Jump to content

Trojans and system fix


Recommended Posts

Hello all !

I was looking for some help on a lap top....

Issues started with a Google redirect....

There is now a constant popup [Windows host process (RunDll32) is requesting your permission]

It runs 5-10 of the rundll32's and they could be shut off via task manager

However now the keyboard is locked up... mouse works fine... but no keystrokes...

I have logged in via the " on screen keyboard" and then typing with the mouse... but it disappears after I log in... I don't know where to find it then...

I have managed a few things with copy and paste from documents on my drives but that on screen keyboard is going to be a must if I am to type anything... either that Or I will be loading a document via a flash card to copy and paste things where necessary...

System fix appears in my program files -

Vista Internet Security 2012 - now appears as a popup

God bless you patient souls for dealing with us virus infected internet morons....

These are the two logs I have from the DDS download....

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.19154 BrowserJavaVersion: 1.6.0_20

Run by jeff at 23:02:42 on 2011-12-17

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2045.522 [GMT -6:00]

.

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

C:\Program Files\Novatel Wireless\Sprint\Sprint PCS Connection Manager\OSCMUtilityService.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

C:\WINDOWS\vsnp2uvc.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

C:\Windows\system32\consent.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\WINDOWS\System32\rundll32.exe

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\Real\RealPlayer\update\realsched.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://google.com/

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=laptop

mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=laptop

uURLSearchHooks: ToolbarURLSearchHook Class: {ca3eb689-8f09-4026-aa10-b9534c691ce0} - c:\program files\search toolbar\tbhelper.dll

uURLSearchHooks: H - No File

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: TBSB05974 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\search toolbar\tbcore3.dll

TB: Search Toolbar: {0c8413c1-fad1-446c-8584-be50576f863e} - c:\program files\search toolbar\tbcore3.dll

TB: {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No File

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [HPAdvisor] c:\program files\hewlett-packard\hp advisor\HPAdvisor.exe

uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

uRun: [Google Update] "c:\users\jeff\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup

uRun: [317861076] rundll32.exe "c:\users\jeff\appdata\local\temp\nsv4ae7.tmp\viewer.dll",DllRegisterServer

uRun: [image03] rundll32.exe "c:\users\jeff\appdata\local\temp\nsv4ae7.tmp\image03.jpo",DllRegisterServer

uRun: [HP Update] rundll32 "c:\users\jeff\appdata\local\arcsoft\arcsoftupdate\ArcSoftup.dll",DllRegisterServer

uRun: [Apprentice Update] rundll32 "c:\users\jeff\appdata\local\apple\appleupdate\Appleup.dll",DllRegisterServer

uRun: [PopCap Update] rundll32 "c:\users\jeff\appdata\local\hewlett-packard\hewlett-packardupdate\Hewlett-Packardup.dll",DllRegisterServer

uRun: [Novatel Update] rundll32 "c:\users\jeff\appdata\local\google\googleupdate\Googleup.dll",DllRegisterServer

uRun: [ArcSoft Update] rundll32 "c:\users\jeff\appdata\local\adobe\adobeupdate\Adobeup.dll",DllRegisterServer

uRun: [Netscape Update] rundll32 "c:\users\jeff\appdata\local\{b67e7646-80f2-4ee6-a8b8-b664cca999dc}\{b67e7646-80f2-4ee6-a8b8-b664cca999dc}update\{B67E7646-80F2-4EE6-A8B8-B664CCA999DC}up.dll",DllRegisterServer

uRun: [ Update] rundll32 "c:\users\jeff\appdata\local\conduit\conduitupdate\Conduitup.dll",DllRegisterServer

uRun: [sony Update] rundll32 "c:\users\jeff\appdata\local\mozilla\mozillaupdate\Mozillaup.dll",DllRegisterServer

uRun: [Apple Update] rundll32 "c:\users\jeff\appdata\local\microsoft games\microsoftupdate\Microsoftup.dll",DllRegisterServer

uRun: [MainConcept Update] rundll32 "c:\users\jeff\appdata\local\apple computer\appleupdate\Appleup.dll",DllRegisterServer

