i have the virus: he's dead jim

**9000244772** · 08-07-2011

i have the virus: he's dead jim and its slowing down the computer terribly.
it started a while ago and it only used to slow down the computer when we watched online videos, then we would just restart and it would solve the problem.
lately, it started slowing the whole system, simple things too. the computer cant stay on for more than 40min in one shot if im working on it. after like 15 minutes, it starts slowing down till it freezes completely or simply shuts down. then i cant turn it on for another 15 minutes, if i attempt, it shuts again.
i realized we had this virus after a few times, when it used to shut in the beginning, a purple screen used to come up and it said he's dead jim.
attached is the scans that i did.
i would also like to know how to avoid getting this virus again and which internet browser is safer.
thnx

GMER 1.0.15.15640 - GMER - Rootkit Detector and Remover
Rootkit scan 2011-07-08 12:19:45
Windows 6.1.7601 Service Pack 1
Running: download[1].exe

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D3 6E972-E325-11CE-BFC1-08002BE10318}\{9E93880B-E609-4AF4-B062-23D6374DE310}\Connection@Name isatap.{3388EEFF-01E9-465F-AA07-99D410614B44}
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D3 6E972-E325-11CE-BFC1-08002BE10318}\{E653C196-C5FE-48BD-875D-71B714A512BC}\Connection@Name 6TO4 Adapter
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d3 6e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind \Device\{9E93880B-E609-4AF4-B062-23D6374DE310}?\Device\{9A90725D-889E-4A6E-B2E3-51EA1590B384}?\Device\{D06063F1-8645-4014-8770-921050345E6F}?\Device\{E653C196-C5FE-48BD-875D-71B714A512BC}?\Device\{4613F514-DE89-4D2C-95E6-109832747602}?\Device\{10B40DED-9120-4D33-8C48-6B168E8A313A}?\Device\{C1BD16A9-8C3F-422D-9A65-3FA0E5BDCCE1}?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d3 6e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route "{9E93880B-E609-4AF4-B062-23D6374DE310}"?"{9A90725D-889E-4A6E-B2E3-51EA1590B384}"?"{D06063F1-8645-4014-8770-921050345E6F}"?"{E653C196-C5FE-48BD-875D-71B714A512BC}"?"{4613F514-DE89-4D2C-95E6-109832747602}"?"{10B40DED-9120-4D33-8C48-6B168E8A313A}"?"{C1BD16A9-8C3F-422D-9A65-3FA0E5BDCCE1}"?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d3 6e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export \Device\TCPIP6TUNNEL_{9E93880B-E609-4AF4-B062-23D6374DE310}?\Device\TCPIP6TUNNEL_{9A90725D-889E-4A6E-B2E3-51EA1590B384}?\Device\TCPIP6TUNNEL_{D06063F1-8645-4014-8770-921050345E6F}?\Device\TCPIP6TUNNEL_{E653C196-C5FE-48BD-875D-71B714A512BC}?\Device\TCPIP6TUNNEL_{4613F514-DE89-4D2C-95E6-109832747602}?\Device\TCPIP6TUNNEL_{10B40DED-9120-4D33-8C48-6B168E8A313A}?\Device\TCPIP6TUNNEL_{C1BD16A9-8C3F-422D-9A65-3FA0E5BDCCE1}?
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Pa rameters\6To4\{E653C196-C5FE-48BD-875D-71B714A512BC}@InterfaceName 6TO4 Adapter
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Pa rameters\6To4\{E653C196-C5FE-48BD-875D-71B714A512BC}@ReusableType 0
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Pa rameters\Isatap\{9E93880B-E609-4AF4-B062-23D6374DE310}@InterfaceName isatap.{3388EEFF-01E9-465F-AA07-99D410614B44}
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Pa rameters\Isatap\{9E93880B-E609-4AF4-B062-23D6374DE310}@ReusableType 0
Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Epoch@Epoch 8751
Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Epoch2@Epoch 3331
Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules@{5861B5D 6-DFA7-4DD6-B477-49C69A6C73AD} v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58| ICMP6=128:*|App=System|Name=@IpHlpSvc.dll,-502|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-25000|
Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules@{BADDF1B 9-DB4D-43D8-B556-9BCE42BAE4EE} v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58 |ICMP6=128:*|Name=@IpHlpSvc.dll,-503|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-25000|

