Jump to content

MySickComputer

Honorary Members
 View Profile  See their activity

  • Posts

    25

  • Joined

  • Last visited

 Content Type 

Everything posted by MySickComputer

  1. MySickComputer
    It is not allowing any of these 921 quarantines to be restored. Assuming I am understanding what restore actually does, shouldn't they vanish from quarantine after being restored? Can I just leave all 921 dlls in quarantine if everything else is working fine? Is restore the same as "clear"?
  2. MySickComputer
    I did "Restore All" in regular mode but none of them were restored. I have done both of the fixes in that post. Running XP and have rebooted numerous times with no hiccups, just can't figure out this 921 files quarantined issue. I have not enabled MB protection. MB version says "Build Date 4/4/2013 11:50 am"
  3. MySickComputer
    I have 921 files in Quarintine, mostly system32 dlls. Is there anything MB can do to help know what is what?
  4. MySickComputer
    Do I need to restore all quarantined files or just some of them?
  5. MySickComputer
    Well it finished running after about 35 minutes and on the reboot everything is pretty much back to normal. Windows defender claimed it had 3 new dll Trojans which I quarantined. MB is back but not enabled. Is it safe to enable it now?
  6. MySickComputer
    I have Anti-Malware FP Fix Tool running right now, it has been going for about 5 minutes. How long should it take before it finishes?
  7. MySickComputer
    btw, I have XP and have restarted a multitude of times.I got into safe mode, and ran the dffsetup-mss32 but keep having the MSVBVM60.DLL error again when attempting to finish. Also having other dll errors pop up when trying to open hijackthis and firefox. System Restore is inoperable too.
  8. MySickComputer
    Thank you, I will give this a try.
  9. MySickComputer
    I think I've got a pretty bad zero access root kit or something like http://forums.malwarebytes.org/index.php?showtopic=20639 Turned on PC today and add the the MB alerts going crazy.... long story short I have just recently been able to gain access to the web again using dial-a-fix and others which has probably hosed my PC for good. I cannot access firefox browser or system restore. Please help or at least confirm I need to wipe the hard drive.
  10. MySickComputer
    all seems to be going well Kenny94, really appreciate all the help. have one other question. do you recommend any particular external hard drive backup system? i see a bunch of "Clickfree" brands on ebay. i would like to purchase one but have no clue which ones are the best. definitely want one that will do its job if i ever have to flattened (format) my hard drive.
  11. MySickComputer
    i tried windowsupdate.
  12. MySickComputer
    Okay Kenny94, everything is looking good here i think... ran the OTC.exe and that seems to have removed combofix successfully. I went ahead and placed most of the other logs/tools in their own folder for reference sake. Been using several of your suggested tools and have a few questions: Is Defraggler (i've used it for years) an adequate defrag or are the 2 you mentioned better? The secunia scan found about 8 things needing updates, the most striking was IE 8 with about 100 hyperlinks... i rarely use IE so is this of any concern? windowsupdate.com looks like it only works with IE, is there a way to get ms update status in firefox?
  13. MySickComputer
    ran ATF, looks like it does about the same thing as CCleaner yes? i run CCleaner at least once a week. good to know about registry cleaners... just ran the uninstall combofix (looked very similar to the install process) and have attached the log. i'm going to install the NoScript and WOT (Web Of Trust) since firefox is and has been my default brower for over 5 years. assuming everything here is done/fixed i just have one more question: how likely is identity / banking info theft from this severe intrusion by TDL3 ? combofix UNinstall log 051511.txt
  14. MySickComputer
    well, i just tried opening it again and now it appears to be working perfectly.
