Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Printer issue!! seems like malware??


  • This topic is locked This topic is locked
16 replies to this topic

#1 Stimp11

Stimp11

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 14 April 2009 - 10:09 PM

Hello!
The other day I printed something...then went to print again and got some spool error and it would only print 2 of 8 pages. When I tried to print again I got a printer communication error-no printing. I have tried everything..uninstalling/reinstalling printer...powering off, restarting, etc. I still cannot connect to the printer. It was working fine, then 10 minutes later it wasn't with nothing in between. I checked the firewall and as far as I can see it says printing is ok. My printer is wireless. i can print from another computer, no prolem. I can access internet from computer that won't print so I know that the printer works and the wireless connection works and the computer's wireless connection works. I posted in another forum and got one response (about the firewall) but when I said that didnt work no one replied. PLEASE help...I have things to print that I can only print from the one that won't! I am in school and need this fixed. Could it by malware?? Or a corrupted registry part (read that in another message when I googled my issue...but I wouldn't know a bad line unless it sais I AM BAD DELETE ME
HJT log below.


Also, when I run HJT I get a box with this message: "For some reason your system denied write access to the host file"
And some info on how to edit something yourself.

Thanks for your help!


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:40:28 PM, on 4/1/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Lexmark Z2400 Series\lxdqMsdMon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.post-gazette.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [lxdqmon.exe] "C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe"
O4 - HKLM\..\Run: [lxdqamon] "C:\Program Files\Lexmark Z2400 Series\lxdqamon.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/share...GamesLoader.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {41D1977F-4161-4720-800F-EA4903983A38} (Jigsaw Genius Control) - http://www.worldwinner.com/games/v43/jigsaw/jigsaw.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} (Tilecity Control) - http://www.worldwinner.com/games/v42/tilecity/tilecity.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL avgrsstx.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxdqCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdqserv.exe
O23 - Service: lxdq_device - - C:\Windows\system32\lxdqcoms.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9541 bytes

BC AdBot (Login to Remove)

 


#2 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:03:39 PM

Posted 27 April 2009 - 01:57 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

R,
K
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#3 Stimp11

Stimp11
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 28 April 2009 - 07:13 PM

Here is my udpated log:
As I stated above. I am unable to print from this wireless laptop. I have uninstalled and reinstalled the printer. I have checked the firewall. The printer works with another wireless computer. It is slow in general for everything. It keeps popping up with a "computer solution" window from Vista...but when I click on it it says that "no solutions found" . It freezes up and I sometimes get a Black error screen asking me if I want to put in safe mode or restart with normal windows.
Thanks


DDS (Ver_09-02-01.01) - NTFSx86
Run by Hedgehog at 20:08:17.12 on Tue 04/28/2009
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2037.980 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Windows\system32\spool\DRIVERS\W32X86\3\lxdqserv.exe
C:\Windows\system32\lxdqcoms.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\rundll32.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ErrorFix\ErrorFix.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Lexmark Z2400 Series\lxdqMsdMon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Hedgehog\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.post-gazette.com/
uInternet Settings,ProxyOverride = *.local
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
TB: {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No File
TB: {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [lxdqmon.exe] "c:\program files\lexmark z2400 series\lxdqmon.exe"
mRun: [lxdqamon] "c:\program files\lexmark z2400 series\lxdqamon.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
StartupFolder: c:\users\hedgehog\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} - hxxp://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {41D1977F-4161-4720-800F-EA4903983A38} - hxxp://www.worldwinner.com/games/v43/jigsaw/jigsaw.cab
DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} - hxxp://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} - hxxp://www.worldwinner.com/games/v42/tilecity/tilecity.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL avgrsstx.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-9-19 325128]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-1-27 107272]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2008-5-6 73728]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-9-19 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-9-19 298264]
R2 lxdq_device;lxdq_device;c:\windows\system32\lxdqcoms.exe -service --> c:\windows\system32\lxdqcoms.exe -service [?]
R2 lxdqCATSCustConnectService;lxdqCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdqserv.exe [2008-2-27 98984]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-4-2 210216]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-5-6 111616]