---- Files - GMER 1.0.15 ----

File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Game Manual\FF_game_manual_v2 Folder\FF_game_manual_v2 Folder\Fonts\latha.ttf 73292 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Game Manual\FF_game_manual_v2 Folder\FF_game_manual_v2 Folder\Fonts\TEMPSITC.TTF 76100 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Game Manual\FF_game_manual_v2 Folder\FF_game_manual_v2 Folder\Links\happy.jpg 452835 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Game Manual\FF_game_manual_v2 Folder\FF_game_manual_v2 Folder\Links\old.jpg 497611 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Game Manual\FF_game_manual_v2 Folder\FF_game_manual_v2 Folder\Links\sad.jpg 504763 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Game Manual\FF_game_manual_v2 Folder\FF_game_manual_v2 Folder\Links\young.jpg 481925 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\irregular plurals bookcover open file to send to ga\links\calf.ai 356324 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\irregular plurals bookcover open file to send to ga\links\child.ai 254888 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\irregular plurals bookcover open file to send to ga\links\die.ai 199320 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\irregular plurals bookcover open file to send to ga\links\foot.ai 217928 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\irregular plurals bookcover open file to send to ga\links\fun and function bw logo.ai 78645 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\irregular plurals bookcover open file to send to ga\links\knife.ai 284780 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\irregular plurals bookcover open file to send to ga\links\mouse.ai 222028 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\irregular plurals bookcover open file to send to ga\links\ox.ai 185502 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\irregular plurals bookcover open file to send to ga\links\thief.ai 239206 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\calves.jpg 38397 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\children.jpg 48388 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\deer_plural.jpg 43798 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\dice.jpg 36236 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\elves.jpg 39911 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\feet.jpg 24760 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\fish.jpg 674283 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\fish_plural.jpg 598215 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\geese.jpg 57047 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\knives.jpg 29838 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\leaves.jpg 76361 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\loaves.jpg 590280 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\men_new.jpg 77537 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\mice_color.jpg 28602 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\oxen.jpg 34867 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\people.jpg 106579 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\shelves.jpg 25747 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\teeth.jpg 20556 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\thieves.jpg 37329 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\wolves_new.jpg 634824 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook Images Plural JPEG\women.jpg 76554 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook images singular JPEG\deer.jpg 67923 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook images singular JPEG\elf.jpg 79165 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook images singular JPEG\fish1_color.jpg 585541 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook images singular JPEG\goose2.jpg 61740 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook images singular JPEG\loaf.jpg 38768 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook images singular JPEG\man.jpg 590872 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook images singular JPEG\mouse_resized.jpg 69820 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook images singular JPEG\ox.jpg 62207 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\Workbook images singular JPEG\thief.jpg 68644 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\foot_simple.ai 54281 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\mouse.ai 168837 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\book_simple.ai 74302 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\businessmen.ai 97584 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\calves.ai 101488 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\children.ai 106272 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\children_gray.ai 83210 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\crossword.ai 1317209 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\crossword.jpg 1913143 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\deer.ai 92347 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\deer_plural.ai 108646 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\deer_simple.ai 58979 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\dice-2.ai 61892 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\dice.ai 90415 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\elf.ai 97635 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\elves.ai 116659 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\feet.ai 66207 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\fish-3.ai 1089656 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\fish.ai 919201 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\fish_ocean.ai 1122072 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\fish_plural.ai 995936 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\geese.ai 101056 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\goose.ai 90482 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\kitten_simple.ai 1085936 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\knives.ai 79536 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\leaf.ai 64249 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\leaves.ai 109530 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\loaf.ai 55270 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\loaves.ai 1060922 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\man.ai 1068722 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\man_simple.ai 1081153 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\men.ai 111023 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\men_simple.ai 86940 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\mice.ai 965076 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\mice2.ai 1216701 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\mice2.pdf 81347 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\mouse_simple.ai 1195879 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\ox.ai 91824 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\oxen.ai 108556 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\people.ai 152338 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\shelves.ai 68433 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\sqiggleys.ai 1974434 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\teeth.ai 942291 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\teeth.pdf 55549 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\thief.ai 82329 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\thief_simple.ai 70617 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\thieves.ai 107474 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\Untitled-2.pdf 631030 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\wolves.ai 106397 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\women.ai 111331 bytes
File C:\Users\steiner\Desktop\SugarSync Shared Folders\Rayzel Broyde\Fun and Function\F&F Exclusive Products\Language Wizard Series\Language Wizard Memory Matching\Memory Matching\Memory Matching Workbook\Singular and Plural drawings\workbook_graphics Illustrator\women_simple.ai 84881 bytes

