Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Shell (explorer.exe) Errors / Possible Virus


  • This topic is locked This topic is locked
3 replies to this topic

#1 CarlRicco

CarlRicco

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:33 PM

Posted 09 January 2009 - 04:35 AM

Hi, new here - recently I have been having some trouble with the Windows Shell.
Once I log on to my computer the shell will close and go into a loop of restarting
and closing - no error messages are displayed on screen. When I checked my system
logs it just states that Windows Shell closed unexpectedly.

Here is my log.

------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:14:11 AM, on 1/9/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\antivirus\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\antivirus\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\BinarySense\hldasvc.exe
C:\Program Files\Common Files\BinarySense\hldasvc.exe
C:\PROGRA~1\ANTIVI~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\antivirus\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\applications\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\applications\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
C:\Program Files\Belkin\F5D7050v5\Belkinwcui.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\antivirus\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\antivirus\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\imapi.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://search.dell.com/index.asp
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ANTIVI~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\RunOnce: [wextract_cleanup0] rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\Admin\LOCALS~1\Temp\IXP000.TMP\"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\antivirus\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\applications\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\applications\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
O4 - Global Startup: Belkin Wireless G USB Adapter Client Utility.lnk = ?
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\ANTIVI~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\ANTIVI~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1231119711796
O18 - Protocol: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - "C:\Program Files\Common Files\BinarySense\hlAPP.dll" (file missing)
O20 - AppInit_DLLs: wbsys.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\antivirus\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\antivirus\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\antivirus\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\antivirus\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Program Files\Common Files\BinarySense\hldasvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: M-Audio Series II MIDI Installer (MA_CMIDI_InstallerService) - Unknown owner - C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

--
End of file - 5378 bytes

--------

edit: here is the DDS log and attatchment.

-------------------

DDS (Ver_09-01-07.01) - NTFSx86
Run by Admin at 4:32:24.35 on Fri 01/09/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.503.240 [GMT -5:00]

AV: avast! antivirus 4.8.1296 [VPS 090108-0] *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\antivirus\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\antivirus\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\BinarySense\hldasvc.exe
C:\Program Files\Common Files\BinarySense\hldasvc.exe
C:\PROGRA~1\ANTIVI~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\antivirus\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\applications\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\applications\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
C:\Program Files\Belkin\F5D7050v5\Belkinwcui.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
C:\Program Files\antivirus\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\antivirus\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Admin\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://search.dell.com/index.asp
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: NoExplorer - No File
BHO: {16a39846-038d-4155-b95f-1ad81aef676d} - c:\windows\system32\ljJYRHBS.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\antivi~1\spybot~1\SDHelper.dll
BHO: {6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} - c:\windows\system32\hgGwWPIX.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [SpybotSD TeaTimer] c:\program files\antivirus\spybot - search & destroy\TeaTimer.exe
uRun: [Advanced SystemCare 3] "c:\program files\applications\iobit\advanced systemcare 3\AWC.exe" /startup
uRun: [SmartRAM] "c:\program files\applications\iobit\advanced systemcare 3\Sup_SmartRAM.exe" /m
mRun: [avast!] c:\progra~1\antivi~1\alwils~1\avast4\ashDisp.exe
mRun: [P17Helper] Rundll32 P17.dll,P17Helper
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRunOnce: [wextract_cleanup0] rundll32.exe c:\windows\system32\advpack.dll,delnoderundll32 "c:\docume~1\admin\locals~1\temp\ixp000.tmp\"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\belkin~1.lnk - c:\program files\belkin\f5d7050v5\Belkinwcui.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\antivi~1\spybot~1\SDHelper.dll
Handler: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - c:\program files\common files\binarysense\hlAPP.dll
Notify: hgGwWPIX - hgGwWPIX.dll
Notify: igfxcui - igfxdev.dll
Notify: WBSrv - c:\program files\stardock\object desktop\windowblinds\wbsrv.dll
AppInit_DLLs: wbsys.dll c:\progra~1\google\google~1\GOEC62~1.DLL
SEH: {6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} - c:\windows\system32\hgGwWPIX.dll
LSA: Authentication Packages = msv1_0 c:\windows\system32\ljJYRHBS

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admin\applic~1\mozilla\firefox\profiles\nr9zywas.default\
FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\program files\mozilla firefox\components\iamfamous.dll
FF - plugin: c:\documents and settings\admin\local settings\application data\google\update\1.2.133.33\npGoogleOneClick7.dll

