Jump to content

duffmorton

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Dear everybody, Ouch-- I seem to have an infection that has slipped in. Right now I'm in rural Brazil, a place with a ton of viruses everywhere, and I'm teaching computer classes to kids in the countryside. Unfortunately, I think I have found a virus that I can't fix. It's a USB-carried virus that comes in on flash drives, and that hides the real files while turning everything into an apparent shortcut-- just like lots of autorun viruses that I've seen here. However, this one is not detected by the most recently-updated versions of either Malwarebytes or AVG. My other attempts to clean it have been pretty futile. When I run Windows 8 in Safe Mode and use the command prompt, I can successfully delete the virus file (entitled uvfllvmiuo..vbs) from the flash drive, but the infected computers will then reinfect the flash drive-- although, interestingly, it takes about five minutes for the reinfection to happen. I don't know enough to be able to tell where the infection resides on the infected computer. Now I'm going to paste the two logs. If it will help, I can also supply the content of the malicious vbs file. Any help you can offer will be GREATLY appreciated!!! DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16660Run by Frederick at 15:43:17 on 2013-08-23Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.3980.2480 [GMT -3:00].AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}.============== Running Processes ===============.C:\PROGRA~2\AVG\AVG2013\avgrsa.exeC:\Program Files (x86)\AVG\AVG2013\avgcsrva.exeC:\windows\system32\svchost.exe -k DcomLaunchC:\windows\system32\svchost.exe -k RPCSSC:\windows\system32\dwm.exeC:\windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\windows\system32\svchost.exe -k netsvcsC:\windows\system32\svchost.exe -k LocalServiceC:\windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\windows\system32\svchost.exe -k NetworkServiceC:\windows\system32\WLANExt.exeC:\windows\System32\spoolsv.exeC:\windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\AVG\AVG2013\avgidsagent.exeC:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exeC:\Program Files\Intel\iCLS Client\HeciServer.exeC:\windows\system32\dashost.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exeC:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exeC:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exeC:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exeC:\windows\system32\svchost.exe -k imgsvcC:\Windows\system32\TODDSrv.exeC:\Program Files\Toshiba\Teco\TecoService.exeC:\windows\system32\taskhostex.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exeC:\windows\Explorer.EXEC:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exeC:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exeC:\Program Files (x86)\AVG\AVG2013\avgnsa.exeC:\Program Files (x86)\AVG\AVG2013\avgemca.exeC:\windows\system32\SearchIndexer.exeC:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exeC:\Program Files\Toshiba\Teco\TecoResident.exeC:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXEC:\Program Files (x86)\Skype\Phone\Skype.exeC:\Windows\System32\wscript.exeC:\Program Files (x86)\OpenOffice.org 3\program\soffice.exeC:\Windows\FSScrCtl.exeC:\Program Files (x86)\AVG\AVG2013\avgui.exeC:\Program Files (x86)\OpenOffice.org 3\program\soffice.binC:\Program Files (x86)\USBAntivirus\USBAntivirus.exeC:\windows\system32\wbem\wmiprvse.exeC:\Windows\System32\RuntimeBroker.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\SymcPCCULaunchSvc.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files\TOSHIBA\TPHM\TPCHSrv.exeC:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exeC:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exeC:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exeC:\windows\system32\taskhost.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\windows\system32\wbem\wmiprvse.exeC:\windows\system32\SearchProtocolHost.exeC:\windows\system32\msiexec.exeC:\windows\System32\cscript.exe.