---- EOF - GMER 1.0.15 ----

aswMBR version 0.9.7.705 Copyright(c) 2011 AVAST Software
Run date: 2011-07-08 12:24:01
-----------------------------
12:24:01.677 OS Version: Windows x64 6.1.7601 Service Pack 1
12:24:01.677 Number of processors: 4 586 0x2502
12:24:01.677 ComputerName: STEINER-PC UserName: steiner
12:24:03.861 Initialize success
12:24:45.342 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:24:45.342 Disk 0 Vendor: ST9500420AS D004SDM1 Size: 476940MB BusType: 11
12:24:47.385 Disk 0 MBR read successfully
12:24:47.385 Disk 0 MBR scan
12:24:47.385 Disk 0 Windows 7 default MBR code
12:24:47.401 Service scanning
12:24:48.540 Disk 0 trace - called modules:
12:24:48.540 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
12:24:48.555 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80051cf060]
12:24:48.571 3 CLASSPNP.SYS[fffff880019aa43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004f1d680]
12:24:48.571 Scan finished successfully
12:25:09.100 Disk 0 MBR has been saved successfully to "C:\Users\steiner\Desktop\MBR.dat"
12:25:09.100 The log file has been saved successfully to "C:\Users\steiner\Desktop\aswMBR.txt"

.
DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514
Run by steiner at 12:25:53 on 2011-07-08
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3893.2016 [GMT 3:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\SugarSync\SugarSyncManager.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_Ac tiveX.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: {37483B40-C254-4A72-BDA4-22EE90182C1E} - No File
TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
uRun: [AdobeBridge]
uRun: [SugarSync] "C:\Program Files (x86)\SugarSync\SugarSyncManager.exe" -startInTray -usedelay=true
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [Google Update] "C:\Users\steiner\AppData\Local\Google\Update\Goog leUpdate.exe" /c
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [<NO NAME>]
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\steiner\AppData\Roaming\MICROS~1\Windows\ STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\steiner\AppData\Roaming\Dropbox\bin\Dropb ox.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183 CA64F05FDD98.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: Interfaces\{0DD25547-5546-47C1-8C33-12F3F4C6A8E8} : DhcpNameServer = 10.0.0.138 10.0.0.138
TCP: Interfaces\{3388EEFF-01E9-465F-AA07-99D410614B44} : NameServer = 194.90.1.5 212.143.212.143
TCP: Interfaces\{35D48404-AF4B-448C-9278-0F4467BDF884} : DhcpNameServer = 10.0.1.1
TCP: Interfaces\{35D48404-AF4B-448C-9278-0F4467BDF884}\24F696E676F60284F6473707F647 : DhcpNameServer = 10.3.0.2
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: {37483B40-C254-4A72-BDA4-22EE90182C1E} - No File
TB-X64: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [(Default)]
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-14 20992]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-6-8 375176]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-1-11 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDrive r.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-7-8 366640]
R2 rimspci;rimspci;C:\Windows\system32\DRIVERS\rimspe 64.sys --> C:\Windows\system32\DRIVERS\rimspe64.sys [?]
R2 risdpcie;risdpcie;C:\Windows\system32\DRIVERS\risd pe64.sys --> C:\Windows\system32\DRIVERS\risdpe64.sys [?]
R2 rixdpcie;rixdpcie;C:\Windows\system32\DRIVERS\rixd pe64.sys --> C:\Windows\system32\DRIVERS\rixdpe64.sys [?]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-11-14 2320920]
R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\system32\DRIVERS\bcmvwl64.sys --> C:\Windows\system32\DRIVERS\bcmvwl64.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system3 2\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsus bflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-07-08 09

