Jump to content

Odd Icons turn up on desktop


Recommended Posts

Posted 12 July 2011 - 11:39 AM ?

Also as an edit , I now have Icons that change places on the desktop, and one of my other forum accounts seem to be hacked -

Contents of the Odd Icons on desktop

First Icon

[.ShellClassInfo]

LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21769

IconResource=%SystemRoot%\system32\imageres.dll,-183

[LocalizedFileNames]

FreeCell.lnk=@%SystemRoot%\system32\gameux.dll,-10055

Hearts.lnk=@%SystemRoot%\system32\gameux.dll,-10056

Internet Explorer.lnk=@%windir%\System32\ie4uinit.exe,-731

Spider Solitaire.lnk=@%SystemRoot%\system32\gameux.dll,-10061

Solitaire.lnk=@%SystemRoot%\system32\gameux.dll,-10060

Mahjong.lnk=@%SystemRoot%\system32\gameux.dll,-10059

FreeCell (2).lnk=@%SystemRoot%\system32\gameux.dll,-10055

Calculator.lnk=@%SystemRoot%\system32\shell32.dll,-22019

Spider Solitaire (2).lnk=@%SystemRoot%\system32\gameux.dll,-10061

Hearts (2).lnk=@%SystemRoot%\system32\gameux.dll,-10056

Chess.lnk=@%SystemRoot%\system32\gameux.dll,-10054

Notepad.lnk=@%SystemRoot%\system32\shell32.dll,-22051

Windows Live Mail.lnk=@C:\PROGRA~1\WIC4A1~1\Mail\maillang.dll,-21159

XPS Viewer.lnk=@%systemroot%\system32\XpsRchVw.exe,-102

Second Icon

[.ShellClassInfo]

LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21799

[LocalizedFileNames]

Microsoft Office - 60 Day Trial.lnk=@C:\PROGRA~1\MIDDD5~1\mui\oaa.dll,-103

WildTangent Games App - toshiba.lnk=@C:\PROGRA~1\WILDTA~1\TOUCHP~1\toshiba\MUILink.exe,-105

Malwarebytes' Anti-Malware 1.51.0.1200

www.malwarebytes.org

Database version: 7082

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

12/07/11 10:17:26 AM

mbam-log-2011-07-12 (10-17-26).txt

Scan type: Quick scan

Objects scanned: 163610

Time elapsed: 4 minute(s), 16 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected: 0

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

SAS was run and not even a cookie

.

DDS (Ver_2011-06-23.01) - NTFSx86

Internet Explorer: 9.0.8112.16421

Run by John at 10:24:48 on 2011-07-12

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.3062.2076 [GMT 10:00]

.

AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}

FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}

.============== Running Processes ===============

.C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\atiesrxx.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\atieclxx.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\windows\System32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\LSI SoftModem\agrsmsvc.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\windows\system32\conhost.exe

C:\Program Files\Secunia\PSI\PSIA.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\windows\system32\TODDSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

C:\Program Files\TOSHIBA\TECO\TecoService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Windows\system32\PrintIsolationHost.exe

C:\windows\System32\alg.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\TOSHIBA\Utilities\KeNotify.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Secunia\PSI\psi_tray.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Secunia\PSI\sua.exe

C:\windows\system32\taskeng.exe

C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe

C:\windows\system32\DllHost.exe

C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\windows\System32\svchost.exe -k secsvcs

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

.============== Pseudo HJT Report ===============

.uSearch Page = hxxp://www.google.com

uStart Page = hxxp://www.google.com.au/

uSearch Bar = hxxp://www.google.com/ie

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSAU&bmod=TSAU

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

mSearchAssistant = hxxp://www.google.com/ie

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No File

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

mRun: [iAStorIcon] c:\program files\intel\intel® rapid storage technology\IAStorIcon.exe

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s

mRun: [sVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTIL

mRun: [HWSetup] "c:\program files\toshiba\utilities\HWSetup.exe" hwSetUP

mRun: [KeNotify] c:\program files\toshiba\utilities\KeNotify.exe

mRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosWaitSrv.exe

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: &ieSpell Options - c:\program files\iespell\iespell.dll/SPELLOPTION.HTM

IE: Check &Spelling - c:\program files\iespell\iespell.dll/SPELLCHECK.HTM

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html

IE: Lookup on Merriam Webster - file://c:\program files\iespell\Merriam Webster.HTM

IE: Lookup on Wikipedia - file://c:\program files\iespell\wikipedia.HTM

IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTM

IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTM

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mif5ba~1\office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{03C603A8-B176-453F-901C-00B9203A063B} : NameServer = 198.142.0.51 61.88.88.88

TCP: Interfaces\{153A4166-3B98-44E7-9C57-677AD1E68F91} : DhcpNameServer = 192.168.1.1