============== Pseudo HJT Report ===============. uWindow Title = Internet Explorer provided by TOSHIBA mWindow Title = Internet Explorer provided by TOSHIBA mWinlogon: Userinit = userinit.exeBHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dlluRun: [Facebook Update] "C:\Users\Frederick\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserveruRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrunuRun: [uvfllvmiuo] wscript.exe //B "C:\Users\FREDER~1\AppData\Local\Temp\uvfllvmiuo..vbs"mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exemRun: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLYmRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [uSBAntivirus.exe] C:\Program Files (x86)\USBAntivirus\USBAntivirus.exe -HideStartupFolder: C:\Users\FREDER~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exeStartupFolder: C:\Users\FREDER~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SCREEN~1.LNK - C:\Windows\FSScrCtl.exeStartupFolder: C:\Users\Frederick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uvfllvmiuo..vbsIE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} TCP: Interfaces\{9E8349DC-65FB-4CD3-8F48-30085B74A537} : DHCPNameServer = 192.168.1.1TCP: Interfaces\{C8090479-2247-4BD0-82B5-F2AC2D7E29AB} : DHCPNameServer = 8.8.4.4 8.8.8.8TCP: Interfaces\{C8090479-2247-4BD0-82B5-F2AC2D7E29AB}\05C616975627020516C6163656 : DHCPNameServer = 192.168.0.1TCP: Interfaces\{C8090479-2247-4BD0-82B5-F2AC2D7E29AB}\2656C6B696E6E2264603 : DHCPNameServer = 192.168.2.1TCP: Interfaces\{C8090479-2247-4BD0-82B5-F2AC2D7E29AB}\36F6E636F657273756 : DHCPNameServer = 10.3.0.1TCP: Interfaces\{C8090479-2247-4BD0-82B5-F2AC2D7E29AB}\57368696361676F6D2375636572756 : DHCPNameServer = 128.135.249.50 128.135.247.50TCP: Interfaces\{C8090479-2247-4BD0-82B5-F2AC2D7E29AB}\94028616675602779666960216E6460297F6570246F6E67247 : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.0.1Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-mWindow Title = Internet Explorer provided by TOSHIBA x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Run: [igfxTray] C:\windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exex64-Run: [Persistence] C:\windows\System32\igfxpers.exex64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -sx64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\Hotkey\TCrdMain_Win8.exex64-Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exex64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exex64-Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exex64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Frederick\AppData\Roaming\Mozilla\Firefox\Profiles\u142p7pn.default\FF - prefs.js: browser.search.selectedEngine - Bing FF - prefs.js: browser.startup.homepage - www.bing.com FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dllFF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dllFF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Users\Frederick\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dllFF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll.============= SERVICES / DRIVERS ===============.R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\Drivers\avgidsha.sys [2013-7-20 71480]R0 Avgloga;AVG Logging Driver;C:\windows\System32\Drivers\avgloga.sys [2013-7-20 311608]R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\Drivers\avgmfx64.sys [2013-7-1 116536]R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\Drivers\avgrkx64.sys [2013-7-10 45880]R0 iaStorA;iaStorA;C:\windows\System32\Drivers\iaStorA.sys [2012-11-20 645952]R1 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\Drivers\avgidsdrivera.sys [2013-7-20 246072]R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\Drivers\avgldx64.sys [2013-7-20 206648]R1 Avgwfpa;AVG Firewall Driver;C:\windows\System32\Drivers\avgwfpa.sys [2013-7-9 248632]R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]R2 avgwd;Watchdog do AVG;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-7-23 283136]R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-11-20 129856]R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-11-20 166720]R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2012-7-11 3939008]R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\SymcPCCULaunchSvc.exe [2012-9-3 123320]R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe [2012-9-3 126392]R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-8-14 3291008]R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\Toshiba\Teco\TecoService.exe [2012-8-24 291240]R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\Drivers\TVALZFL.sys [2012-7-21 16768]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-11-20 365376]R3 FwLnk;FwLnk Driver;C:\windows\System32\Drivers\FwLnk.sys [2012-11-20 9216]R3 IntcDAud;Intel® Display Audio;C:\windows\System32\Drivers\IntcDAud.sys [2012-6-19 342528]R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\windows\System32\Drivers\L1C63x64.sys [2012-7-13 103936]R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\Drivers\RtsUVStor.sys [2012-11-20 315536]R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\windows\System32\Drivers\rtwlane.sys [2012-6-29 1498256]R3 SmbDrvI;SmbDrvI;C:\windows\System32\Drivers\Smb_driver_Intel.sys [2012-8-16 43832]R3 TMachInfo;TMachInfo;C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2012-7-27 53384]R3 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\Drivers\tos_sps64.sys [2012-11-20 499096]R3 TPCHSrv;TPCH Service;C:\Program Files\Toshiba\TPHM\TPCHSrv.exe [2012-7-28 458152]S0 Avgboota;AVG Early Launch Anti-Malware Driver;C:\windows\System32\Drivers\avgboota.sys [2012-10-26 20912]S1 ccSet_NARA;NARA Settings Manager;C:\windows\System32\Drivers\NARAx64\0401000.00B\ccSetx64.sys [2012-9-3 168608]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\Drivers\rtwlane.sys [2012-6-29 1498256]S3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656].=============== File Associations ===============.FileExt: .txt: txtfile=NOTEPAD.EXE %1 [userChoice].=============== Created Last 30 ================.2013-08-23 17:43:08 -------- d-----w- C:\Program Files (x86)\USBAntivirus2013-08-23 14:14:14 73378 --sha-w- C:\Users\Frederick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uvfllvmiuo..vbs2013-08-20 22:19:55 -------- d-----w- C:\windows\System32\MRT2013-08-20 12:19:14 240304 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10214.bin2013-08-19 15:31:58 3958784 ----a-w- C:\windows\System32\jscript9.dll2013-08-19 15:31:47 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll2013-08-19 15:31:47 108032 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll2013-08-19 15:07:14 1889280 ----a-w- C:\windows\System32\crypt32.dll2013-08-19 15:07:13 337408 ----a-w- C:\windows\System32\wintrust.dll2013-08-19 15:07:13 261120 ----a-w- C:\windows\SysWow64\wintrust.dll2013-08-19 15:07:13 1568256 ----a-w- C:\windows\SysWow64\crypt32.dll2013-08-19 15:07:12 98304 ----a-w- C:\windows\System32\apprepsync.dll2013-08-19 15:07:12 87040 ----a-w- C:\windows\SysWow64\apprepapi.dll2013-08-19 15:07:12 74240 ----a-w- C:\windows\SysWow64\apprepsync.dll2013-08-19 15:07:12 68096 ----a-w- C:\windows\System32\cryptsvc.dll2013-08-19 15:07:12 124416 ----a-w- C:\windows\System32\apprepapi.dll2013-08-19 14:58:52 694272 ----a-w- C:\windows\SysWow64\rpcrt4.dll2013-08-19 14:58:52 1314816 ----a-w- C:\windows\System32\rpcrt4.dll2013-08-19 14:55:28 2233168 ----a-w- C:\windows\System32\drivers\tcpip.sys2013-08-14 14:11:04 4774272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll2013-08-14 14:11:04 4774272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll2013-08-14 01:05:12 56496 ----a-w- C:\windows\SysWow64\wbhelp2.dll2013-08-14 01:05:12 544768 ----a-w- C:\windows\SysWow64\wbocx.ocx2013-08-14 01:05:12 4608 ----a-w- C:\windows\SysWow64\W95INF32.DLL2013-08-14 01:05:12 33968 ----a-w- C:\windows\SysWow64\anim.dll2013-08-14 01:05:12 258352 ----a-w- C:\windows\SysWow64\unicows.dll2013-08-14 01:05:12 2272 ----a-w- C:\windows\SysWow64\W95INF16.DLL2013-08-13 19:17:36 -------- d-----w- C:\Program Files (x86)\EaseUS2013-08-07 13:58:32 -------- d-----w- C:\Users\Frederick\AppData\Local\Programs2013-07-30 14:30:04 850944 ----a-w- C:\windows\SysWow64\mfasfsrcsnk.dll2013-07-30 14:30:04 364544 ----a-w- C:\windows\SysWow64\XpsGdiConverter.dll2013-07-30 14:30:04 1842176 ----a-w- C:\windows\SysWow64\dwmcore.dll2013-07-30 14:30:04 1453568 ----a-w- C:\windows\SysWow64\mfcore.dll2013-07-30 14:30:03 67584 ----a-w- C:\windows\SysWow64\samlib.dll2013-07-30 14:30:03 493056 ----a-w- C:\windows\SysWow64\mscms.dll2013-07-30 14:30:03 2106176 ----a-w- C:\windows\SysWow64\explorer.exe2013-07-30 14:27:07 997632 ----a-w- C:\windows\System32\drivers\ndis.sys.==================== Find3M ====================.2013-07-26 05:13:37 2241024 ----a-w- C:\windows\System32\wininet.dll2013-07-26 05:13:28 915968 ----a-w- C:\windows\System32\uxtheme.dll2013-07-26 05:13:28 53760 ----a-w- C:\windows\System32\UXInit.dll2013-07-26 05:12:04 136704 ----a-w- C:\windows\System32\iesysprep.dll2013-07-26 05:12:03 67072 ----a-w- C:\windows\System32\iesetup.dll2013-07-26 03:35:08 2706432 ----a-w- C:\windows\System32\mshtml.tlb2013-07-26 03:13:24 1767936 ----a-w- C:\windows\SysWow64\wininet.dll2013-07-26 03:13:15 44032 ----a-w- C:\windows\SysWow64\UXInit.dll2013-07-26 03:12:00 61440 ----a-w- C:\windows\SysWow64\iesetup.dll2013-07-26 03:12:00 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll2013-07-26 02:49:14 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb2013-07-26 00:54:34 534528 ----a-w- C:\windows\SysWow64\uxtheme.dll2013-07-20 04:51:00 311608 ----a-w- C:\windows\System32\drivers\avgloga.sys2013-07-20 04:50:56 71480 ----a-w- C:\windows\System32\drivers\avgidsha.sys2013-07-20 04:50:56 246072 ----a-w- C:\windows\System32\drivers\avgidsdrivera.sys2013-07-20 04:50:50 206648 ----a-w- C:\windows\System32\drivers\avgldx64.sys2013-07-10 04:32:38 45880 ----a-w- C:\windows\System32\drivers\avgrkx64.sys2013-07-09 04:28:50 248632 ----a-w- C:\windows\System32\drivers\avgwfpa.sys2013-07-02 00:44:14 36288 ----a-w- C:\windows\System32\drivers\WdBoot.sys2013-07-01 22:08:49 247216 ----a-w- C:\windows\System32\drivers\WdFilter.sys2013-07-01 04:45:28 116536 ----a-w- C:\windows\System32\drivers\avgmfx64.sys2013-06-27 22:04:51 78200 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-06-27 22:04:51 693112 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe2013-06-01 11:54:16 194816 ----a-w- C:\windows\System32\drivers\sdbus.sys2013-06-01 11:54:10 125184 ----a-w- C:\windows\System32\drivers\dumpsd.sys2013-06-01 11:34:21 2391280 ----a-w- C:\windows\explorer.exe2013-06-01 11:29:35 337152 ----a-w- C:\windows\System32\drivers\USBXHCI.SYS2013-06-01 11:29:35 213248 ----a-w- C:\windows\System32\drivers\UCX01000.SYS2013-06-01 11:26:33 327936 ----a-w- C:\windows\System32\drivers\volsnap.sys2013-06-01 11:26:31 6987008 ----a-w- C:\windows\System32\ntoskrnl.exe2013-06-01 09:25:03 496640 ----a-w- C:\windows\SysWow64\qedit.dll2013-06-01 09:23:06 680960 ----a-w- C:\windows\System32\vds.exe2013-06-01 09:22:47 80896 ----a-w- C:\windows\System32\MbaeParserTask.exe2013-06-01 09:22:33 523264 ----a-w- C:\windows\System32\XpsGdiConverter.dll2013-06-01 09:22:33 446976 ----a-w- C:\windows\System32\wwansvc.dll2013-06-01 09:22:09 190976 ----a-w- C:\windows\System32\vdsutil.dll2013-06-01 09:21:39 729600 ----a-w- C:\windows\System32\samsrv.dll2013-06-01 09:21:39 106496 ----a-w- C:\windows\System32\samlib.dll2013-06-01 09:21:34 595968 ----a-w- C:\windows\System32\qedit.dll2013-06-01 09:20:45 583168 ----a-w- C:\windows\System32\mscms.dll2013-06-01 09:20:34 1527808 ----a-w- C:\windows\System32\mfcore.dll2013-06-01 09:20:34 1048576 ----a-w- C:\windows\System32\mfasfsrcsnk.dll2013-06-01 09:20:04 2219520 ----a-w- C:\windows\System32\dwmcore.dll2013-06-01 09:19:58 207872 ----a-w- C:\windows\System32\DeviceSetupManager.dll2013-06-01 09:19:42 785408 ----a-w- C:\windows\System32\audiosrv.dll2013-06-01 03:08:57 37632 ----a-w- C:\windows\System32\drivers\BthAvrcpTg.sys2013-05-30 23:14:23 4036096 ----a-w- C:\windows\System32\win32k.sys.============= FINISH: 15:43:58.12 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 8Boot Device: \Device\HarddiskVolume2Install Date: 12/22/2012 2:12:09 PMSystem Uptime: 8/23/2013 3:11:41 PM (0 hours ago).Motherboard: TOSHIBA | | Portable PCProcessor: Intel® Core i3-3110M CPU @ 2.40GHz | U3E1 | 1200/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 426 GiB total, 234.85 GiB free.D: is CDROM ()E: is Removable.==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP38: 7/30/2013 11:57:30 AM - Windows UpdateRP39: 8/11/2013 9:56:45 AM - Scheduled CheckpointRP40: 8/19/2013 11:55:45 AM - Windows Update.==== Installed Programs ======================.Adobe Flash Player 11 PluginAdobe Reader X (10.1.7)Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet DriverAudacity 2.0.2AVG 2013Bejeweled 3D3DX10EaseUS Data Recovery Wizard 6.1Facebook Video Calling 1.2.0.287FarmscapesFATEFFmpeg v0.6.2 for AudacityGoogle ChromeGoogle Update HelperIntel® Management Engine ComponentsIntel® Processor GraphicsIntel® Rapid Storage TechnologyIntel® SDK for OpenCL - CPU Only Runtime PackageIntel® Trusted Connect Service ClientLAME v3.99.3 (for Windows)Malwarebytes Anti-Malware versão 1.75.0.1300Microsoft Application Error ReportingMicrosoft OfficeMicrosoft Office Basic Edition 2003Microsoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Movie MakerMozilla Firefox 22.0 (x86 en-US)Mozilla Maintenance ServiceMSVCRTMSVCRT110MSVCRT110_amd64Norton Online BackupNorton Online Backup ARANorton PC CheckupNorton Security DashboardOpenOffice.org 3.4.1OpenOffice.org 3.4.1 Language Pack (French)OpenOffice.org 3.4.1 Language Pack (Portuguese (Brazil))OpenOffice.org 3.4.1 Language Pack (Spanish)OriginPacote de Compatibilidade para o sistema Office 2007Penguins!Photo CommonPhoto GalleryPlants vs. Zombies - Game of the YearPlayReady PC Runtime amd64Polar BowlerPuTTY version 0.62Realtek High Definition Audio DriverRealtek USB 2.0 Card ReaderRealtek WLAN DriverSkype Click to CallSkype™ 6.6Synaptics Pointing Device DriverThe Old Masters - Johannes Vermeer Screen SaverToshiba App PlaceTOSHIBA Application InstallerTOSHIBA Audio EnhancementToshiba Book PlaceTOSHIBA Desktop AssistTOSHIBA eco UtilityTOSHIBA Function KeyTOSHIBA Password UtilityTOSHIBA PC Health MonitorTOSHIBA Quality ApplicationTOSHIBA Recovery Media CreatorTOSHIBA Resolution+ Plug-in for Windows Media PlayerTOSHIBA Service StationTOSHIBA System DriverTOSHIBA System SettingsTOSHIBA User's GuideTOSHIBA VIDEO PLAYERTOSHIBARegistrationUpdate Installer for WildTangent Games AppUSB Drive Antivirus 3.01Virtual Villagers 4 - The Tree of LifeVisual Studio 2010 x64 RedistributablesVLC media player 2.0.6WildTangent GamesWildTangent Games App (Toshiba Games)Windows Live Communications PlatformWindows Live EssentialsWindows Live InstallerWindows Live Photo CommonWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWinSCP 5.1.2.