=============== Created Last 30 ================

2009-04-23 20:13 <DIR> --d----- c:\users\hedgehog\appdata\roaming\ErrorFix
2009-04-23 20:13 <DIR> --d----- c:\program files\ErrorFix
2009-04-23 20:12 <DIR> --d----- c:\program files\Downloaded Installers
2009-04-09 22:01 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-04-09 22:01 97,800 a------- c:\windows\system32\infocardapi.dll
2009-04-09 22:01 622,080 a------- c:\windows\system32\icardagt.exe
2009-04-09 22:01 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
2009-04-09 22:01 37,384 a------- c:\windows\system32\infocardcpl.cpl
2009-04-09 22:01 11,264 a------- c:\windows\system32\icardres.dll
2009-04-09 22:01 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
2009-04-09 22:01 326,160 a------- c:\windows\system32\PresentationHost.exe
2009-04-09 21:54 96,760 a------- c:\windows\system32\dfshim.dll
2009-04-09 21:54 282,112 a------- c:\windows\system32\mscoree.dll
2009-04-09 21:54 41,984 a------- c:\windows\system32\netfxperf.dll
2009-04-09 21:54 158,720 a------- c:\windows\system32\mscorier.dll
2009-04-09 21:54 83,968 a------- c:\windows\system32\mscories.dll
2009-04-09 21:23 <DIR> --d----- c:\program files\Lexmark Toolbar
2009-04-09 21:21 <DIR> --d----- c:\programdata\Lexmark Z2400 Series
2009-04-09 21:21 <DIR> --d----- c:\progra~2\Lexmark Z2400 Series
2009-04-07 21:01 15,637,794 a------- c:\windows\system32\NHL_Logos_Screen_Saver[1].scr
2009-04-07 20:46 <DIR> --d----- c:\users\hedgehog\appdata\roaming\iScreensaver
2009-04-02 21:34 <DIR> --d----- c:\programdata\TEMP
2009-04-02 21:34 <DIR> --d----- c:\program files\SpywareBlaster
2009-04-02 21:34 <DIR> --d----- c:\programdata\SiteAdvisor
2009-04-02 21:33 <DIR> --d----- c:\program files\common files\McAfee
2009-04-02 21:33 <DIR> --d----- c:\programdata\McAfee
2009-04-02 21:33 <DIR> --d----- c:\program files\McAfee
2009-04-01 23:38 410,984 a------- c:\windows\system32\deploytk.dll

==================== Find3M ====================

2009-04-09 21:24 143,360 a------- c:\windows\inf\infstrng.dat
2009-04-09 21:24 51,200 a------- c:\windows\inf\infpub.dat
2009-03-26 16:49 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-26 16:49 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-03-16 23:38 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-16 23:38 13,824 a------- c:\windows\system32\apilogen.dll
2009-03-16 23:38 24,064 a------- c:\windows\system32\amxread.dll
2009-03-12 17:38 86,016 a------- c:\windows\inf\infstor.dat
2009-03-03 00:46 3,599,328 a------- c:\windows\system32\ntkrnlpa.exe
2009-03-03 00:46 3,547,632 a------- c:\windows\system32\ntoskrnl.exe
2009-03-03 00:40 827,392 a------- c:\windows\system32\wininet.dll
2009-03-03 00:39 183,296 a------- c:\windows\system32\sdohlp.dll
2009-03-03 00:39 551,424 a------- c:\windows\system32\rpcss.dll
2009-03-03 00:39 26,112 a------- c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 00:37 78,336 a------- c:\windows\system32\ieencode.dll
2009-03-03 00:37 98,304 a------- c:\windows\system32\iasrecst.dll
2009-03-03 00:37 54,784 a------- c:\windows\system32\iasads.dll
2009-03-03 00:37 44,032 a------- c:\windows\system32\iasdatastore.dll
2009-03-02 23:04 666,624 a------- c:\windows\system32\printfilterpipelinesvc.exe
2009-03-02 22:38 17,408 a------- c:\windows\system32\iashost.exe
2009-03-02 22:28 26,624 a------- c:\windows\system32\ieUnatt.exe
2009-02-13 04:49 72,704 a------- c:\windows\system32\secur32.dll
2009-02-13 04:49 1,255,936 a------- c:\windows\system32\lsasrv.dll
2009-02-08 23:10 2,033,152 a------- c:\windows\system32\win32k.sys
2009-01-26 23:40 69,344 a------- c:\users\hedgehog\appdata\roaming\GDIPFONTCACHEV1.DAT
2009-01-26 18:37 1,442 a------- c:\users\hedgehog\appdata\roaming\wklnhst.dat
2008-09-24 16:21 60,968 a------- c:\users\hedgehog\GoToAssistDownloadHelper.exe
2008-06-11 23:21 665,600 a------- c:\windows\inf\drvindex.dat
2008-01-20 22:43 174 a--sh--- c:\program files\desktop.ini
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 20:08:49.69 ===============

#4 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:39 PM

Posted 30 April 2009 - 05:49 PM

Hello.