34 8873296 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E213EAA3-1EC7-48D8-9678-A5E23A0AD503}\mpengine.dll
2011-07-08 07:59:33 39984 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-08 07:59:27 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-07-08 04:55:23 -------- d-----w- C:\Windows\System32\SPReview
2011-07-08 04:54:40 -------- d-----w- C:\Windows\System32\EventProviders
2011-07-08 04:49:05 48976 ----a-w- C:\Windows\System32\netfxperf.dll
2011-07-08 04:49:05 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2011-07-08 04:47:59 626176 ----a-w- C:\Windows\SysWow64\usp10.dll
2011-07-08 04:46:59 82432 ----a-w- C:\Windows\SysWow64\dot3cfg.dll
2011-07-08 04:45:59 2560 ----a-w- C:\Windows\System32\drivers\en-US\rdpwd.sys.mui
2011-07-08 04:45:55 6144 ----a-w- C:\Windows\System32\drivers\en-US\IPMIDrv.sys.mui
2011-07-08 04:45:55 4608 ----a-w- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui
2011-07-08 04:45:53 399872 ----a-w- C:\Windows\System32\dpx.dll
2011-07-08 04:45:53 189952 ----a-w- C:\Windows\SysWow64\wdscore.dll
2011-07-08 04:45:34 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll
2011-07-08 04:45:34 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll
2011-07-08 04:43:02 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2011-07-07 23:11:59 451072 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll
2011-07-07 23:10:41 2871808 ----a-w- C:\Windows\explorer.exe
2011-07-07 23:09:44 3135488 ----a-w- C:\Windows\System32\win32k.sys
2011-07-07 23:09:01 715776 ----a-w- C:\Windows\System32\kerberos.dll
2011-07-07 23:09:01 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll
2011-07-07 23:08:12 289280 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-07-07 23:08:12 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-07-07 23:08:12 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-07-07 23:08:10 723968 ----a-w- C:\Windows\System32\EncDec.dll
2011-07-07 23:08:09 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2011-07-07 23:08:09 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2011-07-07 23:08:08 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-07-07 23:08:08 259072 ----a-w- C:\Windows\System32\mpg2splt.ax
2011-07-07 23:08:08 1118720 ----a-w- C:\Windows\System32\sbe.dll
2011-07-07 23:08:07 850944 ----a-w- C:\Windows\SysWow64\sbe.dll
2011-07-07 23:08:07 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2011-07-07 23:05:29 367616 ----a-w- C:\Windows\System32\atmfd.dll
2011-07-07 23:05:29 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-07-07 23:05:28 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2011-07-07 23:05:28 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-07-07 23:05:28 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-07-07 23:05:28 100864 ----a-w- C:\Windows\System32\fontsub.dll
2011-07-07 23:05:26 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-07-07 23:05:25 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-07-07 23:03:44 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-07-07 23:03:44 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-07-07 23:03:41 974336 ----a-w- C:\Windows\System32\WFS.exe
2011-07-07 23:03:41 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
2011-07-07 21:51:20 -------- d-----w- C:\43d61a290f5779b01a250e11
2011-07-07 21:50:38 -------- d-----w- C:\Users\steiner\AppData\Local\LogMeIn
2011-07-07 21:50:31 60800 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\LMIproc.dll
2011-07-07 21:50:30 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2011-07-07 21:50:30 72216 ----a-w- C:\Windows\System32\drivers\LMIRfsDriver.sys
2011-07-07 21:50:30 33152 ----a-w- C:\Windows\System32\LMIport.dll
2011-07-07 21:50:26 80768 ----a-w- C:\Windows\System32\LMIinit.dll
2011-07-07 21:50:23 -------- d-----w- C:\ProgramData\LogMeIn
2011-07-07 21:50:05 -------- d-----w- C:\Program Files (x86)\LogMeIn
2011-06-20 13:22:12 -------- d-----w- C:\Program Files (x86)\TeamViewer
.
==================== Find3M ====================
.
