Run as Adminstrator Side Menu

By Jack421
Jul 2, 2011
  1. I am having trouble running programs as an administrator from the side menu! What might be the problem? The right click menu!

    Attached Files:

  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    You started a thread here on 5/27/2011 re: Billieo. You pasted a large number of logs in the post. I replied, giving you the information that we do not accept attached logs, that they must be pasted to be reviewed.

    You deserted the thread.

    Now you have attached a large number of logs-again, which doesn't follow out preliminary virus removal steps which I also gave you previously-

    Do you intend to continue with this thread? Do you intend to follow the steps in the Preliminary Virus and Malware Removal thread HERE.

    Which also indicate:
    Why are you randomly running rootkit removers? Let me know if you intend to do this right. I?F you don't I'll close the thread.
  3. Jack421

    Jack421 TS Rookie Topic Starter


    Can Not Paste Gmer log is too big 237 kilobytes!

    DDS (Ver_11-05-19.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
    Run by Megatron at 18:11:48 on 2011-06-28
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.958.360 [GMT -7:00]
    AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Online Armor Firewall *Enabled* {32E71E58-6AAE-2557-2ABD-EA739069CE41}
    ============== Running Processes ===============
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Program Files\Emsisoft Anti-Malware\a2service.exe
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\Sandboxie\SbieSvc.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\Online Armor\OAcat.exe
    C:\Program Files\Online Armor\oasrv.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files\Online Armor\oaui.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\Online Armor\OAhlp.exe
    C:\Program Files\Online Armor\OAreg.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Users\Megatron\Downloads\Software\Report Tools\dds.scr
    ============== Pseudo HJT Report ===============
    uStart Page = hxxp://
    uDefault_Page_URL = hxxp://
    uSearch Page = hxxp://
    uSearch Bar = hxxp://
    mStart Page = hxxp://
    mDefault_Page_URL = hxxp://
    uSearchURL,(Default) = hxxp://
    uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
    BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: HP Print Clips: {ffffffff-ff12-44c5-91ec-068e3aa1b2d7} - c:\program files\hp\smart web printing\hpswp_framework.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
    uRun: [DriverMax]
    uRun: [DriverMax_RESTART]
    mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
    mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
    mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    mRun: [hpqSRMon]
    mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
    mRun: [WAWifiMessage] c:\program files\hewlett-packard\hp wireless assistant\WiFiMsg.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
    mRun: [@OnlineArmor GUI] "c:\program files\online armor\oaui.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: &Add animation to IncrediMail Style Box - c:\program files\incredimail\bin\resources\WebMenuImg.htm
    IE: Add to Evernote 4.0 - c:\program files\evernote\evernote\EvernoteIE.dll/204
    IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\evernote\evernote\EvernoteIE.dll/204
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    LSP: c:\program files\trafficcompressor\TCompLsp.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://
    TCP: {6F943519-7881-438D-8857-621C25992B48} =,
    TCP: {88671F84-611F-4E3A-A09C-6719F683C026} =,
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
    SEH: OA Shell Helper: {4f07da45-8170-4859-9b5f-037ef2970034} - c:\progra~1\online~2\oaevent.dll
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
    ================= FIREFOX ===================
    FF - ProfilePath - c:\users\megatron\appdata\roaming\mozilla\firefox\profiles\v7iza886.default\
    FF - prefs.js: - hxxp://;q={searchTerms}
    FF - prefs.js: - DAEMON Search
    FF - prefs.js: browser.startup.homepage - hxxp://
    FF - prefs.js: keyword.URL - hxxp://
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
    FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
    FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
    FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    ============= SERVICES / DRIVERS ===============
    R0 cumon;cumon;c:\windows\system32\drivers\cumon.sys [2011-5-25 227872]
    R0 Evdd;evdd;c:\windows\system32\drivers\evdd.sys [2011-5-25 19816]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-5-20 441176]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-5-20 307928]
    R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2011-5-25 205864]