This doesn't sound like a malware issue.

Let's see what we can find.

Download and run MalwareBytes Anti-Malware
If you already have MBAM installed, simply update and run a quick scan.

Please download Malwarebytes Anti-Malware setup and to your desktop.
alternate download link 1
alternate download link 2

Refer to the steps given here on installing MalwareBytes, running the scan, and saving the log file (not on using File Assasin).
  • If you have trouble updating, try the other mirror download site.
  • Should the computer in question not be able update using the normal method download the update file from here, using another machine if needed. Simply double click the file to install the updates.
  • If MalwareBytes asks to reboot to remove certain items, do so right away.
Please include the scan logfile in your next reply.
Please then take a new DDS log. Include the Attach.txt.

With Regards,
The Panda

#5 Stimp11

Stimp11
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 02 May 2009 - 11:48 PM

here you go:

Malwarebytes' Anti-Malware 1.36
Database version: 2069
Windows 6.0.6001 Service Pack 1

5/3/2009 12:37:24 AM
mbam-log-2009-05-03 (00-37-07).txt

Scan type: Quick Scan
Objects scanned: 67589
Time elapsed: 5 minute(s), 0 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 7
Files Infected: 43

Memory Processes Infected:
C:\Program Files\ErrorFix\ErrorFix.exe (Rogue.ErrorFix) -> No action taken.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\ErrorFix (Rogue.ErrorFix) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\ErrorFix (Rogue.ErrorFix) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CD205D52-1C73-4C6C-BAF6-C2190EB69357} (Rogue.ErrorFix) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ErrorFix (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Results (Rogue.ErrorFix) -> No action taken.
C:\Windows\Installer\{CD205D52-1C73-4C6C-BAF6-C2190EB69357} (Rogue.ErrorFix) -> No action taken.
C:\Program Files\ErrorFix (Rogue.ErrorFix) -> No action taken.
C:\Program Files\Downloaded Installers\{CD205D52-1C73-4C6C-BAF6-C2190EB69357} (Rogue.ErrorFix) -> No action taken.

Files Infected:
C:\Program Files\ErrorFix\ErrorFix.exe (Rogue.RegTool) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ErrorFix\ErrorFix Help.lnk (Rogue.ErrorFix) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ErrorFix\ErrorFix on the Web.lnk (Rogue.ErrorFix) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ErrorFix\ErrorFix.lnk (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-23 20-13-500.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-24 12-29-040.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-24 16-13-130.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-24 20-55-110.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-25 15-11-590.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-25 20-07-440.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-26 12-38-070.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-26 15-31-280.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-26 20-58-440.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-27 08-25-140.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-27 12-32-540.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-27 14-05-330.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-28 12-11-140.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-28 16-45-310.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-29 00-51-340.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-29 10-50-500.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-29 15-33-380.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-29 15-53-060.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-29 18-57-220.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-29 21-26-360.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-29 22-13-330.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-30 09-03-330.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-30 12-13-140.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-05-01 12-14-320.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-05-01 16-34-510.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-05-02 12-38-470.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-05-02 22-04-110.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-05-03 00-24-140.log (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Results\Evidence.db (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Results\Junk.db (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Results\Registry.db (Rogue.ErrorFix) -> No action taken.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Results\Update.db (Rogue.ErrorFix) -> No action taken.
C:\Windows\Installer\{CD205D52-1C73-4C6C-BAF6-C2190EB69357}\Icon.exe (Rogue.ErrorFix) -> No action taken.
C:\Program Files\ErrorFix\definitions.db (Rogue.ErrorFix) -> No action taken.
C:\Program Files\ErrorFix\ErrorFix.url (Rogue.ErrorFix) -> No action taken.
C:\Program Files\ErrorFix\privacy.db (Rogue.ErrorFix) -> No action taken.
C:\Program Files\Downloaded Installers\{CD205D52-1C73-4C6C-BAF6-C2190EB69357}\setup.msi (Rogue.ErrorFix) -> No action taken.
C:\Users\Public\Desktop\ErrorFix.lnk (Rogue.ErrorFix) -> No action taken.
C:\Windows\Tasks\ErrorFix Scan.job (Rogue.ErrorFix) -> No action taken.