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs: c:\windows\system32\guard32.dll

.============= SERVICES / DRIVERS ===============

.R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2011-1-6 238960]

R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2011-1-6 37592]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-18 12872]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-11 67656]

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]

R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-2-12 172032]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-4-17 136360]

R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-4-17 269480]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-4-17 66616]

R2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\toshiba\configfree\CFIWmxSvcs.exe [2009-10-28 185712]

R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-11 46448]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\intel\intel® rapid storage technology\IAStorDataMgrSvc.exe [2010-2-12 13336]

R2 RSELSVC;TOSHIBA Modem region select service;c:\program files\toshiba\rselect\RSelSvc.exe [2009-7-8 62832]

R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-1-11 993848]

R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-1-11 399416]

R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\toshiba\teco\TecoService.exe [2009-9-29 185712]

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\drivers\TVALZFL.sys [2009-6-20 12920]

R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files\intel\intel® management engine components\uns\UNS.exe [2010-2-12 2314240]

R3 PGEffect;Pangu effect driver;c:\windows\system32\drivers\PGEffect.sys [2010-8-18 24064]

R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-2-12 230912]

R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\drivers\rtl8192se.sys [2010-4-26 1011232]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2009-11-6 111960]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-8-19 136176]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]

S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2010-8-20 180736]

S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-4 39272]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-22 1493352]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-8-19 136176]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-9-25 22712]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2010-2-12 174592]

S3 TPCHSrv;TPCH Service;c:\program files\toshiba\tphm\TPCHSrv.exe [2009-10-31 677232]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-29 52224]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-21 1343400]

S4 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-9-25 366640]

S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]

.=============== Created Last 30 ================

.2011-07-10 08:12:09 -------- d---a-w- C:\Navilog1

2011-07-10 08:12:07 -------- d-----w- c:\program files\Navilog1

2011-07-08 09:30:41 7074640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{dbc501f6-5642-4ee4-886c-b99ba53bca91}\mpengine.dll

2011-07-03 07:20:03 -------- d-----w- c:\program files\Lexmark

2011-07-03 00:25:38 -------- d-----r- c:\program files\Skype

2011-07-01 03:07:57 -------- d-----w- c:\users\john\appdata\roaming\Auslogics

2011-07-01 03:07:50 -------- d-----w- c:\program files\Auslogics

2011-07-01 00:50:34 -------- d-----w- c:\users\john\appdata\local\Microsoft Help

2011-07-01 00:21:05 -------- d-----w- c:\users\john\appdata\local\{97AD575C-09B1-4BC3-ADCE-634432882F39}

2011-06-29 11:37:07 293376 ----a-w- c:\windows\system32\umpnpmgr.dll

2011-06-29 11:37:01 1549312 ----a-w- c:\windows\system32\tquery.dll

2011-06-29 11:37:01 1401344 ----a-w- c:\windows\system32\mssrch.dll

2011-06-29 11:37:00 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe

2011-06-29 11:37:00 666624 ----a-w- c:\windows\system32\mssvp.dll

2011-06-29 11:37:00 59392 ----a-w- c:\windows\system32\msscntrs.dll

2011-06-29 11:37:00 427520 ----a-w- c:\windows\system32\SearchIndexer.exe

2011-06-29 11:37:00 337408 ----a-w- c:\windows\system32\mssph.dll

2011-06-29 11:37:00 197120 ----a-w- c:\windows\system32\mssphtb.dll

2011-06-29 11:37:00 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe

2011-06-18 03:13:53 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2011-06-18 03:13:53 141104 ----a-w- c:\program files\internet explorer\sqmapi.dll

2011-06-18 03:13:52 1797632 ----a-w- c:\windows\system32\jscript9.dll

2011-06-18 02:58:27 311808 ----a-w- c:\windows\system32\drivers\srv.sys

2011-06-18 02:58:27 310272 ----a-w- c:\windows\system32\drivers\srv2.sys

2011-06-18 02:58:27 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys

2011-06-18 02:33:04 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-06-18 02:33:03 338944 ----a-w- c:\windows\system32\drivers\afd.sys

2011-06-18 02:30:51 571904 ----a-w- c:\windows\system32\oleaut32.dll

2011-06-18 02:29:24 741376 ----a-w- c:\windows\system32\inetcomm.dll

2011-06-18 02:29:20 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2011-06-18 02:29:20 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2011-06-18 02:29:20 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

.==================== Find3M ====================

.2011-07-06 05:55:33 285256 ----a-w- c:\windows\system32\guard32.dll

2011-07-06 05:55:29 37592 ----a-w- c:\windows\system32\drivers\cmdhlp.sys

2011-07-06 05:55:29 19088 ----a-w- c:\windows\system32\drivers\cmderd.sys

2011-07-06 05:55:28 238960 ----a-w- c:\windows\system32\drivers\cmdGuard.sys

2011-06-29 11:50:43 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2011-06-20 01:08:27 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-06-13 03:25:44 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-05-28 23:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-28 23:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-24 09:14:10 222080 ------w- c:\windows\system32\MpSigStub.exe

