Jump to content

ohdear

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hello, I have aquired a strange and mysterious and annoying virus. I'm well mastered at getting rid of them usually, but this one is persistent and I need some help. I will be running the DDS as soon as I can and uploading the results here, but for now I'll just explain what's going. First off, it has hidden my desktop and all my documents and applications so my screen is just blank except for the recycling bin and it won't let me onto the internet. Severel error messages appear all at once titled "Delayed Write Fail" and saying: Failed to save all components for the file \\system32\\0004fec. The file is corrupted or unreadable. This error may be caused by a PC hardware problem. The virus is very clever if it's trying to tell me something is wrong with my hardware. Another box pops open that asks me if I want to cancel and reboot or sacn and fix. But it is not at all like the pretentious "buy my computer scan" viruses like opencloud and such. It looks more like an error message. All my files are still there because I opened in safemode, plugged in a usb and then just went back in the folder until I reached My Computer. I ran Malware Bytes Anti-Malware twice. Below is the log for the second scan, but even after I removed the selected the error messages from before are still showing and all my files and my desktop are still hidden. Please, please help me. The timing for this unfortunate virus is most inconvenient. I'll upload the DDS as soon as I can, but in the meantime my Malware Bytes Anti-Malware log is below. Thank you ever so much. Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Database version: v2012.02.10.08 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Owner :: DELL-E06358862F [administrator] 13/02/2012 15:56:36 mbam-log-2012-02-13 (15-56-36).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 206098 Time elapsed: 43 minute(s), 45 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 7 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowControlPanel (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyDocs (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowRun (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoDesktop (PUM.Hidden.Desktop) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully. Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Okay, so I used Roguekiller and that got rid of the error messages and brought back my desktop and some of my files. However, when I click on My Documents, My Pictures, My Music or anything like that it appears that the folder is empty. I know them to be hidden somehow, because I can still open my recent documents in Openoffice and I can still listen to my music in my Itunes. So, I just need to find out what is hiding my documents and delete it. Below I have my DDS and Attach, I also have a more current Malware Bytes Anti-Malware log if needed: DDS . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22 Run by Owner at 19:44:20 on 2012-02-13 Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.1014.360 [GMT 0:00] . . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe C:\WINDOWS\System32\svchost.exe -k eapsvcs svchost.exe C:\WINDOWS\System32\svchost.exe -k dot3svc C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\WLTRAY.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\WSED\WSED.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\PersistenceThread.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\SearchProtocolHost.