DDS (Ver_09-02-01.01) - NTFSx86
Run by Hedgehog at 0:43:27.01 on Sun 05/03/2009
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2037.1001 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Windows\system32\spool\DRIVERS\W32X86\3\lxdqserv.exe
C:\Windows\system32\lxdqcoms.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\rundll32.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\STacSV.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ErrorFix\ErrorFix.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Lexmark Z2400 Series\lxdqMsdMon.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Users\Hedgehog\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.post-gazette.com/
uInternet Settings,ProxyOverride = *.local
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
TB: {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No File
TB: {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [lxdqmon.exe] "c:\program files\lexmark z2400 series\lxdqmon.exe"
mRun: [lxdqamon] "c:\program files\lexmark z2400 series\lxdqamon.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
StartupFolder: c:\users\hedgehog\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} - hxxp://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {41D1977F-4161-4720-800F-EA4903983A38} - hxxp://www.worldwinner.com/games/v43/jigsaw/jigsaw.cab
DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} - hxxp://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} - hxxp://www.worldwinner.com/games/v42/tilecity/tilecity.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL avgrsstx.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-9-19 325128]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-1-27 107272]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2008-5-6 73728]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-9-19 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-9-19 298264]
R2 lxdq_device;lxdq_device;c:\windows\system32\lxdqcoms.exe -service --> c:\windows\system32\lxdqcoms.exe -service [?]
R2 lxdqCATSCustConnectService;lxdqCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdqserv.exe [2008-2-27 98984]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-4-2 210216]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-5-6 111616]

=============== Created Last 30 ================

2009-04-23 20:13 <DIR> --d----- c:\users\hedgehog\appdata\roaming\ErrorFix
2009-04-23 20:13 <DIR> --d----- c:\program files\ErrorFix
2009-04-23 20:12 <DIR> --d----- c:\program files\Downloaded Installers
2009-04-09 22:01 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-04-09 22:01 97,800 a------- c:\windows\system32\infocardapi.dll
2009-04-09 22:01 622,080 a------- c:\windows\system32\icardagt.exe
2009-04-09 22:01 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
2009-04-09 22:01 37,384 a------- c:\windows\system32\infocardcpl.cpl
2009-04-09 22:01 11,264 a------- c:\windows\system32\icardres.dll
2009-04-09 22:01 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
2009-04-09 22:01 326,160 a------- c:\windows\system32\PresentationHost.exe
2009-04-09 21:54 96,760 a------- c:\windows\system32\dfshim.dll
2009-04-09 21:54 282,112 a------- c:\windows\system32\mscoree.dll
2009-04-09 21:54 41,984 a------- c:\windows\system32\netfxperf.dll
2009-04-09 21:54 158,720 a------- c:\windows\system32\mscorier.dll
2009-04-09 21:54 83,968 a------- c:\windows\system32\mscories.dll
2009-04-09 21:23 <DIR> --d----- c:\program files\Lexmark Toolbar
2009-04-09 21:21 <DIR> --d----- c:\programdata\Lexmark Z2400 Series
2009-04-09 21:21 <DIR> --d----- c:\progra~2\Lexmark Z2400 Series
2009-04-07 21:01 15,637,794 a------- c:\windows\system32\NHL_Logos_Screen_Saver[1].scr
2009-04-07 20:46 <DIR> --d----- c:\users\hedgehog\appdata\roaming\iScreensaver