  15. MySickComputer
    good to hear java is okay. pc was doing pretty well up until i noticed a double instance of "dllhost.exe" in task manager last night. i tried deleting it several different ways but it always came back. i ran a full scan using avira (attached). logged on this morning and have not seen the dllhost.exe in task manager but firefox browser is not opening correctly (i'm using chrome right now). when firefox finally opens (after a few minutes) i get about 15 "plugin-container.exe" and 4 "ArcoRd32.exe" in task mgr any ideas? AVSCAN-2011 0514.txt
  16. MySickComputer
    "Instead of attaching, please copy/past both logs into your Thread" DDS (Ver_11-03-05.01) - NTFSx86 Run by Paul Russell at 21:10:31.56 on Sat 05/14/2011 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_25 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.233 [GMT -7:00] . AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} FW: McAfee Personal Firewall Plus *Disabled* . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe svchost.exe C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe svchost.exe C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Toshiba\Tvs\TvsTray.exe C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\Paul Russell\Desktop\dds.scr C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe . ============== Pseudo HJT Report =============== . mSearch Bar = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar3.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File uRun: [TOSCDSPD] "c:\program files\toshiba\toscdspd\toscdspd.exe" uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [Tvs] "c:\program files\toshiba\tvs\TvsTray.exe" mRun: [TPSMain] TPSMain.exe mRun: [THotkey] "c:\program files\toshiba\toshiba applet\thotkey.exe" mRun: [synTPLpr] "c:\program files\synaptics\syntp\SynTPLpr.exe" mRun: [synTPEnh] "c:\program files\synaptics\syntp\SynTPEnh.exe" mRun: [smoothView] "c:\program files\toshiba\toshiba zooming utility\SmoothView.exe" mRun: [Notebook Maximizer] c:\program files\notebook maximizer\maximizer_startup.exe mRun: [NDSTray.exe] NDSTray.exe mRun: [TFncKy] TFncKy.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [CFSServ.exe] CFSServ.exe -NoClient mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" Trusted Zone: microsoft.com\www.update DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab Notify: IntelWireless - c:\program files\intel\wireless\bin\LgNotify.dll SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\docume~1\paulru~1\applic~1\mozilla\firefox\profiles\taikida1.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npRACtrl.dll FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll FF - plugin: c:\program files\opera\program\plugins\nppdf32.dll FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll FF - plugin: c:\program files\windows media player\npatgpc.dll . ---- FIREFOX POLICIES ---- FF - user.js: browser.cache.memory.capacity - 16000 FF - user.js: browser.chrome.favicons - false FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.turbo.enabled - true FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.urlbar.autofill - true FF - user.js: content.max.tokenizing.time - 3000000 FF - user.js: content.maxtextrun - 4095 FF - user.js: content.notify.backoffcount - 5 FF - user.js: content.notify.interval - 1000000 FF - user.js: content.notify.ontimer - true FF - user.js: content.switch.threshold - 1000000 FF - user.js: dom.disable_window_status_change - true FF - user.js: network.http.max-connections - 48 FF - user.js: network.http.max-connections-per-server - 16 FF - user.js: network.http.max-persistent-connections-per-proxy - 16 FF - user.js: network.http.max-persistent-connections-per-server - 8 FF - user.js: network.http.pipelining - true FF - user.js: network.http.pipelining.firstrequest - true FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.proxy.pipelining - true FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: nglayout.initialpaint.delay - 1000 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 FF - user.js: yahoo.homepage.dontask - true . ============= SERVICES / DRIVERS =============== . R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2011-5-14 11608] R1 MPFIREWL;MPFIREWL;c:\windows\system32\drivers\MpFirewall.sys [2006-1-4 80640] R1 SuperMounter;SuperMounter;c:\windows\system32\drivers\supermounter.sys [2009-3-14 11264] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-5-14 136360] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-5-14 269480] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-5-14 