    R1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [2011-5-25 39048]
    R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2011-5-25 25192]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
    R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:\program files\emsisoft anti-malware\a2service.exe [2011-5-20 2978720]
    R2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\iobit\advanced systemcare 4\ASCService.exe [2011-5-20 352656]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-5-20 19544]
    R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-5-20 53592]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-5-20 42184]
    R2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe [2011-2-15 19968]
    R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
    R2 OAcat;Online Armor Helper Service;c:\program files\online armor\oacat.exe [2011-5-25 381512]
    R2 SvcOnlineArmor;Online Armor;c:\program files\online armor\oasrv.exe [2011-5-25 4326472]
    R3 OAnet;OnlineArmor Service;c:\windows\system32\drivers\OAnet.sys [2011-5-25 29312]
    R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2011-3-24 126696]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 a2acc;a2acc;c:\program files\emsisoft anti-malware\a2accx86.sys [2011-5-20 73728]
    S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2011-5-20 39272]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
    S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\sisoftware\sisoftware sandra lite 2011.sp2c\RpcAgentSrv.exe [2011-6-15 93848]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache;c:\windows\\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    S4 CPMService;COMODO Programs Manager Service;c:\program files\comodo\comodo programs manager\CPMservice.exe [2010-7-22 79304]
    S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
    SUnknown rootrepeal;rootrepeal; [x]
    =============== File Associations ===============
    =============== Created Last 30 ================
    2011-06-15 17:17:57 -------- d-----w- c:\program files\PeaZip
    2011-06-15 17:11:39 -------- d-----w- c:\windows\system32\Adobe
    2011-06-15 17:07:46 -------- d-----w- c:\program files\FrostWire
    2011-06-15 10:12:39 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2011-06-15 10:12:38 141104 ----a-w- c:\program files\internet explorer\sqmapi.dll
    2011-06-15 10:12:34 1797632 ----a-w- c:\windows\system32\jscript9.dll
    2011-06-15 03:20:35 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
    2011-06-15 03:19:19 273408 ----a-w- c:\windows\system32\drivers\afd.sys
    2011-06-15 03:18:57 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
    2011-06-15 03:18:44 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
    2011-06-15 03:18:44 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
    2011-06-15 03:17:03 563712 ----a-w- c:\windows\system32\oleaut32.dll
    2011-06-15 03:10:20 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
    2011-06-15 03:10:17 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
    2011-06-15 03:10:17 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2011-06-15 03:09:11 739328 ----a-w- c:\windows\system32\inetcomm.dll
    2011-06-15 01:22:48 -------- d-----w- c:\program files\iPod
    2011-06-15 01:22:12 -------- d-----w- c:\program files\iTunes
    2011-06-10 01:42:58 -------- d-----w- c:\users\megatron\appdata\local\Yahoo
    2011-06-07 11:03:18 -------- d-----w- C:\z-cassbeth
    2011-06-01 00:42:59 -------- d-----w- c:\program files\Myst
    2011-05-31 22:28:49 -------- d-----w- c:\users\megatron\appdata\roaming\ScummVM
    ==================== Find3M ====================
    2011-06-29 01:04:53 29 ----a-w- c:\windows\system32\TempWmicBatchFile.bat
    2011-06-15 17:10:43 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-05-29 16:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-05-29 16:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-05-26 05:53:56 6904040 ----a-w- c:\windows\system32\SpoonUninstall.exe
    2011-05-24 05:09:57 231248 ----a-w- c:\windows\system32\drivers\truecrypt.sys
    2011-05-23 23:37:56 431672 ----a-w- c:\windows\system32\drivers\sptd.sys
    2011-05-10 12:10:59 40112 ----a-w- c:\windows\avastSS.scr
    2011-05-10 12:03:54 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2011-05-10 11:59:44 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2011-05-04 11:52:22 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-04-06 20:02:26 39048 ----a-w- c:\windows\system32\drivers\oahlp32.sys
    2011-04-06 20:01:32 29312 ----a-w- c:\windows\system32\drivers\OAnet.sys
    2011-04-06 20:01:30 25192 ----a-w- c:\windows\system32\drivers\OAmon.sys
    2011-04-06 20:01:30 205864 ----a-w- c:\windows\system32\drivers\OADriver.sys
    ============= FINISH: 18:14:07.29 ===============