==================== Find3M ====================

2009-04-09 21:24 143,360 a------- c:\windows\inf\infstrng.dat
2009-04-09 21:24 51,200 a------- c:\windows\inf\infpub.dat
2009-04-06 15:32 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 15:32 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-04-01 23:37 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-16 23:38 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-16 23:38 13,824 a------- c:\windows\system32\apilogen.dll
2009-03-16 23:38 24,064 a------- c:\windows\system32\amxread.dll
2009-03-12 17:38 86,016 a------- c:\windows\inf\infstor.dat
2009-03-03 00:46 3,599,328 a------- c:\windows\system32\ntkrnlpa.exe
2009-03-03 00:46 3,547,632 a------- c:\windows\system32\ntoskrnl.exe
2009-03-03 00:40 827,392 a------- c:\windows\system32\wininet.dll
2009-03-03 00:39 183,296 a------- c:\windows\system32\sdohlp.dll
2009-03-03 00:39 551,424 a------- c:\windows\system32\rpcss.dll
2009-03-03 00:39 26,112 a------- c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 00:37 78,336 a------- c:\windows\system32\ieencode.dll
2009-03-03 00:37 98,304 a------- c:\windows\system32\iasrecst.dll
2009-03-03 00:37 54,784 a------- c:\windows\system32\iasads.dll
2009-03-03 00:37 44,032 a------- c:\windows\system32\iasdatastore.dll
2009-03-02 23:04 666,624 a------- c:\windows\system32\printfilterpipelinesvc.exe
2009-03-02 22:38 17,408 a------- c:\windows\system32\iashost.exe
2009-03-02 22:28 26,624 a------- c:\windows\system32\ieUnatt.exe
2009-02-13 04:49 72,704 a------- c:\windows\system32\secur32.dll
2009-02-13 04:49 1,255,936 a------- c:\windows\system32\lsasrv.dll
2009-02-08 23:10 2,033,152 a------- c:\windows\system32\win32k.sys
2009-01-26 23:40 69,344 a------- c:\users\hedgehog\appdata\roaming\GDIPFONTCACHEV1.DAT
2009-01-26 18:37 1,442 a------- c:\users\hedgehog\appdata\roaming\wklnhst.dat
2008-09-24 16:21 60,968 a------- c:\users\hedgehog\GoToAssistDownloadHelper.exe
2008-06-11 23:21 665,600 a------- c:\windows\inf\drvindex.dat
2008-01-20 22:43 174 a--sh--- c:\program files\desktop.ini
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 0:43:58.39 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-02-01.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 5/6/2008 1:09:30 PM
System Uptime: 5/3/2009 12:23:11 AM (0 hours ago)

Motherboard: Dell Inc. | | 0U990C
Processor: Intel® Pentium® Dual CPU T2370 @ 1.73GHz | Microprocessor | 1733/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 137 GiB total, 96.344 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5.665 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP209: 4/1/2009 10:47:10 PM - Scheduled Checkpoint
RP210: 4/1/2009 11:16:48 PM - Removed Browser Address Error Redirector.
RP211: 4/1/2009 11:17:37 PM - Removed Search Settings 1.2.
RP212: 4/1/2009 11:22:40 PM - ComboFix created restore point
RP213: 4/1/2009 11:33:36 PM - Removed Java™ 6 Update 4
RP214: 4/1/2009 11:36:50 PM - Installed Java™ 6 Update 13
RP215: 4/9/2009 9:53:32 PM - Windows Update
RP216: 4/14/2009 10:32:05 PM - Windows Update
RP218: 4/16/2009 12:19:14 PM - Avg8 Update
RP219: 4/18/2009 4:17:50 PM - Scheduled Checkpoint
RP220: 4/23/2009 8:12:55 PM - Installed ErrorFix
RP221: 4/25/2009 4:56:50 PM - Scheduled Checkpoint
RP222: 4/26/2009 7:54:52 PM - Scheduled Checkpoint
RP223: 4/28/2009 9:56:34 PM - Scheduled Checkpoint
RP224: 4/29/2009 11:40:04 AM - Windows Update
RP225: 5/1/2009 12:15:59 PM - Windows Update

==== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 1 (SP1)
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.1
Apple Mobile Device Support
Apple Software Update
AVG Free 8.0
Bonjour
CCleaner (remove only)
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Conexant HDA D330 MDC V.92 Modem
Dell Getting Started Guide
Dell Support Center (Support Software)
Dell Touchpad
Dell Wireless WLAN Card
Digital Line Detect
DivX Web Player
ErrorFix
Google Desktop
Google Updater
GoToAssist 8.0.0.514
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel® Matrix Storage Manager
Internet Service Offers Launcher
iTunes
Java™ 6 Update 13
Lexmark Toolbar
Lexmark Z2400 Series
LimeWire 5.1.2
Malwarebytes' Anti-Malware
McAfee SiteAdvisor
MediaDirect
Microsoft .NET Framework 3.5 SP1
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MobileMe Control Panel
Modem Diagnostic Tool
Move Networks Media Player for Internet Explorer
Music, Photos & Videos Launcher
NetWaiting
NetZeroInstallers
OutlookAddinSetup
Product Documentation Launcher
QuickSet
QuickTime
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB960003)
Security Update for Microsoft Office Excel 2007 (KB959997)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
Spelling Dictionaries Support For Adobe Reader 9
Spybot - Search & Destroy
SpywareBlaster 4.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
User's Guides