uRun: [DivXNetworks Update] rundll32 "c:\users\jeff\appdata\local\cfdggxfdm\cfdggxfdmupdate\cfdggxfdmup.dll",DllRegisterServer

uRun: [NVIDIA Update] rundll32 "c:\users\jeff\appdata\local\dfh\dfhupdate\DFHup.dll",DllRegisterServer

uRun: [intelOnlineOnline] rundll32.exe "c:\programdata\IntelOnlineOnline.dll",DllRegisterServer

uRunOnce: [shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" -"http://www.cherryred.co.uk/books/book_rd_thrash.php"

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"

mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe

mRun: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

mRun: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [snp2uvc] c:\windows\vsnp2uvc.exe

mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"

mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [<NO NAME>]

mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

StartupFolder: c:\users\jeff\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\users\jeff\appdata\roaming\micros~1\windows\startm~1\programs\startup\pictur~1.lnk - c:\program files\sony\sony picture utility\pmbcore\SPUVolumeWatcher.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpconn~1.lnk - c:\program files\hp connections\6811507\program\HP Connections.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: Free YouTube to MP3 Converter - c:\users\jeff\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1 68.238.64.12

TCP: Interfaces\{03582FE2-DC41-4D1D-AFF7-EEFCCF15FD71} : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{5B7CCDFA-E46F-4EC8-941B-9DA1C99B9B64} : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{952B7166-D507-4689-A4BE-C7E34FEC2DDA} : DhcpNameServer = 192.168.1.1 68.238.64.12

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\jeff\appdata\roaming\mozilla\firefox\profiles\2kxg0twz.default\

FF - prefs.js: browser.search.selectedEngine - Bing

FF - prefs.js: browser.startup.homepage - hxxp://bing.zugo.com/?cfg=2-76-0-1m88U

FF - prefs.js: keyword.URL - hxxp://bing.zugotoolbar.com/s/?iesrc=IE-Address&site=Bing&q=

FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll

FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll

FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll

FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll

FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll

FF - plugin: c:\users\jeff\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\real\realplayer\browserrecordplugin\firefox\Ext

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

FF - Ext: XUL Cache: {1a152662-a74a-4f4f-b3ea-1ea505e8e533} - %profile%\extensions\{1a152662-a74a-4f4f-b3ea-1ea505e8e533}

FF - Ext: XULRunner: {B67E7646-80F2-4EE6-A8B8-B664CCA999DC} - c:\users\jeff\appdata\local\{B67E7646-80F2-4EE6-A8B8-B664CCA999DC}

.

============= SERVICES / DRIVERS ===============

.

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-19 21504]

R3 swvspser;Sierra VSP using Ethernet;c:\windows\system32\drivers\swvspser.sys [2009-8-13 30080]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-19 135664]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-12-19 135664]

S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2006-11-7 92160]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-12-18 04:53:10 190976 ----a-w- c:\programdata\GooglePolicyPolicy.dll

2011-12-08 06:46:41 190976 ----a-w- c:\programdata\IntelOnlineOnline.dll

2011-12-08 05:06:40 -------- d-----w- c:\users\jeff\appdata\roaming\licenses

2011-12-08 05:06:39 -------- d-----w- c:\users\jeff\appdata\roaming\PCMM2009

2011-12-08 05:06:37 -------- d-----w- c:\users\jeff\appdata\roaming\PCMM2011

2011-12-08 05:06:17 -------- d-----w- c:\program files\PC MightyMax 2011

2011-12-08 05:05:15 -------- d-----w- c:\users\jeff\appdata\local\Deployment

2011-12-08 05:05:15 -------- d-----w- c:\users\jeff\appdata\local\Apps

2011-12-08 03:32:43 190976 ----a-w- c:\programdata\DirectxTrayVerifier.dll

2011-12-08 03:29:37 190976 ----a-w- c:\programdata\JavaServiceProfile.dll

2011-12-08 03:29:37 190976 ----a-w- c:\programdata\DisplayTrayOnline.dll

2011-12-06 07:08:14 6823496 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{bef180f8-7de5-4409-8ef3-df37ac232911}\mpengine.dll