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.co.uk/ BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [WSED] c:\program files\wsed\WSED.exe mRun: [<NO NAME>] mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [PersistenceThread] c:\windows\system32\PersistenceThread.exe mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" StartupFolder: c:\docume~1\owner\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {FC1CEE43-039F-451A-9A5A-31D87D032853} - hxxp://netman.gold.ac.uk/client/tools/xc_loader_activex.ocx TCP: DhcpNameServer = 158.223.0.200 158.223.0.201 TCP: Interfaces\{D59E085D-0870-4E3E-9F73-740B24AF4FA8} : DhcpNameServer = 158.223.0.200 158.223.0.201 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Notify: igdlogin - igdlogin.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\jucvw6j4.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/ FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll . ============= SERVICES / DRIVERS =============== . R0 EMSC;COMPAL Embedded System Control;c:\windows\system32\drivers\EMSC.sys [2012-1-25 14248] R3 igd;igd;c:\windows\system32\drivers\igxpmp32.sys [2012-1-25 5088896] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2012-1-25 110080] R3 OA012Afx;Provides a software interface to control audio effects of OA012 camera.;c:\windows\system32\drivers\OA012Afx.sys [2012-1-25 134144] R3 OA012Ufd;Creative Camera OA012 Upper Filter Driver;c:\windows\system32\drivers\OA012Ufd.sys [2012-1-25 133632] R3 OA012Vid;Creative Camera OA012 Function Driver;c:\windows\system32\drivers\OA012Vid.sys [2012-1-25 272256] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2012-1-25 162816] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-1-26 136176] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2012-1-25 1684736] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-1-26 136176] S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\drivers\rts516xir.sys --> c:\windows\system32\drivers\Rts516xIR.sys [?] . =============== Created Last 30 ================ . 2012-02-13 18:21:28 -------- d-----w- C:\TDSSKiller_Quarantine 2012-02-13 14:38:48 448000 ---ha-w- c:\documents and settings\all users\application data\LuXIxkvMDmum.exe 2012-02-09 19:52:44 -------- d--h--w- c:\documents and settings\owner\application data\OpenOffice.org 2012-02-09 17:47:03 -------- d--h--w- c:\program files\OpenOffice.org 3 2012-02-09 17:46:36 73728 ---ha-w- c:\windows\system32\javacpl.cpl 2012-02-09 17:46:36 472808 ---ha-w- c:\windows\system32\deployJava1.dll 2012-01-27 00:08:11 -------- d--h--w- c:\documents and settings\owner\local settings\application data\Apple Computer 2012-01-27 00:07:46 26600 ---ha-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2012-01-27 00:07:46 107368 ---ha-w- c:\windows\system32\GEARAspi.dll 2012-01-27 00:06:15 -------- d-----w- c:\program files\iPod 2012-01-27 00:06:03 -------- d--h--w- c:\documents and settings\all users\application data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2012-01-27 00:06:02 -------- d-----w- c:\program files\iTunes 2012-01-27 00:05:10 -------- d--h--w- c:\documents and settings\owner\local settings\application data\Apple 2012-01-27 00:04:43 4517664 ----a-w- c:\windows\system32\usbaaplrc.dll 2012-01-27 00:04:43 42496 ---ha-w- c:\windows\system32\drivers\usbaapl.sys 2012-01-27 00:04:06 -------- d-----w- c:\program files\Bonjour 2012-01-26 21:12:36 -------- d--h--w- c:\documents and settings\owner\application data\Malwarebytes 2012-01-26 21:12:16 -------- d--h--w- c:\documents and settings\all users\application data\Malwarebytes 2012-01-26 21:12:14 20464 ---ha-w- c:\windows\system32\drivers\mbam.sys 2012-01-26 21:12:14 -------- d--h--w- c:\program files\Malwarebytes' Anti-Malware 2012-01-26 21:02:00 -------- d--h--w- c:\documents