machine Debug Manager service failed to start due to the following error: Access is denied.
    11/20/2011 9:28:59 PM, error: DCOM [10005] - DCOM got error "%5" attempting to start the service MDM with arguments "" in order to run the server: {943B6A75-BB5E-41A7-A6D3-A1A5E892B33B}
    11/20/2011 9:23:02 PM, error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
    11/20/2011 9:17:46 PM, error: DCOM [10005] - DCOM got error "%5" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
    11/20/2011 9:08:45 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: nvatabus nvraid
    11/20/2011 9:06:52 PM, error: Service Control Manager [7000] - The Avira AntiVir Guard service failed to start due to the following error: Access is denied.
    11/20/2011 11:39:28 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MDM with arguments "" in order to run the server: {943B6A75-BB5E-41A7-A6D3-A1A5E892B33B}
    11/20/2011 11:37:24 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
    11/20/2011 10:02:27 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AmdK8 avgio avipbb Fips nvatabus nvraid SbcpHid ssmdrv
    11/20/2011 10:01:40 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    .
    ==== End Of File ===========================



    DDS:


    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 7.0.5730.13
    Run by mine at 3:48:11 on 2011-11-22
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.446.196 [GMT -5:00]
    .
    AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
    .
    ============== Running Processes ===============
    .
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = about:blank
    uInternet Settings,ProxyOverride = *.local
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - c:\program files\wot\WOT.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\program files\wot\WOT.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [ehTray] c:\windows\ehome\ehtray.exe
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [nwiz] nwiz.exe /install
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
    mRun: [SigmatelSysTrayApp] stsystra.exe
    mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
    mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
    mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    mRun: [B3pmG5sQJd8234A] c:\windows\system32\oekIVrzONx0v2b.exe
    mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
    IE: Free YouTube Download - c:\documents and settings\mine\application data\dvdvideosoftiehelpers\freeyoutubedownload.htm
    IE: Free YouTube to MP3 Converter - c:\documents and settings\mine\application data\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
    IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
    LSP: mswsock.dll
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - hxxp://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    TCP: DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{2DFD8EF7-AFEC-4CE5-974C-9D1043FC8E42} : DhcpNameServer = 192.168.2.1
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R? AntiVirService;Avira AntiVir Guard
    R? postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4
    S? AntiVirSchedulerService;Avira AntiVir Scheduler
    S? avgio;avgio
    S? avgntflt;avgntflt
    S? McrdSvc;Media Center Extender Service
    S? PSI;PSI
    S? Secunia PSI Agent;Secunia PSI Agent
    S? Secunia Update Agent;Secunia Update Agent
    .
    =============== Created Last 30 ================
    .
    2011-11-22 08:13:01 294400 ----a-w- c:\documents and settings\all users\exeHelper.com
    2011-11-22 08:12:51 1008092 ----a-w- c:\documents and settings\all users\rkill.exe
    2011-11-22 08:12:42 1008092 ----a-w- c:\documents and settings\all users\rkill.scr
    2011-11-22 08:12:35 1008092 ----a-w- c:\documents and settings\all users\rkill.com
    .
    ==================== Find3M ====================
    .
    2011-10-06 17:55:33 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-08-31 21:00:50 22216 -c--a-w- c:\windows\system32\drivers\mbam.sys
    .
    ============= FINISH: 3:49:45.96 ===============



    exehelperlog:

    exeHelper by Raktor
    Build 20100414
    Run at 03:21:46 on 11/22/11
    Now searching...
    Checking for numerical processes...
    Checking for sysguard processes...
    Checking for bad processes...
     
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Please read the directions carefully. RKill specifically says you only need one of the 3 to run> you got all 3:
    2011-11-22 08:12:51 1008092 ----a-w- c:\documents and settings\all users\rkill.exe
    2011-11-22 08:12:42 1008092 ----a-w- c:\documents and settings\all users\rkill.scr
    2011-11-22 08:12:35 1008092 ----a-w- c:\documents and settings\all users\rkill.com
    ===============================
    For the permissions issue:
    Add "Take Ownership" to Explorer Right-Click Menu in Win 7 or Vista
    DownloadTakeOwnership.zip and save to your desktop.
    • Unzip (extract) the files contained in the zipfile.
    • Double-click the InstallTakeOwnership.reg file and click through the prompts. No reboot necessary.
    [​IMG]

    Here’s what the new right-click menu will look like after installing this registry hack.
    [​IMG]
    (Images courtesy howtogeek)
    This should allow you to do the right click on those parts of the system that are denying you permissions and 'take ownership.'
    ==============================================
    Please try Mbam again.
    ============================================
    The run the following:
    Please note: If you have previously run Combofix and it's still on the system, please uninstall it. Then download the current version and do the scan: Uninstall directions, if needed
    • Click START> then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    --------------------------------------
    Download Combofix from HERE or HERE and save to the desktop
    • Double click combofix.exe & follow the prompts.
    • ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
      **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    • Once installed, you should see a blue screen prompt that says:
      The Recovery Console was successfully installed.
    • .Click on Yes, to continue scanning for malware
    • .If Combofix asks you to update the program, allow
    • .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • .Close any open browsers.
    • .Double click combofix.exe[​IMG] & follow the prompts to run.
    • When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..
    Re-enable your Antivirus software.

    Note 1:Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    Note 2: ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
    Note 3: Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
    Note 4: CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
    Note 5: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion", restart computer to fix the issue.
    ===============================
    • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
      ESETOnlineScan
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      [o] Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
      [o] Double click on the [​IMG]on your desktop.
    • Check 'Yes I accept terms of use.'
    • Click Start button
    • Accept any security warnings from your browser.
      [​IMG]
    • Uncheck 'Remove found threats'
    • Check 'Scan archives/
    • Leave remaining settings as is.
    • Press the Start button.
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please wait for the scan to finish.
    • When the scan completes, press List of found threats
    • Push Export of text file and save the file to your desktop using a unique name, such as ESETScan. Paste this log in your next reply.
    • Push the Back button
    • Push Finish

    NOTE: If no malware is found then no log will be produced. Let me know if this is the case.
     
  5. ydontwenukeu

    ydontwenukeu TS Rookie Topic Starter Posts: 30

    I downloaded all three of the RKill programs at once incase one of them didnt work but only ran one of them. If that is a big deal I can remove the other two. I downloaded and ran the TakeOwnership program but no 'Take Ownership' option appeared in the right click menus.. I am running Windows XP if I failed to mention that earlier I am sorry. I did not run ComboFix or ESET yet as I wasnt sure if you wanted me to do so without first getting MBAM to run properly.
     
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    It's a 'big deal' because you were told you only needed one. If one didn't work, you were told to delete it. You did not do that so when you run RKill, it has to waste time removing the other two!
    =============================
    How to take ownership of a file or a folder in Windows XP
    Please see http://support.microsoft.com/kb/308421
    =============================
    Then go ahead with the 3 scans.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...