==== Event Viewer Messages From Past Week ========.8/23/2013 3:11:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}8/23/2013 3:11:07 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the DHCP Client service which failed to start because of the following error: The dependency service or group failed to start.8/23/2013 3:11:07 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.8/23/2013 3:11:07 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "Unavailable" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}8/23/2013 3:11:06 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}8/23/2013 3:10:56 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "Unavailable" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}8/23/2013 3:10:42 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.8/23/2013 3:10:42 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.8/23/2013 3:10:42 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub System service which failed to start because of the following error: A device attached to the system is not functioning.8/23/2013 3:10:42 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.8/23/2013 3:10:42 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.8/23/2013 3:10:42 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI Proxy Service Driver service which failed to start because of the following error: A device attached to the system is not functioning.8/23/2013 3:10:42 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.8/23/2013 3:10:42 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.8/23/2013 3:10:42 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.8/23/2013 3:10:42 PM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.8/23/2013 3:09:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "Unavailable" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}8/23/2013 3:09:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "Unavailable" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}8/23/2013 3:08:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}8/23/2013 3:08:44 PM, Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The dependency service or group failed to start.8/23/2013 3:05:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {9E175B68-F52A-11D8-B9A5-505054503030}8/23/2013 2:58:12 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.8/23/2013 2:13:31 PM, Error: disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.8/23/2013 1:35:46 PM, Error: Service Control Manager [7023] - The Interactive Services Detection service terminated with the following error: Incorrect function.8/23/2013 1:01:31 PM, Error: disk [11] - The driver detected a controller error on \Device\Harddisk1\DR4.8/21/2013 12:05:46 PM, Error: Microsoft-Windows-BitLocker-Driver [24620] - Encrypted volume check: Volume information on E: cannot be read.8/20/2013 7:22:24 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007045B: Update for Windows 8 for x64-based Systems (KB2863058).8/20/2013 7:22:24 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007045B: Update for Windows 8 for x64-based Systems (KB2856373).8/20/2013 7:22:24 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007045B: Security Update for Windows 8 for x64-based Systems (KB2849470).8/20/2013 7:22:24 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007045B: Security Update for Microsoft .NET Framework 4.5 on Windows 8 and Windows Server 2012 for x64-based Systems (KB2840632).8/20/2013 7:22:16 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8007045B: Security Update for Windows 8 for x64-based Systems (KB2868623).8/20/2013 11:19:51 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user Douglass\Frederick SID (S-1-5-21-3496823482-2175649100-2451641561-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool..==== End Of File =========================== Thank you so much-- this will really help me to go back to teaching the kids! appreciatively, -Duff
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.