61960] R2 litsgt;litsgt;c:\windows\system32\drivers\litsgt.sys [2006-1-11 137344] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-3-31 363344] R2 tansgt;tansgt;c:\windows\system32\drivers\tansgt.sys [2006-1-11 12032] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-3-31 20952] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-1 135664] S3 DCamUSBVeo532;Veo Web Camera;c:\windows\system32\drivers\ubVeo532.sys [2006-1-25 95232] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-12-1 135664] S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2005-7-28 14336] S4 McDetect.exe;McAfee WSC Integration;c:\program files\mcafee.com\agent\Mcdetect.exe [2006-1-5 126976] S4 McTskshd.exe;McAfee Task Scheduler;c:\progra~1\mcafee.com\agent\mctskshd.exe [2006-1-5 122368] S4 mcupdmgr.exe;McAfee SecurityCenter Update Manager;c:\progra~1\mcafee.com\agent\mcupdmgr.exe [2005-7-28 245760] . =============== Created Last 30 ================ . 2011-05-15 02:41:20 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-05-15 02:04:58 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-05-15 02:04:57 -------- d-----w- c:\program files\Avira 2011-05-15 02:04:57 -------- d-----w- c:\docume~1\alluse~1\applic~1\Avira 2011-05-15 00:38:13 -------- d-sha-r- C:\cmdcons 2011-05-15 00:31:05 -------- d-----w- c:\windows\system32\CatRoot2 2011-05-15 00:24:31 -------- d--h--w- c:\program files\WindowsUpdate 2011-05-14 22:29:47 98816 ----a-w- c:\windows\sed.exe 2011-05-14 22:29:47 89088 ----a-w- c:\windows\MBR.exe 2011-05-14 22:29:47 256512 ----a-w- c:\windows\PEV.exe 2011-05-14 22:29:47 161792 ----a-w- c:\windows\SWREG.exe 2011-05-14 18:02:18 0 ---ha-w- c:\docume~1\paulru~1\locals~1\applic~1\BIT4.tmp 2011-05-14 18:02:16 0 ---ha-w- c:\docume~1\paulru~1\locals~1\applic~1\BIT3.tmp 2011-05-13 16:54:40 7071056 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\windows defender\definition updates\{cbbd5efe-e8d6-47af-b163-26e699dc2cbb}\mpengine.dll 2011-05-13 16:52:57 -------- d-----w- c:\windows\system32\wbem\repository\FS 2011-05-13 16:52:57 -------- d-----w- c:\windows\system32\wbem\Repository 2011-05-13 05:25:08 0 ---ha-w- c:\docume~1\paulru~1\locals~1\applic~1\BITA.tmp 2011-05-13 05:25:08 0 ---ha-w- c:\docume~1\paulru~1\locals~1\applic~1\BIT7.tmp 2011-05-13 04:30:52 0 ---ha-w- c:\docume~1\paulru~1\locals~1\applic~1\BIT9.tmp 2011-05-13 04:30:51 0 ---ha-w- c:\docume~1\paulru~1\locals~1\applic~1\BIT8.tmp 2011-05-13 04:23:57 0 ----a-w- c:\windows\Xvitalegetek.bin 2011-05-10 22:24:02 -------- d-----w- c:\windows\system32\NtmsData 2011-05-08 17:18:44 -------- d-----w- c:\windows\ie8updates 2011-05-08 17:10:32 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll 2011-05-08 17:10:32 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll 2011-05-08 17:10:31 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2011-05-08 17:10:31 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2011-05-08 17:10:27 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2011-05-08 17:10:25 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll 2011-05-08 17:09:58 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll 2011-05-06 03:30:04 -------- d-----w- c:\program files\ATF 2011-05-04 03:56:18 -------- d-sh--w- c:\documents and settings\paul russell\PrivacIE 2011-05-04 03:53:58 -------- d-sh--w- c:\documents and settings\paul russell\IETldCache 2011-05-04 03:51:09 -------- d--h--w- c:\windows\msdownld.tmp 2011-05-04 03:49:10 -------- dc-h--w- c:\windows\ie8 2011-05-01 06:34:08 388096 ----a-r- c:\docume~1\paulru~1\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe 2011-04-26 01:02:36 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll 2011-04-26 01:02:36 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll 2011-04-26 01:02:35 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll 2011-04-26 01:02:35 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll 2011-04-26 01:02:35 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll 2011-04-26 01:02:34 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll 2011-04-26 01:02:34 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2011-04-26 01:02:33 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll . ==================== Find3M ==================== . 