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-1-4 111184]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\antivirus\alwil software\avast4\ashMaiSv.exe [2009-1-4 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\antivirus\alwil software\avast4\ashWebSv.exe [2009-1-4 352920]
R3 USBKT1X1;M-Audio USB Keystation;c:\windows\system32\drivers\usbkt1x1.sys [2009-1-6 22304]
R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-1-6 20560]
R4 avast! Antivirus;avast! Antivirus;c:\program files\antivirus\alwil software\avast4\ashServ.exe [2009-1-4 155160]
R4 HDDlife HDD Access service;HDDlife HDD Access service;c:\program files\common files\binarysense\hldasvc.exe [2008-2-15 832760]
S3 BELKIN;Belkin Wireless G USB Network Adapter;c:\windows\system32\drivers\BLKWGU.sys [2009-1-6 238848]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-1-7 30192]
S3 UKS11LDR;M-Audio USB Keystation Loader;c:\windows\system32\drivers\uks11ldr.sys [2009-1-6 13504]

=============== Created Last 30 ================

2009-01-09 04:13 <DIR> --d----- c:\program files\Trend Micro
2009-01-09 04:12 <DIR> --d----- c:\program files\Yahoo!
2009-01-09 04:12 <DIR> --d----- c:\program files\CCleaner
2009-01-09 03:45 <DIR> --d----- c:\program files\Error Repair Professional
2009-01-09 02:28 709,312 a--sh--- c:\windows\system32\SBHRYJjl.ini
2009-01-09 02:28 709,134 a--sh--- c:\windows\system32\SBHRYJjl.ini2
2009-01-09 02:28 303,104 a------- c:\windows\system32\ljJYRHBS.dll
2009-01-09 02:22 46,080 a------- c:\windows\system32\ddccARii.dll
2009-01-09 02:22 35,328 a------- c:\windows\system32\hgGwWPIX.dll
2009-01-09 00:28 135,168 a------- c:\windows\system32\igfxres.dll
2009-01-08 23:25 <DIR> --d----- c:\program files\Test My Hardware
2009-01-08 19:33 <DIR> --d----- c:\docume~1\admin\applic~1\IObit
2009-01-08 19:30 <DIR> --d----- c:\windows\system32\NtmsData
2009-01-08 10:42 <DIR> --d----- C:\Jab
2009-01-07 13:10 <DIR> --d----- c:\program files\common files\SWF Studio
2009-01-07 13:08 1,084,528 a------- c:\windows\system32\TWCSaver.scr
2009-01-07 13:08 <DIR> --d----- c:\program files\The Weather Channel FW
2009-01-07 09:52 <DIR> --d----- c:\docume~1\admin\applic~1\BinarySense
2009-01-07 09:52 <DIR> --d----- c:\program files\health
2009-01-07 09:52 <DIR> --d----- c:\program files\common files\BinarySense
2009-01-06 22:41 221,184 a------- c:\windows\system32\wmpns.dll
2009-01-06 22:41 316,640 a------- c:\windows\WMSysPr9.prx
2009-01-06 22:38 <DIR> --d----- c:\windows\ServicePackFiles
2009-01-06 22:35 19,528 a------- c:\windows\004066_.tmp
2009-01-06 21:58 0 -------- c:\windows\system32\HFX12F.tmp
2009-01-06 21:57 19,528 a------- c:\windows\002173_.tmp
2009-01-06 21:54 <DIR> --d----- c:\windows\EHome
2009-01-06 21:51 <DIR> --d----- C:\4f92a3b391fecc3550472cb531501b22
2009-01-06 19:41 724,992 a------- c:\windows\iun6002.exe
2009-01-06 19:41 <DIR> --d----- c:\program files\M-Audio USB Keyboard Device
2009-01-06 19:41 82,944 a------- c:\windows\system32\usbkt1x1.dll
2009-01-06 19:41 22,304 a------- c:\windows\system32\drivers\usbkt1x1.sys
2009-01-06 19:41 13,504 a------- c:\windows\system32\drivers\uks11ldr.sys
2009-01-06 19:28 <DIR> --d----- c:\program files\Broadcom
2009-01-06 19:27 5 a------- c:\windows\system32\drivers\DELL_DIM_3000.MRK
2009-01-06 19:27 5 a------- c:\windows\system32\drivers\1028_DELL_DIM_3000.MRK
2009-01-06 19:17 135,552 a------- c:\windows\system32\drivers\usbport.sys
2009-01-06 19:17 67,072 a------- c:\windows\system32\usbui.dll
2009-01-06 19:17 19,328 a------- c:\windows\system32\drivers\usbuhci.sys
2009-01-06 19:17 51,968 a------- c:\windows\system32\drivers\usbhub.sys
2009-01-06 19:17 95,360 a------- c:\windows\system32\drivers\atapi.sys
2009-01-06 19:17 25,088 a------- c:\windows\system32\drivers\pciidex.sys
2009-01-06 19:17 3,328 ac------ c:\windows\system32\dllcache\pciide.sys