and settings\owner\local settings\application data\Temp 2012-01-26 20:56:54 -------- d--h--w- c:\documents and settings\owner\local settings\application data\Google 2012-01-26 20:56:44 414368 ---ha-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-01-26 20:34:39 -------- d--h--w- c:\program files\MSECache 2012-01-26 20:18:12 -------- d--h--r- c:\program files\Skype 2012-01-25 20:06:31 -------- d-----w- c:\windows\ie8updates 2012-01-25 19:49:43 -------- d-----w- c:\windows\system32\XPSViewer 2012-01-25 19:49:06 89088 ---ha-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll 2012-01-25 19:48:55 89088 -c-h--w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2012-01-25 19:48:55 597504 -c-h--w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2012-01-25 19:48:55 597504 ---h--w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe 2012-01-25 19:48:55 117760 ------w- c:\windows\system32\prntvpt.dll 2012-01-25 19:48:54 575488 -c-h--w- c:\windows\system32\dllcache\xpsshhdr.dll 2012-01-25 19:48:54 575488 ------w- c:\windows\system32\xpsshhdr.dll 2012-01-25 19:48:54 1676288 -c-h--w- c:\windows\system32\dllcache\xpssvcs.dll 2012-01-25 19:48:54 1676288 ------w- c:\windows\system32\xpssvcs.dll 2012-01-25 19:48:54 -------- d-----w- C:\f3c4013db1ece3670958daa6 2012-01-25 19:42:55 -------- d--h--w- c:\documents and settings\owner\local settings\application data\Identities 2012-01-25 19:42:52 -------- d--h--w- c:\documents and settings\owner\application data\Windows Desktop Search 2012-01-25 19:42:16 -------- d--h--w- c:\windows\system32\GroupPolicy 2012-01-25 19:42:16 -------- d--h--w- c:\program files\Windows Desktop Search 2012-01-25 19:41:54 98304 -c-h--w- c:\windows\system32\dllcache\nlhtml.dll 2012-01-25 19:41:54 29696 -c-h--w- c:\windows\system32\dllcache\mimefilt.dll 2012-01-25 19:41:54 192000 -c-h--w- c:\windows\system32\dllcache\offfilt.dll 2012-01-25 19:41:06 -------- d--h--w- c:\program files\Windows Media Connect 2 2012-01-25 19:39:32 -------- d--h--w- c:\windows\system32\LogFiles 2012-01-25 19:36:51 -------- d-----w- c:\windows\system32\URTTemp 2012-01-25 19:34:01 602112 -c-h--w- c:\windows\system32\dllcache\msfeeds.dll 2012-01-25 19:34:01 55296 -c-h--w- c:\windows\system32\dllcache\msfeedsbs.dll 2012-01-25 19:34:00 743424 -c-h--w- c:\windows\system32\dllcache\iedvtool.dll 2012-01-25 19:33:59 247808 -c-h--w- c:\windows\system32\dllcache\ieproxy.dll 2012-01-25 19:33:59 2000384 -c-h--w- c:\windows\system32\dllcache\iertutil.dll 2012-01-25 19:33:59 12800 -c-h--w- c:\windows\system32\dllcache\xpshims.dll 2012-01-25 19:33:54 11081728 -c-h--w- c:\windows\system32\dllcache\ieframe.dll 2012-01-25 19:31:28 6144 -c-h--w- c:\windows\system32\dllcache\iecompat.dll 2012-01-25 19:31:03 456320 -c-h--w- c:\windows\system32\dllcache\mrxsmb.sys 2012-01-25 19:30:56 139656 -c-h--w- c:\windows\system32\dllcache\rdpwd.sys 2012-01-25 19:30:50 10496 -c-h--w- c:\windows\system32\dllcache\ndistapi.sys 2012-01-25 19:29:59 105472 -c-h--w- c:\windows\system32\dllcache\mup.sys 2012-01-25 19:26:47 40960 -c-h--w- c:\windows\system32\dllcache\ndproxy.sys 2012-01-25 19:26:30 45568 -c-h--w- c:\windows\system32\dllcache\wab.exe 2012-01-25 19:26:08 590848 -c-h--w- c:\windows\system32\dllcache\rpcrt4.dll 2012-01-25 19:25:47 978944 -c-h--w- c:\windows\system32\dllcache\mfc42.dll 2012-01-25 19:25:47 953856 -c-h--w- c:\windows\system32\dllcache\mfc40u.dll 2012-01-25 19:25:12 617472 -c-h--w- c:\windows\system32\dllcache\comctl32.dll 2012-01-25 19:24:10 3558912 -c-h--w- c:\windows\system32\dllcache\moviemk.exe 2012-01-25 19:23:37 744448 -c-h--w- c:\windows\system32\dllcache\helpsvc.exe 2012-01-25 19:22:41 293376 ---h--w- c:\windows\system32\browserchoice.exe 2012-01-25 19:19:46 81920 -c-h--w- c:\windows\system32\dllcache\fontsub.dll 2012-01-25 19:19:46 119808 -c-h--w- c:\windows\system32\dllcache\t2embed.dll 2012-01-25 19:19:21 471552 -c-h--w- c:\windows\system32\dllcache\aclayers.dll 2012-01-25 19:18:02 1172480 -c-h--w- c:\windows\system32\dllcache\msxml3.dll 2012-01-25 19:16:07 153088 -c-h--w- c:\windows\system32\dllcache\triedit.dll 2012-01-25 19:06:22 337408 -c-h--w- c:\windows\system32\dllcache\netapi32.dll 2012-01-25 19:06:14 331776 -c-h--w- c:\windows\system32\dllcache\msadce.dll 2012-01-25 19:04:57 272128 -c-h--w- c:\windows\system32\dllcache\bthport.sys 2012-01-25 19:04:52 203136 -c-h--w- c:\windows\system32\dllcache\rmcast.sys 2012-01-25 19:01:11 -------- d-----w- c:\windows\system32\PreInstall 2012-01-25 19:01:09 -------- d--h--w- c:\windows\$hf_mig$ 2012-01-25 18:57:12 -------- d-sh--w- c:\documents and settings\owner\IECompatCache 2012-01-25 18:57:04 -------- d-sh--w- c:\documents and settings\owner\PrivacIE 2012-01-25 18:56:11 -------- d-----w- c:\windows\system32\SoftwareDistribution 2012-01-25 18:52:14 -------- d-sh--w- c:\documents and settings\owner\IETldCache 2012-01-25 18:48:06 -------- dc-h--w- c:\windows\ie8 2012-01-25 18:21:59 -------- d-----w- c:\windows\system32\scripting 2012-01-25 18:21:59 -------- d-----w- c:\windows\l2schemas 2012-01-25 18:21:58 -------- d--h--w- c:\windows\system32\en 2012-01-25 18:21:58 -------- d--h--w- c:\windows\system32\bits 2012-01-25 18:19:53 -------- d-----w- c:\windows\ServicePackFiles 2012-01-25 18:19:41 294912 ---h--w- c:\program files\windows media player\dlimport.exe 2012-01-25 18:19:35 294912 -c-h--w- c:\windows\system32\dllcache\dlimport.exe 2012-01-25 18:15:24 19569 ----a-w- c:\windows\002602_.tmp 2012-01-25 18:12:19 -------- d-----w- c:\windows\EHome 2012-01-25 17:31:45 110080 ---ha-w- c:\windows\system32\drivers\IntcHdmi.sys 2012-01-25 17:31:43 920088 ---ha-w- c:\windows\system32\igxpun.exe 2012-01-25 17:31:43 319456 ---ha-w- c:\windows\system32\difxapi.dll 2012-01-25 17:22:21 -------- d--h--w- c:\windows\system32\Lang 2012-01-25 17:05:43 94208 ----a-w- c:\windows\CtDrvIns.exe 2012-01-25 17:05:43 53358 ----a-w- c:\windows\system32\OA012Pin.dll 2012-01-25 17:05:43 53358 ----a-w- c:\windows\OA012Cfg.exe 2012-01-25 17:05:43 28770 ----a-w- c:\windows\system32\OA012Pin.crl 2012-01-25 17:05:43 272256 ---ha-w- c:\windows\system32\drivers\OA012Vid.sys 2012-01-25 17:05:43 24667 ----a-w- c:\windows\system32\OA012Srv.exe 2012-01-25 17:05:43 24576 ----a-w- c:\windows\OA012Mon.exe 2012-01-25 17:05:43 134144 ---ha-w- c:\windows\system32\drivers\OA012Afx.sys 2012-01-25 17:05:43 133632 ---ha-w- c:\windows\system32\drivers\OA012Ufd.sys 2012-01-25 16:57:35 577536 ---ha-w- c:\windows\system32\EMSC.DLL 2012-01-25 16:57:34 14248 ---ha-w- c:\windows\system32\drivers\EMSC.sys 2012-01-25 16:57:32 -------- d--h--w- c:\documents and settings\all users\application data\XP32 2012-01-25 16:57:32 -------- d--h--w- c:\documents and settings\all users\application data\Win764 2012-01-25 16:57:32 -------- d--h--w- c:\documents and settings\all users\application data\Win732 2012-01-25 16:57:32 -------- d--h--w- c:\documents and settings\all users\application data\Vista64 2012-01-25 16:57:32 -------- d--h--w- c:\documents and settings\all users\application data\Vista32 2012-01-25 16:57:05 -------- d--h--w- c:\program files\WSED 2012-01-25 16:54:26 -------- d--h--w- c:\program files\Synaptics 2012-01-25 16:54:14 208304 ---ha-w- c:\windows\system32\drivers\SynTP.sys 2012-01-25 16:54:14 206120 ----a-w- c:\windows\system32\SynCtrl.dll 2012-01-25 16:54:14 169256 ----a-w- c:\windows\system32\SynCOM.dll 