2011-04-22 19:14:16 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys

2011-04-13 05:02:36 40984 ----a-w- c:\windows\system32\drivers\point32.sys

.============= FINISH: 10:25:35.90 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_2011-06-23.01)

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 18/08/10 11:59:45 AM

System Uptime: 12/07/11 9:00:28 AM (1 hours ago)

Motherboard: TOSHIBA | | NSWAA

Processor: Intel® Core™ i3 CPU M 330 @ 2.13GHz | CPU | 2133/133mhz

==== Disk Partitions =========================

.C: is FIXED (NTFS) - 453 GiB total, 342.616 GiB free.

D: is CDROM ()

.==== Disabled Device Manager Items =============

==== System Restore Points ===================

.

RP175: 18/04/11 9:11:12 PM - PC Decrapifier Restore Point

RP176: 19/04/11 5:23:56 PM - Restore Operation

RP177: 23/04/11 3:16:42 PM - Windows Update

RP178: 23/04/11 4:24:28 PM - Windows Update

RP179: 23/04/11 7:54:34 PM - Windows Update

RP180: 27/04/11 6:28:09 PM - Windows Update

RP181: 02/05/11 10:07:34 AM - PC Decrapifier Restore Point

RP182: 04/05/11 2:40:30 PM - Windows Update

RP183: 11/05/11 3:38:13 PM - Windows Update

RP184: 11/05/11 3:53:13 PM - Windows Update

RP185: 14/05/11 5:08:42 PM - Windows Update

RP186: 15/05/11 7:35:30 AM - Windows Update

RP187: 15/05/11 3:52:18 PM - Restore Operation

RP188: 19/05/11 2:07:40 PM - Windows Update

RP189: 20/05/11 5:40:39 PM - Windows Backup

RP190: 24/05/11 5:15:48 PM - Windows Update

RP191: 26/05/11 4:57:44 PM - Windows Update

RP192: 01/06/11 4:03:37 PM - Windows Update

RP193: 04/06/11 6:38:23 PM - Windows Update

RP194: 08/06/11 7:50:33 AM - Windows Update

RP195: 11/06/11 8:26:40 AM - Windows Update

RP196: 13/06/11 1:24:50 PM - Installed Java™ 6 Update 26

RP197: 18/06/11 12:29:25 PM - Windows Update

RP198: 18/06/11 1:12:28 PM - Windows Update

RP199: 18/06/11 10:57:33 PM - Sat Night

RP200: 20/06/11 11:13:00 AM - Windows Update

RP201: 26/06/11 8:13:18 AM - Windows Update

RP202: 29/06/11 9:38:19 PM - Windows Update

RP203: 30/06/11 3:14:03 PM - Removed Microsoft SQL Server Native Client

RP204: 01/07/11 8:59:26 AM - Removed Windows Live Sync

RP205: 06/07/11 11:50:08 AM - Windows Update

==== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958)

2007 Microsoft Office system

500 From Special K

Acrobat.com

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.4.5

ATI Catalyst Install Manager

Auslogics Disk Defrag

Avira AntiVir Personal - Free Antivirus

Bejeweled 2 Deluxe 1.0

Blueline 1.1.1

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

ccc-utility

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

COMODO Internet Security

CueClub

D3DX10

Direct DiscRecorder

DVD MovieFactory for TOSHIBA

ESET Online Scanner v3

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

HostsMan 3.2.73

ieSpell

ImgBurn

Intel® Control Center

Intel® Management Engine Components

Intel® Rapid Storage Technology

Java Auto Updater

Java™ 6 Update 26

Junk Mail filter update

Malwarebytes' Anti-Malware version 1.51.0.1200

Masque Casino Game Pak II

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft IntelliPoint 8.1

Microsoft Office 2003 Web Components

Microsoft Office 2007 Primary Interop Assemblies

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional Hybrid 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Small Business Connectivity Components

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)

Microsoft SQL Server 2005 Tools Express Edition

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

MSVCRT

OGA Notifier 2.0.0048.0

Optus Wireless Broadband

Orca Browser

PlayReady PC Runtime x86

PokerTH

Realtek Ethernet Controller Driver For Windows Vista and Later

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

Realtek WLAN Driver

Reel Deal Slots - Nickels and More

Secunia PSI (2.0.0.3001)

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2509488)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft Office 2007 System (KB2541012)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB2541007)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2535818)

Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)

Security Update for Microsoft Office Publisher 2007 (KB2284697)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Skype™ 5.3