2011-07-08 05:03:34 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-07-08 05:03:34 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-05-29 06:11:20 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-05-28 03:30:09 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-05-28 02:53:58 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-05-24 11:42:55 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2011-05-24 10:40:05 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2011-05-24 10:40:05 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2011-05-24 10:39:38 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37:54 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2011-05-04 05:25:03 2315776 ----a-w- C:\Windows\System32\tquery.dll
2011-05-04 05:22:25 778752 ----a-w- C:\Windows\System32\mssvp.dll
2011-05-04 05:22:25 2223616 ----a-w- C:\Windows\System32\mssrch.dll
2011-05-04 05:22:24 75264 ----a-w- C:\Windows\System32\msscntrs.dll
2011-05-04 05:22:24 491520 ----a-w- C:\Windows\System32\mssph.dll
2011-05-04 05:22:24 288256 ----a-w- C:\Windows\System32\mssphtb.dll
2011-05-04 05:19:28 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe
2011-05-04 05:19:28 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe
2011-05-04 05:19:28 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe
2011-05-04 04:34:43 1549312 ----a-w- C:\Windows\SysWow64\tquery.dll
2011-05-04 04:32:02 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll
2011-05-04 04:32:01 337408 ----a-w- C:\Windows\SysWow64\mssph.dll
2011-05-04 04:32:01 197120 ----a-w- C:\Windows\SysWow64\mssphtb.dll
2011-05-04 04:32:01 1401344 ----a-w- C:\Windows\SysWow64\mssrch.dll
2011-05-04 04:32:00 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll
2011-05-04 04:28:31 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe
2011-05-04 04:28:31 427520 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe
2011-05-04 04:28:31 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe
2011-04-29 03:06:10 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-04-29 03:05:49 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-04-29 03:05:37 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-04-25 05:33:51 1923968 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-04-25 02:34:03 499200 ----a-w- C:\Windows\System32\drivers\afd.sys
2011-04-22 22:15:29 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-04-22 22:08:29 1188864 ----a-w- C:\Windows\System32\wininet.dll
2011-04-22 19:10:01 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
.
============= FINISH: 12:27:30.73 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 11/14/2010 5:44:36 AM
System Uptime: 7/8/2011 11:11:24 AM (1 hours ago)
.
Motherboard: Dell Inc. | | 0G939P
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz | U2E1 | 917/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 274.083 GiB free.
D: is CDROM ()
F: is FIXED (NTFS) - 298 GiB total, 190.619 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: ACPI\SMO8800\1
Manufacturer:
Name:
PNP Device ID: ACPI\SMO8800\1
Service:
.
==== System Restore Points ===================
.
RP184: 7/8/2011 7:55:08 AM - Windows 7 Service Pack 1
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Adobe Acrobat 9 Pro - English, Français, Deutsch
Adobe Acrobat 9.3.0 - CPSID_52073
Adobe AIR
Adobe Community Help
Adobe Creative Suite 5 Design Premium
Adobe Flash Player 10 ActiveX
Adobe Media Player
Adobe Reader 9.4.0
Akamai NetSession Interface
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Google Chrome
Google Talk Plugin
InstallVC90Support
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Components
LogMeIn
Malwarebytes' Anti-Malware version 1.51.0.1200
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Network Recording Player
PDF Settings CS5
RICOH Media Driver ver.2.07.01.04
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft Office 2007 System (KB2541012)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2541007)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype™ 5.1
SugarSync Manager
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2536413)
WebEx
Windows Media Player Firefox Plugin
Windows Movie Maker 2.6
.
==== Event Viewer Messages From Past Week ========
.
7/8/2011 8