2009-01-06 19:17 3,328 a------- c:\windows\system32\drivers\pciide.sys
2009-01-06 19:17 35,840 ac------ c:\windows\system32\dllcache\isapnp.sys
2009-01-06 19:17 35,840 a------- c:\windows\system32\drivers\isapnp.sys
2009-01-06 19:17 68,224 a------- c:\windows\system32\drivers\pci.sys
2009-01-06 19:17 <DIR> --d----- c:\program files\Realtek Semiconductor Corp
2009-01-06 13:45 0 a------- c:\windows\WB.ini
2009-01-06 13:33 42,672 a------- c:\windows\system32\wbsys.dll
2009-01-06 13:33 <DIR> --d----- c:\program files\Stardock
2009-01-06 13:14 238,848 a------- c:\windows\system32\drivers\BLKWGU.sys
2009-01-06 13:14 13,768 a------- c:\windows\system32\drivers\string.ini
2009-01-06 13:14 38,144 a------- c:\windows\system32\drivers\EAPPkt.sys
2009-01-06 13:14 <DIR> --d----- c:\program files\Belkin
2009-01-06 12:39 86,016 a------- c:\windows\system32\MA_CMIDN.DLL
2009-01-06 12:39 82,944 a------- c:\windows\system32\USBMN1X1.DLL
2009-01-06 12:39 24,128 a------- c:\windows\system32\drivers\USBMM1X1.SYS
2009-01-06 12:39 22,208 a------- c:\windows\system32\drivers\USBMN1X1.SYS
2009-01-06 12:39 21,888 a------- c:\windows\system32\drivers\MA_CMIDI.SYS
2009-01-06 12:39 17,920 a------- c:\windows\system32\USBMM1X1.DLL
2009-01-06 12:39 17,920 a------- c:\windows\system32\MA_CMIDI.DLL
2009-01-06 12:39 14,272 a------- c:\windows\system32\MA_CMIDI.DRV
2009-01-06 12:39 13,504 a------- c:\windows\system32\drivers\USB11LDR.SYS
2009-01-06 12:39 12,272 a------- c:\windows\system32\USBMM1X1.DRV
2009-01-06 12:39 7,330 a------- c:\windows\system32\USBMM1X1.VXD
2009-01-06 12:39 7,282 a------- c:\windows\system32\MA_CMIDI.VXD
2009-01-06 11:41 140,928 a------- c:\windows\system32\drivers\ks.sys
2009-01-06 11:41 60,288 a------- c:\windows\system32\drivers\drmk.sys
2009-01-06 11:41 48,640 a------- c:\windows\system32\drivers\stream.sys
2009-01-06 11:41 130,048 a------- c:\windows\system32\ksproxy.ax
2009-01-06 11:41 4,096 a------- c:\windows\system32\ksuser.dll
2009-01-06 00:05 2,502,633 a------- c:\windows\system32\pcifmdio.dll
2009-01-06 00:05 1,122,304 a------- c:\windows\system32\deltapnl.exe
2009-01-06 00:05 302,336 a------- c:\windows\system32\drivers\delta.sys
2009-01-06 00:05 46,592 a------- c:\windows\system32\deltapnl.dll
2009-01-06 00:05 22,528 a------- c:\windows\system32\deltasio.dll
2009-01-06 00:05 19,456 a------- c:\windows\system32\DeltaCPL.cpl
2009-01-06 00:05 <DIR> --d----- c:\program files\M-Audio
2009-01-05 19:42 306,688 a------- c:\windows\IsUninst.exe
2009-01-05 03:30 <DIR> --d----- C:\music
2009-01-05 01:23 <DIR> a-dshr-- C:\autorun.inf
2009-01-05 00:22 79 a------- c:\windows\wininit.ini
2009-01-05 00:21 <DIR> --d----- c:\windows\pss
2009-01-05 00:12 <DIR> --d----- c:\docume~1\admin\applic~1\Malwarebytes
2009-01-05 00:12 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-01-05 00:12 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-05 00:12 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-01-05 00:12 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-01-04 23:59 102,664 a------- c:\windows\system32\drivers\tmcomm.sys
2009-01-04 23:56 <DIR> --d----- c:\documents and settings\admin\.housecall6.6
2009-01-04 23:43 410,984 a------- c:\windows\system32\deploytk.dll
2009-01-04 23:43 73,728 a------- c:\windows\system32\javacpl.cpl
2009-01-04 23:31 <DIR> --d----- C:\New Folder
2009-01-04 23:23 <DIR> --d----- c:\docume~1\admin\applic~1\Antares
2009-01-04 23:21 <DIR> --d----- c:\program files\common files\Digidesign
2009-01-04 22:24 1,076 a------- c:\windows\system32\settingsbkup.sfm
2009-01-04 22:24 1,076 a------- c:\windows\system32\settings.sfm
2009-01-04 22:13 <DIR> --d----- c:\program files\Creative
2009-01-04 22:00 <DIR> --d----- c:\program files\ASIO4ALL v2
2009-01-04 22:00 225,280 a------- c:\windows\system32\rewire.dll