    DDS (Ver_11-05-19.01)
    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 2/28/2009 8:27:59 AM
    System Uptime: 6/28/2011 6:03:50 PM (0 hours ago)
    Motherboard: Quanta | | 30EA
    Processor: AMD Athlon(tm) 64 X2 Dual-Core Processor TK-57 | Socket S1 | 1900/200mhz
    ==== Disk Partitions =========================
    C: is FIXED (NTFS) - 137 GiB total, 86.203 GiB free.
    D: is FIXED (NTFS) - 12 GiB total, 1.981 GiB free.
    E: is CDROM ()
    ==== Disabled Device Manager Items =============
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0004
    Manufacturer: Microsoft
    Name: 6TO4 Adapter
    PNP Device ID: ROOT\*6TO4MP\0004
    Service: tunnel
    ==== System Restore Points ===================
    RP146: 6/28/2011 2:00:19 AM - Scheduled Checkpoint
    ==== Installed Programs ======================
    AbiWord 2.8.6
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader X (10.0.1)
    Adobe Shockwave Player
    Adobe Shockwave Player 11.6
    Advanced SystemCare 4
    AIMP2: Audio Tools
    Any Video Converter 3.2.3
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    AppSnap 1.3.3
    Atheros Driver Installation Program
    Audacity 1.2.6
    avast! Free Antivirus
    CNET TechTracker
    Comodo Dragon
    COMODO Programs Manager
    Compatibility Pack for the 2007 Office system
    Conexant HD Audio
    COWON Media Center - jetAudio Basic VX
    CPUID CPU-Z 1.57.1
    DAEMON Tools Lite
    dBpoweramp Music Converter
    DC++ 0.782
    Debut Video Capture Software
    DivX Setup
    Doc Scrubber v1.1
    DriverMax 5
    Dune 2000
    DVD Shrink 3.2
    DVD Suite
    Dynamic Draw 5.5
    Emsisoft Anti-Malware 5.1
    ESET Online Scanner v3
    EULAlyzer 2.0
    Event Log Explorer 3.3
    EVEREST Home Edition v2.20
    Evernote v. 4.3.1 Update Checker
    FileZilla Client 3.5.0
    Foxit PDF Editor
    Foxit PDF IFilter
    Foxit Phantom
    Foxit Reader 5.0
    Free Studio version 5.0.9
    Freeciv 2.1.9 (Win32 client)
    FreePortScanner 2.8.2
    FrostWire 4.21.8
    Game Booster
    GIMP 2.6.11
    GnuCash 2.4.5
    Google Earth
    Google SketchUp 8
    HandBrake 0.9.5
    HDAUDIO Soft Data Fax Modem with SmartCP
    Hewlett-Packard Active Check
    Hewlett-Packard Asset Agent for Health Check
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    HP Active Support Library
    HP Customer Experience Enhancements
    HP Doc Viewer
    HP DVD Play 3.6
    HP Easy Setup - Frontend
    HP Help and Support
    HP Photosmart Essential 2.5
    HP Quick Launch Buttons 6.40 B2
    HP Smart Web Printing
    HP Total Care Advisor
    HP Update
    HP User Guides 0091
    HP Wireless Assistant
    IcoFX 1.6.4
    IncrediMail 2.0
    Inkscape 0.48.1
    Inno Setup version 5.4.2
    IrfanView (remove only)
    IZArc 4.1.6
    Java Auto Updater
    Java(TM) 6 Update 26
    Junk Mail filter update
    K-Lite Mega Codec Pack 7.1.0
    KeePass Password Safe 1.19b
    LightScribe System Software
    MailWasher Free 6.5.4
    Malwarebytes' Anti-Malware version
    Mesh Runtime
    Messenger Companion
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Baseline Security Analyzer 2.2
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    Microsoft Works
    Mixxx 1.9.0
    MobileMe Control Panel
    Mozilla Firefox 4.0.1 (x86 en-US)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MyDefrag v4.3.1
    Myst for Windows 95
    Mz CPU Accelerator
    NVIDIA Drivers
    Nvu 1.0PR
    Online Armor 5.0
    ooVoo 3.3
    Paint.NET v3.5.8
    PeaZip 3.8
    PeerBlock 1.1 (r518)
    Pegasus Mail
    Python 3.2
    Random Password Generator
    ratDVD 0.78.1444
    Real Alternative 2.0.2
    Revo Uninstaller 1.92
    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
    RomCenter 3.58
    Sandboxie 3.54 (32-bit)
    ScummVM 1.2.1
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Segoe UI
    SiSoftware Sandra Lite 2011.SP2c
    Skype Toolbars
    Skype™ 5.3
    Songbird 1.9.3 (Build 1959)
    Spamihilator (32 bit)
    SpeedFan (remove only)
    SpywareBlaster 4.4
    Synaptics Pointing Device Driver
    TaxACT 2010
    TeraCopy 2.12
    TextMaker Viewer
    The KMPlayer (remove only)
    Unlocker 1.9.1
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    VC80CRTRedist - 8.0.50727.4053
    Vidalia 0.2.12
    VideoPad Video Editor
    Viewpoint Media Player
    Viper 3.0.04
    VLC media player 1.1.9
    WeatherBug Gadget
    Westwood Shared Internet Components
    Winamp Detector Plug-in
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Windows Media Player Firefox Plugin
    Yahoo! Messenger
    Yahoo! Toolbar
    ==== Event Viewer Messages From Past Week ========
    6/28/2011 6:05:15 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    6/27/2011 9:14:00 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
    6/27/2011 5:05:25 PM, Error: EventLog [6008] - The previous system shutdown at 2:54:13 PM on 6/27/2011 was unexpected.
    ==== End Of File ===========================
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,334   +36