2011-05-15 02:41:03 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-03-16 20:28:20 16704 ----a-w- c:\windows\system32\roboot.exe 2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-03-04 06:37:06 420864 ----a-w- c:\windows\system32\vbscript.dll 2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys 2011-02-22 23:06:29 916480 ----a-w- c:\windows\system32\wininet.dll 2011-02-22 23:06:29 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-02-22 23:06:29 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-02-22 11:41:59 385024 ----a-w- c:\windows\system32\html.iec 2011-02-17 12:32:12 5120 ----a-w- c:\windows\system32\xpsp4res.dll 2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll . ============= FINISH: 21:12:10.31 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_11-03-05.01) . Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume1 Install Date: 1/4/2006 5:30:28 PM System Uptime: 5/14/2011 7:35:40 PM (2 hours ago) . Motherboard: TOSHIBA | | Portable PC Processor: Intel® Pentium® M processor 2.00GHz | mFCPGA | 1994/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 93 GiB total, 59.813 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: 1394 Net Adapter Device ID: V1394\NIC1394\785027D180DA0 Manufacturer: Microsoft Name: 1394 Net Adapter #2 PNP Device ID: V1394\NIC1394\785027D180DA0 Service: NIC1394 . ==== System Restore Points =================== . RP1584: 2/14/2011 6:25:26 PM - System Checkpoint RP1585: 2/15/2011 5:19:23 PM - Software Distribution Service 3.0 RP1586: 2/16/2011 7:28:21 PM - System Checkpoint RP1587: 2/17/2011 7:53:05 PM - System Checkpoint RP1588: 2/18/2011 4:29:12 PM - Software Distribution Service 3.0 RP1589: 2/19/2011 5:19:33 PM - System Checkpoint RP1590: 2/20/2011 7:42:00 PM - System Checkpoint RP1591: 2/22/2011 1:51:48 PM - Software Distribution Service 3.0 RP1592: 2/23/2011 4:04:18 PM - System Checkpoint RP1593: 2/23/2011 6:43:05 PM - Software Distribution Service 3.0 RP1594: 2/24/2011 7:22:40 PM - System Checkpoint RP1595: 2/25/2011 3:05:50 PM - Software Distribution Service 3.0 RP1596: 2/26/2011 3:36:38 PM - System Checkpoint RP1597: 2/27/2011 4:59:34 PM - System Checkpoint RP1598: 2/28/2011 5:53:19 PM - System Checkpoint RP1599: 3/1/2011 5:22:51 PM - Software Distribution Service 3.0 RP1600: 3/2/2011 5:45:28 PM - System Checkpoint RP1601: 3/3/2011 6:02:47 PM - System Checkpoint RP1602: 3/4/2011 9:50:32 AM - Software Distribution Service 3.0 RP1603: 3/5/2011 10:46:15 AM - System Checkpoint RP1604: 3/6/2011 12:26:00 PM - System Checkpoint RP1605: 3/7/2011 4:10:50 PM - System Checkpoint RP1606: 3/7/2011 8:55:09 PM - Unsigned driver install RP1607: 3/8/2011 4:58:20 PM - Software Distribution Service 3.0 RP1608: 3/8/2011 5:01:27 PM - Software Distribution Service 3.0 RP1609: 3/9/2011 6:59:07 PM - System Checkpoint RP1610: 3/10/2011 4:52:49 PM - Software Distribution Service 3.0 RP1611: 3/11/2011 4:22:56 PM - Software Distribution Service 3.0 RP1612: 3/12/2011 4:33:15 PM - System Checkpoint RP1613: 3/13/2011 6:09:13 PM - System Checkpoint RP1614: 3/14/2011 6:28:05 PM - System Checkpoint RP1615: 3/15/2011 5:59:56 PM - Software Distribution Service 3.0 RP1616: 3/16/2011 8:13:28 PM - System Checkpoint RP1617: 3/18/2011 12:28:13 PM - Software Distribution Service 3.0 RP1618: 3/19/2011 3:50:40 PM - System Checkpoint RP1619: 3/19/2011 7:02:04 PM - Installed Adobe Reader X (10.0.1). RP1620: 3/21/2011 7:04:46 AM - System Checkpoint RP1621: 3/22/2011 4:33:24 PM - Software Distribution Service 3.0 RP1622: 3/23/2011 3:13:51 PM - Software Distribution Service 3.0 RP1623: 3/24/2011 4:04:32 PM - System Checkpoint RP1624: 3/25/2011 10:22:06 AM - Software Distribution Service 3.0 RP1625: 3/26/2011 9:43:11 PM - System Checkpoint RP1626: 3/28/2011 4:56:02 PM - System Checkpoint RP1627: 3/29/2011 5:17:44 PM - Software Distribution Service 3.0 RP1628: 3/30/2011 5:43:25 PM - System Checkpoint RP1629: 4/1/2011 4:16:57 PM - Software Distribution Service 3.0 RP1630: 4/2/2011 10:20:18 PM - System Checkpoint RP1631: 4/4/2011 5:07:05 PM - System Checkpoint RP1632: 4/5/2011 6:38:37 PM - Software Distribution Service 3.0 RP1633: 4/7/2011 4:28:52 PM - System Checkpoint RP1634: 4/8/2011 5:42:55 PM - Software Distribution Service 3.0 RP1635: 4/9/2011 9:10:28 PM - System Checkpoint RP1636: 4/10/2011 9:48:38 PM - System Checkpoint RP1637: 4/12/2011 4:45:19 PM - System Checkpoint RP1638: 4/12/2011 9:01:43 PM - Software Distribution Service 3.0 RP1639: 4/12/2011 9:42:44 PM - Software Distribution Service 3.0 RP1640: 4/14/2011 4:19:24 PM - System Checkpoint RP1641: 4/14/2011 10:21:27 PM - Software Distribution Service 3.0 RP1642: 4/15/2011 8:56:02 PM - Software Distribution Service 3.0 RP1643: 4/16/2011 7:54:04 PM - Software Distribution Service 3.0 RP1644: 4/17/2011 8:39:49 PM - System Checkpoint RP1645: 4/19/2011 10:21:03 AM - Software