2012-01-25 16:54:14 161064 ----a-w- c:\windows\system32\SynTPAPI.dll 2012-01-25 16:54:14 120104 ----a-w- c:\windows\system32\SynTPCo4.dll 2012-01-25 16:54:02 6272 ---ha-w- c:\windows\system32\drivers\splitter.sys 2012-01-25 16:53:59 83072 ---ha-w- c:\windows\system32\drivers\wdmaud.sys 2012-01-25 16:53:57 52864 ---ha-w- c:\windows\system32\drivers\dmusic.sys 2012-01-25 16:53:48 56576 ---ha-w- c:\windows\system32\drivers\swmidi.sys 2012-01-25 16:53:46 142592 ---ha-w- c:\windows\system32\drivers\aec.sys 2012-01-25 16:53:45 172416 ---ha-w- c:\windows\system32\drivers\kmixer.sys 2012-01-25 16:53:43 2944 ---ha-w- c:\windows\system32\drivers\drmkaud.sys 2012-01-25 16:53:41 60800 ---ha-w- c:\windows\system32\drivers\sysaudio.sys 2012-01-25 16:50:21 -------- d-----w- c:\windows\system32\RTCOM 2012-01-25 16:50:15 60160 ---ha-w- c:\windows\system32\drivers\drmk.sys 2012-01-25 16:45:59 7360512 ----a-w- c:\windows\system32\RTSUSTORicon.dll 2012-01-25 16:45:59 266240 ----a-w- c:\windows\system32\RtsUStor.dll 2012-01-25 16:45:59 162816 ---ha-w- c:\windows\system32\drivers\RtsUStor.sys 2012-01-25 16:44:30 80416 ----a-w- c:\windows\system32\RtNicProp32.dll 2012-01-25 16:44:30 234392 ---ha-w- c:\windows\system32\drivers\Rtenicxp.sys 2012-01-25 16:44:29 -------- d--h--w- c:\program files\Realtek 2012-01-25 16:41:54 26144 ----a-w- c:\windows\system32\spupdsvc.exe 2012-01-25 16:41:38 -------- d-----w- C:\2607fc3a3d0f25617b1a7a0bc99463 2012-01-25 16:41:10 -------- d-----w- c:\program files\Function Keys 2012-01-25 16:32:40 -------- d-----w- c:\windows\system32\ReinstallBackups 2012-01-25 16:32:37 53248 ---ha-w- c:\windows\system32\CSVer.dll 2012-01-25 16:32:14 -------- d-----w- C:\Intel 2012-01-25 16:31:46 729088 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iKernel.dll 2012-01-25 16:31:46 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\ctor.dll 2012-01-25 16:31:46 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe 2012-01-25 16:31:46 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll 2012-01-25 16:31:46 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iscript.dll 2012-01-25 16:31:46 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iuser.dll 2012-01-25 16:31:45 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll 2012-01-25 16:31:45 188548 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll 2012-01-25 16:27:59 12160 -c-ha-w- c:\windows\system32\dllcache\mouhid.sys 2012-01-25 16:27:59 12160 ---ha-w- c:\windows\system32\drivers\mouhid.sys 2012-01-25 16:27:52 10368 -c-ha-w- c:\windows\system32\dllcache\hidusb.sys 2012-01-25 16:27:52 10368 ---ha-w- c:\windows\system32\drivers\hidusb.sys . ==================== Find3M ==================== . 2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll 2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys 2011-11-18 12:35:08 60416 ----a-w- c:\windows\system32\packager.exe 2011-11-16 14:21:44 354816 ----a-w- c:\windows\system32\winhttp.dll 2011-11-16 14:21:44 152064 ----a-w- c:\windows\system32\schannel.dll . ============= FINISH: 19:45:43.64 =============== ATTACH . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume1 Install Date: 25/01/2012 14:17:16 System Uptime: 13/02/2012 19:42:08 (0 hours ago) . Motherboard: Dell Inc. | | 0R990K Processor: Intel® Atom CPU Z520 @ 1.33GHz | U3E1 | 1329/mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 149 GiB total, 111.287 GiB free. D: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP1: 25/01/2012 15:14:11 - System Checkpoint RP2: 25/01/2012 16:37:38 - Installed Function Keys RP3: 25/01/2012 18:15:29 - Installed Windows XP Service Pack 3. RP4: 25/01/2012 18:48:59 - Installed Windows