Jump to content

neoraido

Members
 View Profile  See their activity

  • Posts

    2

  • Joined

  • Last visited

Reputation

0 Neutral
  1. neoraido
    Hello and thank you very much for getting back to me. I am very sorry that it has taken so long for me to reply, but I must have screwed up the "e-mail me" setting or something. Unfortunately, this weekend is going to be very hectic for me, but I will run the additional scan and post it as soon as I can. Thank you for your patience and assistance.
  2. neoraido
    Hello, I have a PC that is running Windows Vista that is infected with a Alureon-K rootkit on it that I have been unable to remove. I would appreciate any help you can give. DDS --------------------- . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 7.0.6001.18000 Run by user at 23:45:52 on 2012-03-16 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3062.1806 [GMT -4:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\WINDOWS\System32\igfxtray.exe C:\WINDOWS\System32\hkcmd.exe C:\WINDOWS\System32\igfxpers.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: NCO 2.0 IE BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\common files\symantec shared\coshared\browser\2.0\coIEPlg.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_02\bin\ssv.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: HP Print Clips: {ffffffff-ff12-44c5-91ec-068e3aa1b2d7} - c:\program files\hp\smart web printing\hpswp_framework.dll TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\common files\symantec shared\coshared\browser\2.0\CoIEPlg.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden mRun: [Apoint] c:\program files\apoint2k\Apoint.exe mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe" mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRun: [OnScreenDisplay] c:\program files\hewlett-packard\hp quicktouch\HPKBDAPP.exe mRun: [uCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" update "software\cyberlink\youcam\1.0" mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" mRun: [isCfgWiz] "c:\program files\common files\symantec shared\opc\{c86ea115-facd-4aa8-bfa2-398c677d0936}\SYMCUW.exe" -G:{77CCBE0B-A541-49a9-883E-14F8337EC861} -T:Config -REBOOT mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe mRun: [WAWifiMessage] c:\program files\hewlett-packard\hp wireless assistant\WiFiMsg.exe mRun: [sunJavaUpdateSched] "c:\program files\java\jre1.6.0_02\bin\jusched.exe" mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_02\bin\ssv.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab Notify: igfxcui - igfxdev.dll mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe" . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-3-16 612184] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-3-16 337880] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-3-16 20696] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-3-16 57688] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-3-16 44768] R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\ccSvcHst.exe [2007-8-25 149864] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-3-16 652360] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-3-16 20464] R3 Symantec Core LC;Symantec Core LC;c:\progra~1\common~1\symant~1\ccpd-lc\symlcsvc.exe [2008-2-23 1245064] S3 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\ipsdefs\20070823.002\IDSvix86.sys [2008-2-23 180272] . =============== Created Last 30 ================ . 2012-03-16 17:23:17 -------- d-----w- c:\users\user\appdata\local\temp 2012-03-16 17:22:31 -------- d-sh--w- C:\$RECYCLE.BIN 2012-03-16 15:15:41 -------- d-----w- c:\users\user\appdata\roaming\Malwarebytes 2012-03-16 15:15:33 -------- d-----w- c:\programdata\Malwarebytes 2012-03-16 15:15:32 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-16 15:15:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-03-16 14:21:43 -------- d-----w- C:\TDSSKiller_Quarantine 2012-03-16 13:47:51 98816 ----a-w- c:\windows\sed.exe 2012-03-16 13:47:51 518144 ----a-w- c:\windows\SWREG.exe 2012-03-16 13:47:51 256000 ----a-w- c:\windows\PEV.exe 2012-03-16 13:47:51 208896 ----a-w- c:\windows\MBR.exe 2012-03-16 07:54:10 80896 ----a-w- c:\windows\system32\MSNP.ax 2012-03-16 07:54:10 