==== Event Viewer Messages From Past Week ========

4/26/2009 12:01:13 AM, Error: Service Control Manager [7000] - The BCM42RLY service failed to start due to the following error: The system cannot find the file specified.
4/26/2009 12:38:24 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
4/26/2009 7:17:41 PM, Error: EventLog [6008] - The previous system shutdown at 7:15:10 PM on 4/26/2009 was unexpected.
4/26/2009 8:18:57 PM, Error: EventLog [6008] - The previous system shutdown at 8:17:38 PM on 4/26/2009 was unexpected.
4/27/2009 6:29:05 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.
4/28/2009 4:33:11 PM, Error: EventLog [6008] - The previous system shutdown at 4:31:45 PM on 4/28/2009 was unexpected.
4/29/2009 11:41:01 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
4/29/2009 11:41:01 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
4/29/2009 11:41:01 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/29/2009 8:55:44 PM, Error: EventLog [6008] - The previous system shutdown at 8:54:13 PM on 4/29/2009 was unexpected.
4/29/2009 8:57:24 PM, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 2147500053.
5/2/2009 10:17:00 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Hedgehog-PC\Hedgehog SID (S-1-5-21-821965423-1564164254-870415727-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

==== End Of File ===========================

#6 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:39 PM

Posted 03 May 2009 - 07:57 PM

Hello.

Re-run scan with MalwareBytes Anti-Malware
Your MBAM log shows "No action taken". This usually occurs if you forget to click "Remove Selected" and instead only clicked "Save Logfile. Please read this thread and rescan again only using the (Quick Scan) in normal mode and check all items found for removal. Don't forgot to reboot afterwards. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. After performing the new scan, click the Logs tab and copy/paste the contents of the new report in your next reply.

Let's try to disable some startup items with HijackThis to free up memory next round.

Download, Install, and Save Log with HijackThis
  • Download the installer HERE onto your desktop and double click it.
  • You may be asked for confirmation for running an executable file. Select Run.
  • You will be asked choose the install location. Please leave it at the default:
    C:\Program Files\Trend Micro\HijackThis.
  • Select Install.
  • The installation process should only take a few seconds. A shortcut named HijackThis will be created on your desktop so there will be no need to access the HijackThis program directly. The HijackThis window will pop-up after the installation.
  • Click Do a System Scan and Save a Log File.
  • The scan will complete in a moment and the log will pop-up.
  • Copy the contents of the log into your next post.

With Regards,
The Panda

#7 Stimp11

Stimp11
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 06 May 2009 - 06:26 PM

Malwarebytes' Anti-Malware 1.36
Database version: 2085
Windows 6.0.6001 Service Pack 1

5/6/2009 7:07:04 PM
mbam-log-2009-05-06 (19-07-04).txt

Scan type: Quick Scan
Objects scanned: 67679
Time elapsed: 4 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 7
Files Infected: 43

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CD205D52-1C73-4C6C-BAF6-C2190EB69357} (Rogue.ErrorFix) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Results (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Windows\Installer\{CD205D52-1C73-4C6C-BAF6-C2190EB69357} (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Program Files\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Program Files\Downloaded Installers\{CD205D52-1C73-4C6C-BAF6-C2190EB69357} (Rogue.ErrorFix) -> Quarantined and deleted successfully.

Files Infected:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ErrorFix\ErrorFix Help.lnk (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ErrorFix\ErrorFix on the Web.lnk (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ErrorFix\ErrorFix.lnk (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-23 20-13-500.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-24 12-29-040.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-24 16-13-130.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-24 20-55-110.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-25 15-11-590.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-25 20-07-440.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-26 12-38-070.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-26 15-31-280.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-26 20-58-440.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-27 08-25-140.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-27 12-32-540.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-27 14-05-330.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-28 12-11-140.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-28 16-45-310.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-29 00-51-340.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-29 10-50-500.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-29 15-33-380.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-29 15-53-060.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-29 18-57-220.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-29 21-26-360.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-29 22-13-330.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-30 09-03-330.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-04-30 12-13-140.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-05-01 12-14-320.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-05-01 16-34-510.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-05-02 12-38-470.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-05-02 22-04-110.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Logs\2009-05-03 00-24-140.log (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Results\Evidence.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Results\Junk.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Results\Registry.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Hedgehog\AppData\Roaming\ErrorFix\Results\Update.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Windows\Installer\{CD205D52-1C73-4C6C-BAF6-C2190EB69357}\Icon.exe (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Program Files\ErrorFix\definitions.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Program Files\ErrorFix\ErrorFix.exe (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Program Files\ErrorFix\ErrorFix.url (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Program Files\ErrorFix\privacy.db (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Program Files\Downloaded Installers\{CD205D52-1C73-4C6C-BAF6-C2190EB69357}\setup.msi (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Users\Public\Desktop\ErrorFix.lnk (Rogue.ErrorFix) -> Quarantined and deleted successfully.
C:\Windows\Tasks\ErrorFix Scan.job (Rogue.ErrorFix) -> Quarantined and deleted successfully.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:19:47 PM, on 5/6/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lexmark Z2400 Series\lxdqMsdMon.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.post-gazette.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [lxdqmon.exe] "C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe"
O4 - HKLM\..\Run: [lxdqamon] "C:\Program Files\Lexmark Z2400 Series\lxdqamon.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/share...GamesLoader.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {41D1977F-4161-4720-800F-EA4903983A38} (Jigsaw Genius Control) - http://www.worldwinner.com/games/v43/jigsaw/jigsaw.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} (Tilecity Control) - http://www.worldwinner.com/games/v42/tilecity/tilecity.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL avgrsstx.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxdqCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdqserv.exe
O23 - Service: lxdq_device - - C:\Windows\system32\lxdqcoms.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 10409 bytes