    IF GMER is that big, it means that you did not observe and follow this:
    Please delete the current log and rescan with Show All unchecked.
    • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      [o] Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
      [o] Double click on the [​IMG]on your desktop.
    • Check 'Yes I accept terms of use.'
    • Click Start button
    • Accept any security warnings from your browser.
    • Uncheck 'Remove found threats'
    • Check 'Scan archives/
    • Leave remaining settings as is.
    • Press the Start button.
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please wait for the scan to finish.
    • When the scan completes, press List of found threats
    • Push Export of text file and save the file to your desktop using a unique name, such as ESETScan. Paste this log in your next reply.
    • Push the Back button
    • Push Finish

    NOTE: If no malware is found then no log will be produced. Let me know if this is the case.
    Please note: If you have Combofix on the desktop already, please uninstall it. Then download the current version and do the scan: Uninstall directions, if needed
    • Click START> then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    Download Combofix from HERE or HERE and save to the desktop
    • Double click combofix.exe & follow the prompts.
    • ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
      **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
    • .Click on Yes, to continue scanning for malware
    • .If Combofix asks you to update the program, allow
    • .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • .Close any open browsers.
    • .Double click combofix.exe[​IMG] & follow the prompts to run.
    • When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..
    Re-enable your Antivirus software.

    Note 1:Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    Note 2: ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
    Note 3: Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
    Note 4: CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
    Note 5: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion", restart computer to fix the issue.

    Edit to ask question: What did you submit for identification?>>2011-06-07 11:03:18 -------- d-----w- C:\z-cassbeth
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...