20 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/8/2011 8:41:15 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2518867).
7/8/2011 8:37:35 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/8/2011 8:27:21 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
7/8/2011 8:27:21 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/8/2011 8:26:42 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243).
7/8/2011 6:27:31 AM, Error: Service Control Manager [7023] -
7/8/2011 6:27:15 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/8/2011 6:23:37 AM, Error: Application Popup [877] - There was error [DATABASE OPEN FAILED] processing the driver database.
7/8/2011 6:23:29 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/8/2011 6:22:10 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the DW WLAN Tray Service service to connect.
7/8/2011 6:22:10 AM, Error: Service Control Manager [7000] - The DW WLAN Tray Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/8/2011 6:11:59 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based Systems.
7/8/2011 12:37:41 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/8/2011 11:12:37 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/8/2011 10:52:37 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/7/2011 4:38:11 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/7/2011 3:08:32 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/7/2011 12:52:26 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/7/2011 12:41:28 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/7/2011 10:58:50 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/6/2011 9:55:11 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/6/2011 8:19:22 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
7/6/2011 6:07:21 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/6/2011 3:54:44 PM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: The system cannot find the path specified.
7/6/2011 3:54:44 PM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: A system shutdown is in progress.
7/6/2011 3:54:35 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the gpsvc service.
7/6/2011 3:54:05 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RasMan service.
7/6/2011 3:53:35 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
7/6/2011 3:53:05 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service.
7/6/2011 3:53:05 PM, Error: Service Control Manager [7000] - The Multimedia Class Scheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/6/2011 3:52:35 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service.
7/6/2011 3:52:05 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EapHost service.
7/6/2011 3:51:35 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
7/6/2011 3:50:35 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BITS service.
7/6/2011 3:46:05 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.
7/6/2011 3:31:39 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SENS service.
7/6/2011 3:29:39 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IKEEXT service.
7/6/2011 3:09:01 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/6/2011 1:41:41 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/5/2011 8:45:58 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/5/2011 11:51:20 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/4/2011 9:51:45 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/4/2011 9:25:36 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/4/2011 8:12:26 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/4/2011 8:01:21 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TeamViewer6 service.
7/4/2011 11:20:00 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/4/2011 10:25:54 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/4/2011 10:11:36 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/3/2011 12:49:58 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/3/2011 10:01:40 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/2/2011 9:35:15 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
7/1/2011 11:22:25 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.107.690.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Microsoft Corporation: Software, Smartphones, Online, Games, Cloud Computing, IT Business Technology, Downloads Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7000.0 Error code: 0x80072ee2 Error description: The operation timed out
.
==== End Of File ===========================

**broni** · 08-07-2011

Welcome aboard

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running tools or applying updates other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

================================================== ========

I still need Malwarebytes log.

**9000244772** · 09-07-2011

thank you!!
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Database version: 7060

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

7/10/2011 12:03:18 AM
mbam-log-2011-07-10 (00-03-18).txt

Scan type: Quick scan
Objects scanned: 164291
Time elapsed: 3 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

**broni** · 10-07-2011

So far, I don't see much....

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

Please, never rename Combofix unless instructed.
Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
- Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
- Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.
- Close any open browsers.
- WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
- Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
- If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AppRemover to uninstall it: Uninstall & Remove McAfee, Symantec, Norton, AVG, Avast & More Antivirus and Security Applications and Programs
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.

Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to yourname.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe

Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7 right-click on it and choose Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
Do not reboot until instructed.
If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

i have the virus: he's dead jim

i have the virus: he's dead jim

Similar Threads

how do i remove it's dead jim virus on my Win 7 laptop?

Dead TCP/IP Stack = DEAD VISTA !!

It's Dead Jim: The virus that killed my XP

My PC is dead !!

dead pc