57856 ----a-w- c:\windows\system32\MSDvbNP.ax 2012-03-16 07:54:03 293376 ----a-w- c:\windows\system32\psisdecd.dll 2012-03-16 07:54:01 217088 ----a-w- c:\windows\system32\psisrndr.ax 2012-03-16 07:43:02 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll 2012-03-16 07:24:08 97800 ----a-w- c:\windows\system32\infocardapi.dll 2012-03-16 07:24:06 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2012-03-16 07:24:03 622080 ----a-w- c:\windows\system32\icardagt.exe 2012-03-16 07:24:03 37384 ----a-w- c:\windows\system32\infocardcpl.cpl 2012-03-16 07:24:02 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2012-03-16 07:24:02 11264 ----a-w- c:\windows\system32\icardres.dll 2012-03-16 07:23:57 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll 2012-03-16 07:23:49 326160 ----a-w- c:\windows\system32\PresentationHost.exe 2012-03-16 07:15:53 96760 ----a-w- c:\windows\system32\dfshim.dll 2012-03-16 07:15:47 282112 ----a-w- c:\windows\system32\mscoree.dll 2012-03-16 07:15:46 41984 ----a-w- c:\windows\system32\netfxperf.dll 2012-03-16 07:15:28 158720 ----a-w- c:\windows\system32\mscorier.dll 2012-03-16 07:15:18 83968 ----a-w- c:\windows\system32\mscories.dll 2012-03-16 07:11:28 24064 ----a-w- c:\windows\system32\nshhttp.dll 2012-03-16 07:11:22 411136 ----a-w- c:\windows\system32\drivers\http.sys 2012-03-16 07:11:21 31232 ----a-w- c:\windows\system32\httpapi.dll 2012-03-16 07:07:25 -------- d-----w- c:\program files\MSXML 4.0 2012-03-16 06:52:28 67072 ----a-w- c:\windows\system32\asycfilt.dll 2012-03-16 06:52:26 71680 ----a-w- c:\windows\system32\atl.dll 2012-03-16 06:52:19 1399296 ----a-w- c:\windows\system32\msxml6.dll 2012-03-16 06:52:15 501760 ----a-w- c:\windows\system32\usp10.dll 2012-03-16 06:52:13 66048 ----a-w- c:\program files\windows mail\wabmig.exe 2012-03-16 06:52:13 515584 ----a-w- c:\program files\windows mail\wab.exe 2012-03-16 06:52:12 33280 ----a-w- c:\program files\windows mail\wabfind.dll 2012-03-16 06:52:03 72704 ----a-w- c:\windows\system32\fontsub.dll 2012-03-16 06:52:03 34304 ----a-w- c:\windows\system32\atmlib.dll 2012-03-16 06:52:03 292864 ----a-w- c:\windows\system32\atmfd.dll 2012-03-16 06:52:03 10240 ----a-w- c:\windows\system32\dciman32.dll 2012-03-16 06:52:00 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL 2012-03-16 06:51:55 409600 ----a-w- c:\windows\system32\odbc32.dll 2012-03-16 06:51:54 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll 2012-03-16 06:51:54 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll 2012-03-16 06:51:53 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll 2012-03-16 06:51:53 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll 2012-03-16 06:51:53 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll 2012-03-16 06:51:48 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll 2012-03-16 06:48:56 1136640 ----a-w- c:\windows\system32\mfc42.dll 2012-03-16 06:47:55 160256 ----a-w- c:\windows\system32\wkssvc.dll 2012-03-16 06:47:47 1315840 ----a-w- c:\windows\system32\ole32.dll 2012-03-16 06:47:46 339968 ----a-w- c:\program files\windows nt\accessories\wordpad.exe 2012-03-16 06:47:39 296960 ----a-w- c:\windows\system32\gdi32.dll 2012-03-16 06:47:31 126464 ----a-w- c:\windows\system32\spoolsv.exe 2012-03-16 06:47:27 562176 ----a-w- c:\windows\system32\msdtcprx.dll 2012-03-16 06:47:27 38912 ----a-w- c:\windows\system32\xolehlp.dll 2012-03-16 06:47:21 1257472 ----a-w- c:\windows\system32\msxml3.dll 2012-03-16 06:47:15 157184 ----a-w- c:\windows\system32\t2embed.dll 2012-03-16 06:47:05 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll 2012-03-16 06:47:03 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe 2012-03-16 06:46:51 273408 ----a-w- c:\windows\system32\drivers\afd.sys 2012-03-16 06:46:47 269312 ----a-w- c:\windows\system32\es.dll 2012-03-16 06:46:43 1169408 ----a-w- c:\windows\system32\sdclt.exe 2012-03-16 06:46:35 303616 ----a-w- c:\windows\system32\wmpeffects.dll 2012-03-16 06:46:32 766464 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll 2012-03-16 06:46:29 146432 ----a-w- c:\windows\system32\drivers\srv2.sys 2012-03-16 06:46:28 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys 2012-03-16 06:46:08 714240 ----a-w- c:\windows\system32\timedate.cpl 2012-03-16 06:45:55 