#8 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:39 PM

Posted 07 May 2009 - 05:23 PM

Hello.

Let's try to speed things up a bit.

Use HijackThis to Remove Uneeded Startup Entries
Programs that run automatically at startup can take up memory, causing your computer to be slow. Many of these entries are not needed.

Below is a list of entries in your HijackThis log that can be removed safely. Below each entry, you will find a brief description of it. Some are up to preference.

To remove entries you do not want, open HijackThis (if you are using Windows Vista, right click the icon and select Run As Administrator), select "Do a system scan only", put a check mark next to those entries and select "Fix checked".

If you experience any issues after removing any items, use the Backup feature to restore the items.

O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe

Submit File Sample
  • Open to the Submission Channel.
  • Under Link to topic where this file was requested, input:
    http://www.bleepingcomputer.com/forums/t/219513/printer-issue-seems-like-malware/
  • Under Browse to the file you want to submit, input:
    C:\Program Files\Lexmark Z2400 Series\lxdqamon.exe
  • Under the comments section, say that Panda asked for the submission.

Take a new DDS.txt log after.

Any improvement?

With Regards,
The Panda

Edited by PropagandaPanda, 09 May 2009 - 11:31 AM.
BBCode


#9 Stimp11

Stimp11
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 09 May 2009 - 11:09 AM

Is there anything I need to do/submit for the "Submit File Sample" part or is it just linking this topic to it?

#10 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:39 PM

Posted 09 May 2009 - 11:33 AM

Hello.

Simply input the fields. Click Browse and nagivate to the file lxdqamon.exe.

With Regards,
The Panda

#11 Stimp11

Stimp11
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 13 May 2009 - 05:42 PM

Here is the new DDS log...computer running the same but the touchpad on this laptop lost the scroll function...I restored
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
but that doesn't seem to be the right one...any idea what to restore to get teh scroll function back?
Still can't print...

the file submission was successful

DDS (Ver_09-02-01.01) - NTFSx86
Run by Hedgehog at 18:35:30.80 on Wed 05/13/2009
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2037.1174 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Windows\system32\spool\DRIVERS\W32X86\3\lxdqserv.exe
C:\Windows\system32\lxdqcoms.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Lexmark Z2400 Series\lxdqMsdMon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Hedgehog\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.post-gazette.com/
uInternet Settings,ProxyOverride = *.local
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: NoExplorer - No File
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
TB: {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No File
TB: {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [lxdqmon.exe] "c:\program files\lexmark z2400 series\lxdqmon.exe"
mRun: [lxdqamon] "c:\program files\lexmark z2400 series\lxdqamon.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} - hxxp://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {41D1977F-4161-4720-800F-EA4903983A38} - hxxp://www.worldwinner.com/games/v43/jigsaw/jigsaw.cab
DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} - hxxp://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} - hxxp://www.worldwinner.com/games/v42/tilecity/tilecity.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL avgrsstx.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-9-19 325896]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-1-27 108552]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2008-5-6 73728]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-9-19 908568]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-9-19 298776]
R2 lxdq_device;lxdq_device;c:\windows\system32\lxdqcoms.exe -service --> c:\windows\system32\lxdqcoms.exe -service [?]
R2 lxdqCATSCustConnectService;lxdqCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdqserv.exe [2008-2-27 98984]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-4-2 210216]
R2 YahooAUService;Yahoo! Updater;c:\program files\yahoo!\softwareupdate\YahooAUService.exe [2008-11-9 602392]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-5-6 111616]