2009-01-04 22:00 <DIR> --d----- c:\program files\VstPlugins
2009-01-04 22:00 1,294,336 a------- c:\windows\system32\vorbis.acm
2009-01-04 22:00 <DIR> --d----- c:\program files\Outsim
2009-01-04 22:00 <DIR> --d----- c:\program files\Image-Line
2009-01-04 21:59 <DIR> --d----- c:\program files\Steinberg
2009-01-04 21:59 <DIR> --d----- c:\program files\Antares Audio Technologies
2009-01-04 21:59 1,777,664 a------- c:\windows\system32\gdiplus.dll
2009-01-04 21:56 <DIR> --d----- c:\windows\system32\ReinstallBackups
2009-01-04 21:53 1,902 -------- c:\windows\system32\SetupBD.din
2009-01-04 21:53 154,112 ac------ c:\windows\system32\dllcache\e100b325.sys
2009-01-04 21:53 154,112 a------- c:\windows\system32\drivers\e100b325.sys
2009-01-04 21:53 118,784 a------- c:\windows\system32\Prounstl.exe
2009-01-04 21:53 24,064 a------- c:\windows\system32\IntelNic.dll
2009-01-04 21:53 12,288 a------- c:\windows\system32\e100bmsg.dll
2009-01-04 21:53 5,110 a------- c:\windows\system32\e100b325.din
2009-01-04 21:53 <DIR> --d----- C:\drvrtmp
2009-01-04 21:48 <DIR> --d----- c:\program files\applications
2009-01-04 21:41 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Drivers HeadQuarters
2009-01-04 21:34 <DIR> --d----- c:\program files\apps
2009-01-04 21:34 <DIR> --d----- c:\docume~1\admin\applic~1\uTorrent
2009-01-04 21:13 20,349 a------- c:\windows\system32\drivers\detectdr.sys
2009-01-04 21:13 17,335 a------- c:\windows\system32\drivers\packet.sys
2009-01-04 20:59 118,784 a------- c:\windows\system32\MSSTDFMT.DLL
2009-01-04 20:59 <DIR> --d----- c:\program files\SpywareBlaster
2009-01-04 20:58 <DIR> --d----- c:\windows\system32\Adobe
2009-01-04 20:46 <DIR> --d----- c:\windows\system32\PreInstall
2009-01-04 20:46 22,752 a------- c:\windows\system32\spupdsvc.exe
2009-01-04 20:46 <DIR> --d-h--- c:\windows\$hf_mig$
2009-01-04 20:45 <DIR> --d----- c:\windows\system32\bits
2009-01-04 20:45 351,232 a------- c:\windows\system32\winhttp.dll
2009-01-04 20:45 18,944 a------- c:\windows\system32\qmgrprxy.dll
2009-01-04 20:45 438,784 -------- c:\windows\system32\xpob2res.dll
2009-01-04 20:45 8,192 -------- c:\windows\system32\bitsprx2.dll
2009-01-04 20:45 7,168 -------- c:\windows\system32\bitsprx3.dll
2009-01-04 20:43 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-01-04 20:42 <DIR> --d----- c:\program files\antivirus
2009-01-04 20:37 <DIR> --ds---- c:\windows\system32\Microsoft
2009-01-04 20:36 21,035 a------- c:\windows\system32\drivers\AegisP.sys
2009-01-04 18:45 4,272 a----r-- c:\windows\system32\drivers\bvrp_pci.sys
2009-01-04 15:52 <DIR> --d----- c:\documents and settings\Admin
2009-01-04 15:36 552 a------- c:\windows\system32\d3d8caps.dat
2009-01-04 14:50 <DIR> --dsh--- c:\windows\Installer
2009-01-04 14:48 8,192 a------- c:\windows\REGLOCS.OLD
2009-01-04 14:45 471,102 ac------ c:\windows\system32\dllcache\imskdic.dll
2009-01-04 14:42 24,576 a------- c:\windows\system32\xpsp1hfm.exe
2009-01-04 14:41 2,635 a------- c:\windows\system32\CONFIG.NT
2009-01-04 14:41 0 a------- c:\windows\control.ini
2009-01-04 14:41 25,065 a------- c:\windows\system32\wmpscheme.xml
2009-01-04 14:40 <DIR> --dsh--- c:\documents and settings\all users\DRM
2009-01-04 14:39 4,399,505 ac------ c:\windows\system32\dllcache\nls302en.lex
2009-01-04 14:38 <DIR> --d----- c:\program files\common files\MSSoap
2009-01-04 14:37 <DIR> --d-h--- c:\program files\WindowsUpdate
2009-01-04 14:37 <DIR> --d----- c:\program files\Online Services
2009-01-04 14:37 <DIR> --d----- c:\program files\Messenger
2009-01-04 14:37 <DIR> --d----- c:\program files\MSN Gaming Zone
2009-01-04 14:36 <DIR> --d----- c:\program files\Windows NT
2009-01-04 09:33 <DIR> --d----- c:\program files\common files\ODBC
2009-01-04 09:33 <DIR> --d----- c:\program files\common files\SpeechEngines
2009-01-04 09:32 <DIR> --d--r-- c:\documents and settings\all users\Documents