Speccy

SpeedFan (remove only)

SUPERAntiSpyware

TOSHIBA ConfigFree

TOSHIBA Disc Creator

TOSHIBA DVD PLAYER

TOSHIBA eco Utility

TOSHIBA Flash Cards Support Utility

TOSHIBA Hardware Setup

TOSHIBA HDD/SSD Alert

TOSHIBA Internal Modem Region Select Utility

TOSHIBA PC Health Monitor

TOSHIBA Recovery Media Creator

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Outlook 2007 (KB2509470)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update for Outlook 2007 Junk Email Filter (KB2536413)

Utility Common Driver

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Yahoo! Messenger

Yahoo! Software Update

.==== Event Viewer Messages From Past Week ========

.12/07/11 9:01:08 AM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack.

12/07/11 9:01:08 AM, Error: Microsoft-Windows-SharedAccess_NAT [30013] - The DHCP allocator has disabled itself on IP address 192.168.1.3, since the IP address is outside the 192.168.137.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.

11/07/11 8:20:28 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

11/07/11 6:11:00 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.

11/07/11 11:45:32 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume S3A8422D005

Checkdsk was run yesterday - All seemed clear..

11/07/11 11:37:28 PM, Error: Microsoft-Windows-SharedAccess_NAT [30013] - The DHCP allocator has disabled itself on IP address 192.168.1.2, since the IP address is outside the 192.168.137.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.

==== End Of File ===========================

GMER will not run (3 attempts)

Link to post
Share on other sites

  • 2 weeks later...

One Week Bump -

Avira scan results ? ?

The scan has been done completely.

18417 Scanned directories

268093 Files were scanned

0 Viruses and/or unwanted programs were found

0 Files were classified as suspicious

0 files were deleted

0 Viruses and unwanted programs were repaired

0 Files were moved to quarantine

0 Files were renamed

0 Files cannot be scanned

268093 Files not concerned

1938 Archives were scanned

0 Warnings

0 Notes

571100 Objects were scanned with rootkit scan

0 Hidden objects were found

- - - - - - - - - - - - - - - - - - - - - - -- - - - -- - - - - - -

ESET Online scan was run and found no problems.

- - - - - -- - - - - - - - - - - - - - - - - - - - - - - - - - - - -

I have now changed to M.S.E. to see if any other problems are found

Any chance of any answer ? ?

Link to post
Share on other sites

  • Staff

Hi noknojon,

My apologies for the delay.

Not sure what you mean by one of your "other" forum accounts, but this icon issue doesn't seem like malware to me. I haven't personally run into it before but others have and it looks like there is a working solution; read here for more:

http://www.techsupportforum.com/forums/f10/shell-class-info-message-97277.html

Let me know how it goes.

Chris

Link to post
Share on other sites

Hi Chris -

desktop.ini is the name of 2 icons that appeared (both greyed out). The "other" forum accounts , refers to G2G forum where I have been doing schooling (they were notified but did nothing). Another name was shown instead of mine as being logged in.

To give you some idea , imagine if you logged in here as usual, and it returned, my name, my avatar, and member details instead of yours ?? This occured several times about the same time as the 2 desktop.ini icons appeared.

There is now also another icon with "C:xxxxxxxxxx" Shortcut, (xxxx being my computer number) on the desktop. This one is not greyed out, just normal.

The link you provided was for an XP with problems, and this is a Win7. But I will spend some trying the remedy and report it back to you -

I have so far discovered about 30 desktop.ini files (as per posted link) and I will pick through these.

(first try a disk check) This was part of the information given, and I had already done a DiskCheck first - It is mentioned in the errors above

{11/07/11 11:45:32 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume S3A8422D005

Checkdsk was run yesterday - All seemed clear.}

Thanks -

As an extra G2G seems slow responding to problems (especially from students) and that is why I posted here -

Link to post
Share on other sites

Hi Chris -

I have now followed all the information in your link. The desktop.ini icons are now gone, and I manually deleted the "C:xxxxxxxxxx" Shortcut.

This included sfc /scannow , chkdsk , and removing about '30 desktop.ini' files that came from, wherever. ???????????:unsure:

Deleting desktop.ini files was first, then sfc /scannow. No problems were met so far. Last was chkdsk, generally OK and only a few notes were observed.

In the first stage it listed -155648 File records processed , File verification completed

222 Large file records processed

0 Bad file records processed

0 EA records processed

43 Reparse records processed

I am still not sure why or where the desktop.ini files and the Sys C: shortcut came from but they are not there any more.:unsure:

Thanks for the help, and I hope they do not return {so I don't need to annoy you again}. ;)

Thanks - John -:)

I assume you can now close this and put it in the completed section, unless you have any questions.

Link to post
Share on other sites

  • Staff

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.