430080 ----a-w- c:\windows\system32\vbscript.dll 2012-03-16 06:45:47 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL 2012-03-16 06:45:31 2730536 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll 2012-03-16 06:45:07 6552120 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{dfb61f07-218b-4339-b0ff-4cf41a39024b}\mpengine.dll 2012-03-16 06:44:59 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-03-16 06:44:30 636928 ----a-w- c:\windows\system32\localspl.dll 2012-03-16 06:44:21 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys 2012-03-16 06:44:18 954752 ----a-w- c:\windows\system32\mfc40.dll 2012-03-16 06:44:17 954288 ----a-w- c:\windows\system32\mfc40u.dll 2012-03-16 06:44:10 36352 ----a-w- c:\windows\system32\rtutils.dll 2012-03-16 06:44:01 2927104 ----a-w- c:\windows\explorer.exe 2012-03-16 06:43:50 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2012-03-16 06:43:49 1695744 ----a-w- c:\windows\system32\gameux.dll 2012-03-16 06:43:46 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2012-03-16 06:43:41 171520 ----a-w- c:\windows\system32\wintrust.dll 2012-03-16 06:43:34 499712 ----a-w- c:\windows\system32\kerberos.dll 2012-03-16 06:43:33 175104 ----a-w- c:\windows\system32\wdigest.dll 2012-03-16 06:43:32 1256448 ----a-w- c:\windows\system32\lsasrv.dll 2012-03-16 06:43:31 72704 ----a-w- c:\windows\system32\secur32.dll 2012-03-16 06:43:31 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-03-16 06:43:30 9728 ----a-w- c:\windows\system32\lsass.exe 2012-03-16 06:42:51 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll 2012-03-16 06:42:47 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll 2012-03-16 06:42:24 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll 2012-03-16 06:38:58 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys 2012-03-16 06:37:48 313344 ----a-w- c:\windows\system32\wmpdxm.dll 2012-03-16 06:37:43 43520 ----a-w- c:\windows\system32\msdxm.tlb 2012-03-16 06:37:43 18432 ----a-w- c:\windows\system32\amcompat.tlb 2012-03-16 06:36:20 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe 2012-03-16 06:36:20 511488 ----a-w- c:\windows\system32\RMActivate.exe 2012-03-16 06:36:19 472576 ----a-w- c:\windows\system32\secproc_isv.dll 2012-03-16 06:36:19 472064 ----a-w- c:\windows\system32\secproc.dll 2012-03-16 06:36:19 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2012-03-16 06:36:19 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2012-03-16 06:36:17 329216 ----a-w- c:\windows\system32\msdrm.dll 2012-03-16 06:36:17 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2012-03-16 06:36:17 151040 ----a-w- c:\windows\system32\secproc_ssp.dll 2012-03-16 06:35:40 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-03-16 06:35:34 135168 ----a-w- c:\windows\system32\wshom.ocx 2012-03-16 06:35:33 90112 ----a-w- c:\windows\system32\wshext.dll 2012-03-16 06:35:33 155648 ----a-w- c:\windows\system32\wscript.exe 2012-03-16 06:35:33 135168 ----a-w- c:\windows\system32\cscript.exe 2012-03-16 06:35:32 180224 ----a-w- c:\windows\system32\scrobj.dll 2012-03-16 06:35:32 172032 ----a-w- c:\windows\system32\scrrun.dll 2012-03-16 06:34:30 1645568 ----a-w- c:\windows\system32\connect.dll 2012-03-16 06:34:22 996352 ----a-w- c:\windows\system32\WMNetMgr.dll 2012-03-16 06:34:22 94720 ----a-w- c:\windows\system32\logagent.exe 2012-03-16 06:34:17 2067456 ----a-w- c:\windows\system32\mstscax.dll 2012-03-16 06:34:16 677888 ----a-w- c:\windows\system32\mstsc.exe 2012-03-16 06:34:10 49152 ----a-w- c:\windows\system32\csrsrv.dll 2012-03-16 06:34:10 375808 ----a-w- c:\windows\system32\winsrv.dll 2012-03-16 06:34:08 61440 ----a-w- c:\windows\system32\msasn1.dll 2012-03-16 06:34:02 784896 ----a-w- c:\windows\system32\rpcrt4.dll 2012-03-16 06:31:21 -------- d-----w- c:\users\user\appdata\local\Hewlett-Packard 2012-03-16 05:53:33 -------- d-----w- c:\programdata\LightScribe 2012-03-16 05:51:39 310784 ----a-w- c:\windows\system32\unregmp2.exe 2012-03-16 05:51:39 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe 2012-03-16 05:51:36 7680 ----a-w- c:\windows\system32\spwmp.dll 2012-03-16 05:51:36 168960 ----a-w- c:\program files\windows media player\wmplayer.exe 2012-03-16 05:51:35 4096 ----a-w- c:\windows\system32\msdxm.ocx 