Distribution Service 3.0 RP1646: 4/20/2011 7:59:58 PM - System Checkpoint RP1647: 4/21/2011 8:46:35 PM - System Checkpoint RP1648: 4/22/2011 10:48:45 AM - Software Distribution Service 3.0 RP1649: 4/23/2011 12:32:49 PM - System Checkpoint RP1650: 4/24/2011 12:58:14 PM - System Checkpoint RP1651: 4/25/2011 2:58:31 PM - System Checkpoint RP1652: 4/26/2011 6:00:06 PM - System Checkpoint RP1653: 4/27/2011 6:15:58 PM - Software Distribution Service 3.0 RP1654: 4/27/2011 6:17:44 PM - Software Distribution Service 3.0 RP1655: 4/29/2011 9:01:04 AM - System Checkpoint RP1656: 4/29/2011 11:18:16 AM - Software Distribution Service 3.0 RP1657: 4/30/2011 2:19:54 PM - System Checkpoint RP1658: 5/1/2011 7:18:15 PM - System Checkpoint RP1659: 5/3/2011 6:00:44 PM - System Checkpoint RP1660: 5/3/2011 8:50:23 PM - Installed Windows Internet Explorer 8. RP1661: 5/4/2011 8:53:29 PM - System Checkpoint RP1662: 5/5/2011 8:59:42 PM - System Checkpoint RP1663: 5/7/2011 6:39:49 AM - System Checkpoint RP1664: 5/8/2011 9:17:04 AM - Removed KML Editor RP1665: 5/8/2011 9:18:26 AM - Removed Imgur Uploader RP1666: 5/8/2011 9:28:35 AM - Installed Microsoft Fix it 50267 RP1667: 5/8/2011 10:09:48 AM - Software Distribution Service 3.0 RP1668: 5/8/2011 10:16:55 AM - Software Distribution Service 3.0 RP1669: 5/9/2011 5:05:37 PM - System Checkpoint RP1670: 5/10/2011 11:18:13 AM - Software Distribution Service 3.0 RP1671: 5/11/2011 2:45:17 PM - Avg8 Update RP1672: 5/11/2011 2:50:16 PM - Software Distribution Service 3.0 RP1673: 5/13/2011 9:51:18 AM - Restore Operation RP1674: 5/14/2011 11:30:08 AM - System Checkpoint RP1675: 5/14/2011 11:57:07 AM - Removed AVG Free 8.5 RP1676: 5/14/2011 12:02:15 PM - Removed AVG Free 8.5 RP1677: 5/14/2011 12:04:47 PM - Removed AVG Free 8.5 RP1678: 5/14/2011 12:14:35 PM - Removed AVG Free 8.5 RP1679: 5/14/2011 12:16:13 PM - Removed AVG Free 8.5 RP1680: 5/14/2011 7:04:57 PM - Avira AntiVir Personal - 5/14/2011 19:04 RP1681: 5/14/2011 7:29:02 PM - Removed J2SE Runtime Environment 5.0 Update 2 RP1682: 5/14/2011 7:32:58 PM - Removed Java 6 Update 20 RP1683: 5/14/2011 7:40:41 PM - Installed Java 6 Update 25 RP1684: 5/14/2011 7:41:58 PM - Software Distribution Service 3.0 . ==== Installed Programs ====================== . Adobe Acrobat 5.0 Adobe AIR Adobe Download Manager Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader X (10.0.1) Advanced SystemCare 3 AirSnare America Online (Choose which version to remove) Apple Application Support Apple Software Update ArcExplorer Java Edition AT&T Connection Services Manager Avira AntiVir Personal - Free Antivirus AVS Audio Editor version 4.2 AVS Update Manager 1.0 AVS4YOU Software Navigator 1.3 Bluetooth Stack for Windows by Toshiba CAD2Shape 4.0 Camera Window Canon Camera Window for ZoomBrowser EX Canon PhotoRecord Canon Utilities Easy-PhotoPrint Canon Utilities PhotoStitch 3.1 Canon Utilities ZoomBrowser EX CCleaner CD/DVD Drive Acoustic Silencer Defraggler DVD-RAM Driver dwgConvert 4.0 Easy-WebPrint EasyCleaner ESET Online Scanner v3 Ethereal 0.99.0 Eusing Free Registry Cleaner filehippo.com Update Checker Free PS Convert driver 8.15 Google Chrome Google Earth Google Update Helper Grand Theft Auto Vice City GTA San Andreas HiJackThis HijackThis 1.99.1 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) Intel® Graphics Media Accelerator Driver Intel® PROSet/Wireless Software InterVideo WinDVD Creator 2 InterVideo WinDVD for TOSHIBA IrfanView (remove only) Java Auto Updater Java 6 Update 25 Leisure Suit Larry - Magna Cum Laude Logitech Desktop Messenger Logitech SetPoint Malwarebytes' Anti-Malware Mapping Your Travels and Relocation MapWindow GIS McAfee Personal Firewall Plus McAfee SecurityCenter mCore mDrWiFi mHelp Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2416447) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Office OneNote 2003 Microsoft Office Standard Edition 2003 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 Microsoft Works mIWA mIWCA mLogView mMHouse Mozilla Firefox (3.6.3) mPfMgr mPfWiz mProSafe MSN MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6.0 Parser (KB933579) mWlsSafe mXML MyConnect Special Offer mZConfig Notebook Maximizer NSIS KSDownloader OCAD 10 Viewer Viewer Opera 9.51 PhotoStitch Pure Networks Port Magic Python 2.1 Python 2.1 combined Win32 extensions Quantum GIS Copiapo 1.6.0 Quicken 2005 QuickTime SD Secure Module Security Task Manager 1.7d Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Security Update for Windows Internet Explorer 8 (KB2497640) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 