2011-12-04 02:41:41 190976 ----a-w- c:\programdata\DisplayBackupService.dll

2011-12-04 02:01:22 190976 ----a-w- c:\programdata\MouseUpdateUpdate.dll

2011-12-02 23:46:34 190976 ----a-w- c:\programdata\JavaServiceManager.dll

2011-12-02 03:02:55 190976 ----a-w- c:\programdata\DirectxOnlineUpdate.dll

2011-12-01 06:46:54 190976 ----a-w- c:\programdata\MicrosoftTrayManager.dll

2011-11-30 05:05:26 190976 ----a-w- c:\programdata\WindowsServiceService.dll

2011-11-30 05:05:26 190976 ----a-w- c:\programdata\JavaManagerPolicy.dll

2011-11-29 00:40:10 190976 ----a-w- c:\programdata\DisplayManagerVerifier.dll

2011-11-28 04:54:38 190976 ----a-w- c:\programdata\DisplayServiceTray.dll

2011-11-25 17:54:21 190976 ----a-w- c:\programdata\AppleNotifierOnline.dll

2011-11-24 06:33:26 190976 ----a-w- c:\programdata\MicrosoftProfileUpdate.dll

2011-11-24 02:57:00 190976 ----a-w- c:\programdata\DisplayBackupVerifier.dll

2011-11-24 02:56:59 190976 ----a-w- c:\programdata\DisplayServiceService.dll

2011-11-24 02:44:53 190976 ----a-w- c:\programdata\KeyboardProfileManager.dll

2011-11-24 01:27:33 190976 ----a-w- c:\programdata\MicrosoftVerifierNotifier.dll

2011-11-23 04:52:14 190976 ----a-w- c:\programdata\IntelBackupManager.dll

2011-11-22 05:47:08 190976 ----a-w- c:\programdata\KeyboardServiceProfile.dll

2011-11-18 06:55:30 190976 ----a-w- c:\programdata\IntelVerifierPolicy.dll

.

==================== Find3M ====================

.

2011-11-13 02:49:05 190976 ----a-w- c:\programdata\MouseTrayNotifier.dll

2011-10-31 13:11:19 190976 ----a-w- c:\programdata\GoogleManagerOnline.dll

2011-10-30 15:39:13 190976 ----a-w- c:\programdata\DirectxNotifierNotifier.dll

2011-09-30 23:06:24 916480 ----a-w- c:\windows\system32\wininet.dll

2011-09-30 23:02:06 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-09-30 23:01:51 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-09-30 23:01:34 71680 ----a-w- c:\windows\system32\iesetup.dll

2011-09-30 23:01:34 109056 ----a-w- c:\windows\system32\iesysprep.dll

2011-09-30 22:07:25 385024 ----a-w- c:\windows\system32\html.iec

2011-09-30 21:29:54 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2011-09-30 21:28:36 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-09-20 21:02:55 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys

.

============= FINISH: 23:06:08.85 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 9/8/2008 2:50:14 AM

System Uptime: 12/17/2011 10:51:06 PM (1 hours ago)

.

Motherboard: Quanta | | 30BC

Processor: Intel® Core2 CPU T7200 @ 2.00GHz | U2E1 | 1667/667mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 142 GiB total, 22.054 GiB free.

D: is FIXED (NTFS) - 7 GiB total, 0.641 GiB free.