2012-03-16 05:51:35 4096 ----a-w- c:\windows\system32\dxmasf.dll 2012-03-16 05:51:35 107520 ----a-w- c:\program files\windows media player\wmpshare.exe 2012-03-16 05:51:35 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe 2012-03-16 05:51:33 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2012-03-16 05:51:11 276992 ----a-w- c:\windows\system32\schannel.dll 2012-03-16 05:50:22 98304 ----a-w- c:\windows\system32\cabview.dll 2012-03-16 05:46:22 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-03-16 05:46:22 -------- d-----w- c:\program files\Spybot - Search & Destroy 2012-03-16 05:44:44 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-03-16 05:44:43 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-03-16 05:44:03 41184 ----a-w- c:\windows\avastSS.scr 2012-03-16 05:43:36 -------- d-----w- c:\programdata\AVAST Software 2012-03-16 05:43:36 -------- d-----w- c:\program files\AVAST Software 2012-03-16 05:40:21 2421760 ----a-w- c:\windows\system32\wucltux.dll 2012-03-16 05:40:11 87552 ----a-w- c:\windows\system32\wudriver.dll 2012-03-16 05:40:06 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-03-16 05:40:06 171608 ----a-w- c:\windows\system32\wuwebv.dll 2012-03-16 04:24:25 -------- d-----w- c:\users\user\appdata\roaming\Symantec 2012-03-16 04:24:21 -------- d-----w- c:\users\user\appdata\local\QuickPlay 2012-03-16 04:20:55 -------- d-----w- c:\programdata\Electronic Arts 2012-03-16 04:20:51 -------- d-----w- c:\users\user\appdata\local\Downloaded Installations 2012-03-16 04:16:00 -------- d-----w- c:\users\user\appdata\local\VirtualStore 2012-03-16 04:08:07 -------- d-sh--we C:\Documents and Settings . ==================== Find3M ==================== . . ============= FINISH: 23:46:32.17 =============== Attach.txt -------------------------------- . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 6/23/2008 5:31:27 AM System Uptime: 3/16/2012 11:08:03 PM (0 hours ago) . Motherboard: Wistron | | 30CD Processor: Intel® Core2 Duo CPU T5550 @ 1.83GHz | U2E1 | 1833/667mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 221 GiB total, 186.112 GiB free. D: is FIXED (NTFS) - 12 GiB total, 1.784 GiB free. E: is CDROM () F: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP7: 3/16/2012 12:21:54 AM - First_User_Boot RP8: 3/16/2012 1:39:58 AM - Windows Update RP9: 3/16/2012 1:43:25 AM - avast! Free Antivirus Setup RP10: 3/16/2012 2:43:45 AM - Windows Update RP11: 3/16/2012 3:00:33 AM - Windows Update RP12: 3/16/2012 10:22:05 AM - Windows Update . ==== Installed Programs ====================== . Activation Assistant for the 2007 Microsoft Office suites Adobe Flash Player ActiveX Adobe Reader 8.1.0 Adobe Shockwave Player AIM 6 AppCore avast! Free Antivirus Cards_Calendar_OrderGift_DoMorePlugout ccCommon Compatibility Pack for the 2007 Office system Component Framework Conexant HD Audio CyberLink YouCam DVD Suite EA Link Hauppauge MCE XP/Vista Software Encoder (2.0.25149) HDAUDIO Soft Data Fax Modem with SmartCP Hewlett-Packard Active Check Hewlett-Packard Asset Agent for Health Check Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Active Support Library HP Customer Experience Enhancements HP Doc Viewer HP Easy Setup - Frontend HP Help and Support HP Photosmart Essential 2.5 HP Quick Launch Buttons 6.30 E1 HP QuickPlay 3.6 HP QuickTouch 1.00 C4 HP Smart Web Printing HP Total Care Advisor HP Update HP User Guides 0090 HP Wireless Assistant HPNetworkAssistant HPPhotoSmartDiscLabel_PaperLabel HPPhotoSmartDiscLabel_PrintOnDisc HPPhotoSmartDiscLabel_Tattoo HPPhotoSmartDiscLabelContent1 hpphotosmartdisclabelplugin HPPhotoSmartPhotobookHolidayPack1 HPPhotoSmartPhotobookModernPack1 HPPhotoSmartPhotobookPlayfulPack1 HPPhotoSmartPhotobookScrapbookPack1 HPPhotoSmartPhotobookWebPack1 Intel® Graphics Media Accelerator Driver Java 6 Update 2 LabelPrint LightScribe System Software 1.10.13.1 LiveUpdate (Symantec Corporation) Malwarebytes Anti-Malware version 1.60.1.1000 Marvell Miniport Driver Microsoft .NET Framework 3.5 SP1 Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Works MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) muvee autoProducer 6.1 My HP Games NetWaiting Norton AntiVirus Norton AntiVirus Help Norton Confidential Core Norton Internet Security Norton Internet Security (Symantec Corporation) Norton Protection Center Power2Go PowerDirector PSSWCORE QuickPlay SlingPlayer 0.4.6 Recuva RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02 Slingbox Flash Tour SlingPlayer SPBBC 32bit Spybot - Search & Destroy Symantec Real Time Storage Protection Component SymNet The Sims™ Life Stories Touch Pad Driver Update for Office 2007 (KB934528) VideoToolkit01 Viewpoint Media Player WeatherBug Gadget . ==== Event Viewer Messages From Past Week ======== . 