10 (KB911565) Security Update for Windows Media Player 10 (KB917734) Security Update for Windows Media Player 10 (KB936782) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2183461) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360131) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2416400) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2482017) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2491683) Security Update for Windows XP (KB2497640) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2510581) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950759) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953838) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956390) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958215) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960714) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB963027) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969897) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972260) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974455) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB976325) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981349) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982381) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) SMSC IrCC V5.1.3600.5 SP2 Sonic DLA Sonic RecordNow! Sony Picture Utility Sony USB Driver SoundMAX Super Utilities Pro 9.41 Synaptics Pointing Device Driver System Requirements Lab Texas Instruments PCIxx21/x515 drivers. TextPad 5 Tiles2kml Pro TIxx21/x515 TOSHIBA Assist TOSHIBA ConfigFree TOSHIBA Controls TOSHIBA Hotkey Utility TOSHIBA PC Diagnostic Tool TOSHIBA Power Saver Toshiba Q4 Retail Demo ScreenSaver Toshiba Registration TOSHIBA SD Memory Card Format TOSHIBA Software Modem TOSHIBA Software Upgrades TOSHIBA Speech System Applications TOSHIBA Speech System SR Engine(U.S.) Version1.0 TOSHIBA Speech System TTS Engine(U.S.) Version1.0 Toshiba Tbiosdrv Driver TOSHIBA TouchPad ON/Off Utility TOSHIBA Utilities TOSHIBA Virtual Sound TOSHIBA Zooming Utility Touch and Launch Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Update for Windows XP (KB976749) Update for Windows XP (KB978207) Update for Windows XP (KB980182) Veo Connect Veo Digital Studio Viewpoint Media Player WebFldrs XP Windows Defender Windows Defender Signatures Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Imaging Component Windows Internet Explorer 8 Windows Media Format 11 runtime Windows Media Player 10 Windows XP Service Pack 3 WinRAR archiver Wisdom-soft Set up ASR 3.1 Free World Health Chart 2001, Public Beta 0.1 XML Paper Specification Shared Components Pack 1.0 . ==== Event Viewer Messages From Past Week ======== . 5/8/2011 9:18:38 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found. 5/8/2011 8:59:59 AM, error: Schedule [7901] - The At34.job command failed to start due to the following error: %%2147942402 5/8/2011 8:59:59 AM, error: Schedule [7901] - The At10.job command failed to start due to the following error: %%2147942402 5/8/2011 3:00:00 AM, error: Schedule [7901] - The At4.job command failed to start due to the following error: %%2147942402 5/8/2011 3:00:00 AM, error: Schedule [7901] - The At28.job command failed to start due to the following error: %%2147942402 5/8/2011 2:00:00 AM, error: Schedule [7901] - The At3.job command failed to start due to the following error: %%2147942402 5/8/2011 2:00:00 AM, error: Schedule [7901] - The At27.job command failed to start due to the following error: %%2147942402 5/8/2011 12:58:59 AM, error: Schedule [7901] - The At1.job command failed to start due to the following error: %%2147942402 5/8/2011 12:18:00 AM, error: Schedule [7901] - The At25.job command failed to start due to the following error: %%2147942402 5/8/2011 11:00:00 PM, error: Schedule [7901] - The At48.job command failed to start due to the following error: %%2147942402 5/8/2011 11:00:00 PM, error: Schedule [7901] - The At24.job command failed to start due to the following error: %%2147942402 5/8/2011 10:00:00 PM, error: Schedule [7901] - The At47.job command failed to start due to the following error: %%2147942402 5/8/2011 10:00:00 PM, error: Schedule [7901] - The At23.job command failed to start due to the following error: %%2147942402 5/8/2011 1:45:01 AM, error: Service Control Manager [7031] - The Windows Defender service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service. 5/8/2011 1:34:57 AM, error: Service Control Manager [7031] - The Windows Defender service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service. 