=============== Created Last 30 ================

2009-05-03 16:12 <DIR> --d----- c:\programdata\Yahoo!
2009-05-03 16:11 <DIR> --d----- c:\program files\Yahoo!
2009-04-23 20:12 <DIR> --d----- c:\program files\Downloaded Installers

==================== Find3M ====================

2009-05-07 12:58 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-05-07 12:58 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-07 12:58 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-04-09 21:24 143,360 a------- c:\windows\inf\infstrng.dat
2009-04-09 21:24 51,200 a------- c:\windows\inf\infpub.dat
2009-04-07 21:01 15,637,794 a------- c:\windows\system32\NHL_Logos_Screen_Saver[1].scr
2009-04-06 15:32 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 15:32 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-04-01 23:37 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-16 23:38 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-16 23:38 13,824 a------- c:\windows\system32\apilogen.dll
2009-03-16 23:38 24,064 a------- c:\windows\system32\amxread.dll
2009-03-12 17:38 86,016 a------- c:\windows\inf\infstor.dat
2009-03-03 00:46 3,599,328 a------- c:\windows\system32\ntkrnlpa.exe
2009-03-03 00:46 3,547,632 a------- c:\windows\system32\ntoskrnl.exe
2009-03-03 00:40 827,392 a------- c:\windows\system32\wininet.dll
2009-03-03 00:39 183,296 a------- c:\windows\system32\sdohlp.dll
2009-03-03 00:39 551,424 a------- c:\windows\system32\rpcss.dll
2009-03-03 00:39 26,112 a------- c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 00:37 78,336 a------- c:\windows\system32\ieencode.dll
2009-03-03 00:37 98,304 a------- c:\windows\system32\iasrecst.dll
2009-03-03 00:37 54,784 a------- c:\windows\system32\iasads.dll
2009-03-03 00:37 44,032 a------- c:\windows\system32\iasdatastore.dll
2009-03-02 23:04 666,624 a------- c:\windows\system32\printfilterpipelinesvc.exe
2009-03-02 22:38 17,408 a------- c:\windows\system32\iashost.exe
2009-03-02 22:28 26,624 a------- c:\windows\system32\ieUnatt.exe
2009-02-13 04:49 72,704 a------- c:\windows\system32\secur32.dll
2009-02-13 04:49 1,255,936 a------- c:\windows\system32\lsasrv.dll
2009-01-26 23:40 69,344 a------- c:\users\hedgehog\appdata\roaming\GDIPFONTCACHEV1.DAT
2009-01-26 18:37 1,442 a------- c:\users\hedgehog\appdata\roaming\wklnhst.dat
2008-09-24 16:21 60,968 a------- c:\users\hedgehog\GoToAssistDownloadHelper.exe
2008-06-11 23:21 665,600 a------- c:\windows\inf\drvindex.dat
2008-01-20 22:43 174 a--sh--- c:\program files\desktop.ini
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 18:36:02.29 ===============

#12 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:39 PM

Posted 13 May 2009 - 05:54 PM

Hello Stimp11.

Often those entries are related to features that are not needed. Some, like scrolling are convenient.

Click on Start -> Run.

Input the following into the Run Box one at a time and click OK. After each, check if the function is restored.
C:\Dell\E-Center\EULALauncher.exe
C:\Program Files\DellTPad\Apoint.exe
%ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Windows\system32\igfxtray.exe
C:\Windows\system32\hkcmd.exe
C:\Windows\system32\igfxpers.exe
"C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
C:\Windows\system32\WLTRAY.exe
"C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
"C:\Program Files\Dell\MediaDirect\PCMService.exe"
"C:\Program Files\Java\jre6\bin\jusched.exe"
C:\Windows\ehome\ehTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe

With Regards,
The Panda

#13 Stimp11

Stimp11
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 21 May 2009 - 03:28 PM

Panda,
Will I get another response once whatever was submitted was reviewed?
-Stimp

#14 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:39 PM

Posted 21 May 2009 - 05:23 PM

Hello.

The file was submitted to me.

It was not in our databases, so I will add it.

Please complete the steps in my previous post.

With Regards,
The Panda

#15 Stimp11

Stimp11
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 29 May 2009 - 08:29 PM

Ok...I got the touchpad fixed...still not printing. Can you walk me through how to make sure the firewall isn't interfering...I don't see any indication that it is (and we had printed something 2 hours previously) but I guess it is worth a try....Also, is there any Vista printing issue or patch I might need?

What else can I do??? This is so frustrating. I am lucky I have a work computer that I can print with.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users