Internet Explorer 8. RP5: 25/01/2012 19:00:26 - Software Distribution Service 3.0 RP6: 25/01/2012 19:36:39 - Software Distribution Service 3.0 RP7: 26/01/2012 20:34:51 - Installed Compatibility Pack for the 2007 Office system RP8: 26/01/2012 22:55:54 - Software Distribution Service 3.0 RP9: 27/01/2012 00:05:43 - Installed iTunes RP10: 27/01/2012 00:51:36 - Software Distribution Service 3.0 RP11: 27/01/2012 11:55:13 - Software Distribution Service 3.0 RP12: 28/01/2012 03:00:19 - Software Distribution Service 3.0 RP13: 29/01/2012 22:37:46 - System Checkpoint RP14: 31/01/2012 01:45:10 - System Checkpoint RP15: 01/02/2012 13:04:41 - System Checkpoint RP16: 02/02/2012 13:13:10 - System Checkpoint RP17: 03/02/2012 14:42:51 - System Checkpoint RP18: 04/02/2012 19:54:07 - System Checkpoint RP19: 05/02/2012 20:00:37 - System Checkpoint RP20: 07/02/2012 00:33:59 - System Checkpoint RP21: 08/02/2012 13:15:46 - System Checkpoint RP22: 09/02/2012 14:01:49 - System Checkpoint RP23: 09/02/2012 17:45:04 - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 RP24: 09/02/2012 17:46:15 - Installed Java 6 Update 22 RP25: 09/02/2012 17:46:58 - Installed OpenOffice.org 3.3 RP26: 10/02/2012 20:36:10 - System Checkpoint RP27: 11/02/2012 20:42:39 - System Checkpoint RP28: 12/02/2012 22:47:32 - System Checkpoint RP29: 13/02/2012 15:49:53 - Restore Operation RP30: 13/02/2012 15:52:00 - Restore Operation . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Apple Application Support Apple Mobile Device Support Apple Software Update Bonjour Compatibility Pack for the 2007 Office system Dell Touchpad Dell Wireless WLAN Card Utility EMSC Function Keys Google Toolbar for Internet Explorer Google Update Helper High Definition Audio Driver Package - KB888111 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB915800-v4) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB976002-v5) Integrated Webcam Driver (1.05.01.0820) Intel® Graphics Media Accelerator 500 Intel® Graphics Media Accelerator Driver iTunes Java Auto Updater Java 6 Update 22 Malwarebytes Anti-Malware version 1.60.1.1000 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656353) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Mozilla Firefox 10.0 (x86 en-GB) OpenOffice.org 3.3 REALTEK GbE & FE Ethernet PCI-E NIC Driver Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Search 4 - KB963093 Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982665) Skype Click to Call Skype™ 5.5 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Windows (KB971513) Update for Windows Internet Explorer 8 (KB2598845) Update for Windows Internet Explorer 8 (KB2632503) Update for Windows XP (KB2345886) Update for Windows XP (KB2541763) Update for Windows XP (KB2641690) Update for Windows XP (KB898461) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) USB2.0 Card Reader Software WebFldrs XP Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 8 Windows Media Format 11 runtime Windows Media Player 11 Windows Search 4.0 Windows XP Service Pack 3 WSED . ==== Event Viewer Messages From Past Week ======== . 13/02/2012 19:37:42, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. 13/02/2012 15:52:01, error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23). 07/02/2012 12:44:14, error: System Error [1003] - Error code 000000f7, parameter1 fffefefe, parameter2 0000bb40, parameter3 ffff44bf, parameter4 00000000. 06/02/2012 18:42:36, error: Dhcp [1002] - The IP address lease 10.170.163.62 for the Network Card with network address 002170FA1864 has been denied by the DHCP server 10.162.0.3 (The DHCP Server sent a DHCPNACK message). . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.