3/16/2012 2:29:10 AM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-tw-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-hk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-cn-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-uk-ua-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-tr-tr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-th-th-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sv-se-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sr-latn-cs-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sl-si-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sk-sk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ru-ru-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ro-ro-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pt-pt-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pt-br-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ps-ps-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pl-pl-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-nl-nl-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-Neutral from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-nb-no-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-lv-lv-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-lt-lt-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ko-kr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ja-jp-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-it-it-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-hu-hu-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-hr-hr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-he-il-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-fr-fr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-fi-fi-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-et-ee-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-es-es-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-en-us-LP from package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP(Feature Pack) into Staged(Staged) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-en-us-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-el-gr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-de-de-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-da-dk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-cs-cz-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-bg-bg-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ar-sa-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update AuxResourcesLP from package WindowsUpdateClient-SelfUpdate-Aux-Package(Language Pack) into Staged(Staged) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update AuxComp from package WindowsUpdateClient-SelfUpdate-Aux-Package(Update) into Staged(Staged) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US(Language Pack) into Staged(Staged) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package(Update) into Staged(Staged) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP (Feature Pack) into Install Requested(Install Requested) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-Package (Update) into Install Requested(Install Requested) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-Package (Language Pack) into Install Requested(Install Requested) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US (Language Pack) into Install Requested(Install Requested) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package (Update) into Install Requested(Install Requested) state 3/16/2012 1:40:55 AM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KBWUClient-SelfUpdate-Aux (Feature Pack) into Install Requested(Install Requested) state . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.