5/8/2011 1:00:00 AM, error: Schedule [7901] - The At26.job command failed to start due to the following error: %%2147942402 5/8/2011 1:00:00 AM, error: Schedule [7901] - The At2.job command failed to start due to the following error: %%2147942402 5/7/2011 8:00:00 AM, error: Schedule [7901] - The At9.job command failed to start due to the following error: %%2147942402 5/7/2011 8:00:00 AM, error: Schedule [7901] - The At33.job command failed to start due to the following error: %%2147942402 5/7/2011 7:00:00 AM, error: Schedule [7901] - The At8.job command failed to start due to the following error: %%2147942402 5/7/2011 7:00:00 AM, error: Schedule [7901] - The At32.job command failed to start due to the following error: %%2147942402 5/14/2011 5:43:32 PM, error: PlugPlayManager [11] - The device Root\LEGACY_BFASTFAO\0000 disappeared from the system without first being prepared for removal. 5/14/2011 5:39:21 PM, error: Service Control Manager [7034] - The TOSHIBA Application Service service terminated unexpectedly. It has done this 1 time(s). 5/14/2011 5:39:21 PM, error: Service Control Manager [7034] - The Spectrum24 Event Monitor service terminated unexpectedly. It has done this 1 time(s). 5/14/2011 5:39:21 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s). 5/14/2011 5:39:20 PM, error: Service Control Manager [7034] - The Windows Installer service terminated unexpectedly. It has done this 1 time(s). 5/14/2011 5:39:20 PM, error: Service Control Manager [7034] - The SoundMAX Agent Service service terminated unexpectedly. It has done this 1 time(s). 5/14/2011 5:39:20 PM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). 5/14/2011 5:39:20 PM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s). 5/14/2011 5:39:20 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s). 5/14/2011 5:39:20 PM, error: Service Control Manager [7034] - The EvtEng service terminated unexpectedly. It has done this 1 time(s). 5/14/2011 3:37:09 PM, error: PlugPlayManager [11] - The device Root\LEGACY_NPF\0000 disappeared from the system without first being prepared for removal. 5/14/2011 3:37:09 PM, error: PlugPlayManager [11] - The device Root\LEGACY_AFPANSI\0000 disappeared from the system without first being prepared for removal. 5/14/2011 3:23:30 PM, error: Service Control Manager [7034] - The AVG Free8 WatchDog service terminated unexpectedly. It has done this 2 time(s). 5/14/2011 3:23:30 PM, error: Service Control Manager [7031] - The AVG Free8 WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. 5/13/2011 9:54:40 AM, error: WinDefend [2004] - Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x8050a001 Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support. Signatures loading: Backup Loading signature version: 1.103.1139.0 Loading engine version: 1.1.6802.0 5/13/2011 7:30:01 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AvgLdx86 AvgMfx86 Fips intelppm SuperMounter Tosrfcom 5/12/2011 9:59:56 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E} 5/12/2011 9:43:50 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 5/12/2011 10:24:59 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. 5/12/2011 10:24:46 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: IntelIde KR10N 5/11/2011 9:00:00 PM, error: Schedule [7901] - The At46.job command failed to start due to the following error: %%2147942402 5/11/2011 9:00:00 PM, error: Schedule [7901] - The At22.job command failed to start due to the following error: %%2147942402 5/11/2011 8:00:00 PM, error: Schedule [7901] - The At45.job command failed to start due to the following error: %%2147942402 5/11/2011 8:00:00 PM, error: Schedule [7901] - The At21.job command failed to start due to the following error: %%2147942402 5/11/2011 7:00:00 PM, error: Schedule [7901] - The At44.job command failed to start due to the following error: %%2147942402 5/11/2011 7:00:00 PM, error: Schedule [7901] - The At20.job command failed to start due to the following error: %%2147942402 5/11/2011 6:00:00 PM, error: Schedule [7901] - The At43.job command failed to start due to the following error: %%2147942402 5/11/2011 6:00:00 PM, error: Schedule [7901] - The At19.job command failed to start due to the following error: %%2147942402 5/11/2011 5:00:00 PM, error: Schedule [7901] - The At42.job command failed to start due to the following error: %%2147942402 5/11/2011 5:00:00 PM, error: Schedule [7901] - The At18.job command failed to start due to the following error: %%2147942402 5/11/2011 4:00:00 