E: is CDROM ()

F: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Activation Assistant for the 2007 Microsoft Office suites

Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)

Adobe Flash Player 10 ActiveX

Adobe Flash Player Plugin

Adobe Reader 8.1.2

Adobe Reader 8.1.2 Security Update 1 (KB403742)

Adobe Shockwave Player 11.5

Any Video Converter 3.2.1

Apple Application Support

Apple Software Update

ArcSoft MediaImpression for Kodak

ASL_HS_Installer32

AutoUpdate

Conexant HD Audio

DivX

Google Chrome

Google Earth

Google SketchUp 7

Google Update Helper

Google Updater

Hewlett-Packard Active Check for Health Check

Hewlett-Packard Asset Agent for Health Check

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Active Support Library

HP Connections (remove only)

HP Customer Experience Enhancements

HP Easy Setup - Core

HP Easy Setup - Frontend

HP Help and Support

HP Pavilion Webcam Driver for Vista v061.001.00005

HP Quick Launch Buttons 6.10 B9

HP QuickPlay 3.0

HP Total Care Advisor

HP Update

HP User Guide 0048

HP Wireless Assistant

HPNetworkAssistant

Java Auto Updater

Java 6 Update 20

Java SE Runtime Environment 6

LightScribe 1.4.124.1

LiveUpdate 3.2 (Symantec Corporation)

LiveUpdate Notice (Symantec Corporation)

Malwarebytes' Anti-Malware version 1.51.2.1300

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Office Excel MUI (English) 2007

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Works

MixPad Audio Mixer

Mozilla Firefox (3.6.3)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

muvee autoProducer 5.0

My HP Games

NVIDIA Drivers

PhotoStage Slideshow Producer

Pixillion Image Converter

PlayItAll media player 1.0.5

QuickTime

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

RealUpgrade 1.1

Roxio Creator Audio

Roxio Creator Basic v9

Roxio Creator Copy

Roxio Creator Data

Roxio Creator EasyArchive

Roxio Creator Tools

Roxio Express Labeler 3

Roxio MyDVD Basic v9

Search Toolbar

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Sierra Wireless USB MUX Driver Package

Soft Data Fax Modem with SmartCP

Sonic Activation Module

Sony Picture Utility

Sprint Mobile Broadband (Novatel Wireless)

Synaptics Pointing Device Driver

Uninstall 1.0.0.1

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

VideoPad Video Editor

WavePad Sound Editor

Winamp

Winamp Detector Plug-in

.

==== Event Viewer Messages From Past Week ========

.

12/17/2011 9:35:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

12/17/2011 9:35:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

12/17/2011 9:35:18 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

12/17/2011 9:35:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

12/17/2011 9:35:08 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

12/17/2011 9:33:30 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: fwfdsd spldr Wanarpv6

12/17/2011 9:33:30 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

12/17/2011 9:32:02 PM, Error: EventLog [6008] - The previous system shutdown at 9:30:33 PM on 12/17/2011 was unexpected.

12/17/2011 9:29:43 PM, Error: EventLog [6008] - The previous system shutdown at 9:28:21 PM on 12/17/2011 was unexpected.

12/17/2011 9:27:45 PM, Error: EventLog [6008] - The previous system shutdown at 9:25:34 PM on 12/17/2011 was unexpected.

12/17/2011 10:55:04 PM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {320A1A88-7BAE-498E-A42A-BA0BB3D92CED}. The error: "2" Happened while starting this command: C:\PROGRA~1\HPCONN~1\6811507\Program\HPCONN~1.EXE -Embedding

12/17/2011 10:53:07 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: fwfdsd

12/17/2011 10:53:07 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

12/17/2011 10:53:07 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

12/17/2011 10:53:07 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

12/17/2011 10:53:07 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

12/17/2011 10:13:03 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.32 for the Network Card with network address 0019D2B8C900 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

.

==== End Of File ===========================

PS: Malwarebytes is on the drive.... It updates fine.... When you run ANY scan it cuts off after 3000-3400 files... says everything is fine no actions necessary... It does the same in safe mode...

Anyone... Bhueler ? Bhueler ? :unsure:

Link to post
Share on other sites

  • 1 month later...

Hello,

Would you advise if you have resolved your issues or if you have sought help elsewhere?

If not resolved and you are not already seeking help elsewhere, I'd like for you to rerun a new (fresh) DDS and Copy & Paste the DDS.txt into a new reply into this Topic.

Anyone other than original-poster who has similar issues, do not reply here. Start your own topic.

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.