==================== Find3M ====================

2009-01-06 22:43 77,423 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-01-04 22:13 409,600 a------- c:\windows\system32\wrap_oal.dll
2009-01-04 22:13 114,688 a------- c:\windows\system32\OpenAL32.dll
2009-01-04 14:38 21,640 a------- c:\windows\system32\emptyregdb.dat

============= FINISH: 4:33:20.28 ===============

Attached Files


Edited by CarlRicco, 09 January 2009 - 04:46 AM.


BC AdBot (Login to Remove)

 


#2 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:06:33 PM

Posted 22 January 2009 - 04:42 PM

Howdy, my name is Hoov, and I will be helping you with your dilemma.

Please make sure you watch this thread for responses. If you click the options tab at the top of your first post, you can select to track this thread.

Here is what I am asking you to do during the repair of your computer

*Tell me everything that you have done, if anything, to try and fix this problem.

*Please only use 1 forum to help clear up your problem. Posting on more than 1 and following instructions from more than 1 forum will cause those helping you to pull out thier hair.

*Follow my instructions - If you can't for some reason, or if you don't understand something, please tell me. If you deviate from my instructions, tell me, it may make a difference on where we go. Don't install anything, even other programs that have nothing to do with security or malware, it could cause things to change, and I would never know it.

*Have faith. I will do all I can to get your computer working, and if I can't - someone else here will know something else to try.

*Stick with me to the end. My aim is to fix your problems, and give you the tools and knowledge to keep this from happening again.

Now onto trying to fix your computer.

First restart in safe mode, go into the system control panel, click the advanced tab, then go to the settings button in the restore section. In there uncheck the box next to the option to restart the system on error. After that click ok all the way back to the desktop. Now reboot your computer. You should get a blue screen of Death. Write down the stop code, then come back here and tell us what the stop code is.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#3 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:06:33 PM

Posted 27 January 2009 - 12:34 PM

if you still need help, please post something here to let me know you are still interested. If I don't hear anything in the next couple days, then this thread will be closed.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#4 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:06:33 PM

Posted 03 February 2009 - 08:23 PM

This thread is closed due to inactivity.
If you need this topic reopened, please send me or another moderator a PM. This applies to the thread originator only, all others start a new thread.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users