PM, error: Schedule [7901] - The At41.job command failed to start due to the following error: %%2147942402 5/11/2011 4:00:00 PM, error: Schedule [7901] - The At17.job command failed to start due to the following error: %%2147942402 5/11/2011 3:00:00 PM, error: Schedule [7901] - The At40.job command failed to start due to the following error: %%2147942402 5/11/2011 3:00:00 PM, error: Schedule [7901] - The At16.job command failed to start due to the following error: %%2147942402 5/10/2011 2:00:00 PM, error: Schedule [7901] - The At39.job command failed to start due to the following error: %%2147942402 5/10/2011 2:00:00 PM, error: Schedule [7901] - The At15.job command failed to start due to the following error: %%2147942402 5/10/2011 12:00:00 PM, error: Schedule [7901] - The At37.job command failed to start due to the following error: %%2147942402 5/10/2011 12:00:00 PM, error: Schedule [7901] - The At13.job command failed to start due to the following error: %%2147942402 5/10/2011 11:00:00 AM, error: Schedule [7901] - The At36.job command failed to start due to the following error: %%2147942402 5/10/2011 11:00:00 AM, error: Schedule [7901] - The At12.job command failed to start due to the following error: %%2147942402 5/10/2011 10:00:00 AM, error: Schedule [7901] - The At35.job command failed to start due to the following error: %%2147942402 5/10/2011 10:00:00 AM, error: Schedule [7901] - The At11.job command failed to start due to the following error: %%2147942402 5/10/2011 1:00:00 PM, error: Schedule [7901] - The At38.job command failed to start due to the following error: %%2147942402 5/10/2011 1:00:00 PM, error: Schedule [7901] - The At14.job command failed to start due to the following error: %%2147942402 . ==== End Of File ===========================
  17. MySickComputer
    hey Kenny94, got the Java update done but it didn't match your "Java Version: 1.6.0_25" designation. Please see attached screen shot of java update. There was an ms update prompt i went ahead and installed after installing the latest java, also attached a screen shot of that somewhat suspicious looking process... idk, maybe i'm just paranoid.
  18. MySickComputer
    OOPS! might help if i read everything in your posts "Click on the link to download Windows Offline Installation and save the file to your desktop" let me proceed here and try it again.
  19. MySickComputer
    yes, AVG has never been very impressive, i download Avira and attached the scan results. Question on the Java updates, please see attached screenshot of all the download options, which one am i supposed to download? Thanks for bearing with my ignorance on this and other things btw. AVSCAN-20110514-190730-291BB55B.LOG
  20. MySickComputer
    combofix log 051411 ii log is attached for review. combofix log 051411 ii.txt
  21. MySickComputer
    AppRemover worked. combofix log is attached. i was disconnected from internet while running it, prompted me to connect to download the ms recovery thing but didn't grab it after i was connected. Should i run it again with the internet connected? combofix log 051411.txt
  22. MySickComputer
    unable to run ComboFix due to AVG not being properly disabled... i followed the instructions given in that bleepingcomputer link, and then followed the combofix prompt to uninstall AVG which gave errors when attempted, please see attached screen shot
  23. MySickComputer
    aswMBR 051411 ii log is attached. when i hit FIX it got locked up at "verifying disinfection" and required shut down by killing the power supply. started back up just fine, ran aswMBR.exe again, hit scan, saved log. aswMBR 051411 ii.txt
  24. MySickComputer
    Thanks Kenny94! aswMBR 051411.txt log is attached for review. aswMBR 051411.txt
  25. MySickComputer
    Please help. I've been trying to remove infection(s) without success. i have attached the logs from DDS saying "possible TDL3 rootkit infection". i just bought the paid version of MB yesterday and last night kept getting repeated attacks from about 10 different ip addresses (attached also). 2 days ago went round & round with a disabled desktop and task manager, went into safe mode repeatedly using fixer.exe, ESET, MB, numerous Hijackthis kills, and ended up doing a system restore which got it back to something resembling normal. ESET online scanner and MB have found and quarantined a few dozen things but this is still obviously not fixed yet. Any help would be greatly appreciated. attack ip addresses051311.txt Attach 051411.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.