Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please help me remove malware


  • This topic is locked This topic is locked
1 reply to this topic

#1 abbey

abbey

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:54 PM

Posted 14 June 2009 - 06:07 PM

Hello,

I am in serious need of some computer help. I wondered if someone could help me remove this malware. I think I have spyware, trojans, or somethingÖ

I ran malwarebytes and was able to remove a lot of infected files. However, there seem to be 7 files that malwarbytes canít seem to remove upon reboot.

On top of all this, my wireless internet connection is blocked. I have an excellent signal strength with the connection, but canít actually go online. I canít even get internet access in safe mode with networking.

In the midst of all this I tried to install CA antivirus. I was able to do a virus scan, and it came up clean with that, but did find spyware. Itís not installed properly, so without an internet connection, it canít remove them.

I am really frustrated and not sure what to do next. Any help offered would be greatly appreciated.

DDS and ATTACH scan follow.

Thanks.


DDS (Ver_09-05-14.01) - NTFSx86
Run by Thomas Lake at 16:15:03.25 on Sun 06/14/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.183 [GMT -4:00]

AV: CA Anti-Virus *On-access scanning enabled* (Outdated) {17CFD1EA-56CF-40B5-A06B-BD3A27397C93}

============== Running Processes ===============

C:\Program Files\Common Files\Virtual Token\vtserver.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\S24EvMon.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\QCONSVC.EXE
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\IBM\Messages By IBM\ibmmessages.exe
C:\IBMTOOLS\UTILS\ibmprc.exe
C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE
C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\1XConfig.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Thomas Lake\Desktop\dds.scr
C:\Documents and Settings\Thomas Lake\Thomas Lake.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.wappingersschools.org/
mStart Page =
uInternet Settings,ProxyServer = http=localhost:7171
uInternet Settings,ProxyOverride = *.local;<local>
BHO: : {75cd8906-8271-462c-82ac-f4d101bf2c2a} - c:\windows\system32\lypsqeo.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ibmmessages] c:\program files\ibm\messages by ibm\ibmmessages.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" -NoStart
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [<NO NAME>] c:\documents and settings\thomas lake\.exe /i
uRun: [A00F36A4E7.exe] c:\docume~1\thomas~1\locals~1\temp\_A00F36A4E7.exe
uRun: [A00F168977.exe] c:\docume~1\thomas~1\locals~1\temp\_A00F168977.exe
uRun: [A00F1698C3.exe] c:\docume~1\thomas~1\locals~1\temp\_A00F1698C3.exe
uRun: [A00F1BC70B.exe] c:\docume~1\thomas~1\locals~1\temp\_A00F1BC70B.exe
uRun: [A00F15B947.exe] c:\docume~1\thomas~1\locals~1\temp\_A00F15B947.exe
uRun: [Thomas Lake] c:\documents and settings\thomas lake\Thomas Lake.exe /i
mRun: [S3TRAY2] S3Tray2.exe
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [TPKMAPHELPER] c:\program files\thinkpad\utilities\TpKmapAp.exe -helper
mRun: [TpShocks] TpShocks.exe
mRun: [TPHOTKEY] c:\progra~1\thinkpad\pkgmgr\hotkey\TPHKMGR.exe
mRun: [ControlCenter] "c:\program files\ibm fingerprint software\ctlcntr.exe" /startup
mRun: [TP4EX] tp4ex.exe
mRun: [EZEJMNAP] c:\progra~1\thinkpad\utilit~1\EzEjMnAp.Exe
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [UC_Start] c:\program files\ibm\updater\\ucstartup.exe
mRun: [UC_SMB]
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [ibmmessages] c:\program files\ibm\messages by ibm\\ibmmessages.exe
mRun: [IBMPRC] c:\ibmtools\utils\ibmprc.exe
mRun: [QCTRAY] c:\program files\thinkpad\connectutilities\QCTRAY.EXE
mRun: [QCWLICON] c:\program files\thinkpad\connectutilities\QCWLICON.EXE
mRun: [BMMGAG] RunDll32 c:\progra~1\thinkpad\utilit~1\pwrmonit.dll,StartPwrMonitor
mRun: [BMMLREF] c:\program files\thinkpad\utilities\BMMLREF.EXE
mRun: [BMMMONWND] rundll32.exe c:\progra~1\thinkpad\utilit~1\BatInfEx.dll,BMMAutonomicMonitor
mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
mRun: [Pure Networks Port Magic] "c:\progra~1\purene~1\portma~1\PortAOL.exe" -Run
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_05\bin\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [NAV] "c:\program files\nortoninstaller\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav\2454b0ab\16.0.0.125\inststub.exe" /relaunch /runonce /media "d:\SETUP.EXE" /NOPROMPT
mRun: [cctray] "c:\program files\ca\ca internet security suite\cctray\cctray.exe"
mRun: [CAVRID] "c:\program files\ca\ca internet security suite\ca anti-virus\CAVRID.exe"
dRun: [<NO NAME>] c:\documents and settings\thomas lake\.exe /i
dRun: [SYS32DLL] SYS32DLL
dRun: [Diagnostic Manager] c:\windows\temp\2063829159.exe
dRun: [svc] c:\program files\thunmail\testabd.exe
dRun: [SYSDLL] SYSDLL
dRun: [shv] c:\program files\micphone\antit.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
dPolicies-explorer: NoFolderOptions = 1 (0x1)
dPolicies-system: DisableRegistryTools = 1 (0x1)
IE: &AOL Toolbar search - c:\program files\aol toolbar\toolbar.dll/SEARCH.HTML
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
LSP: c:\windows\system32\VetRedir.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
Notify: AtiExtEvent - Ati2evxx.dll
Notify: psfus - c:\program files\ibm fingerprint software\psfus.dll
Notify: QConGina - QConGina.dll
Notify: rjzbvpks - lypsqeo.dll
AppInit_DLLs: c:\windows\system32\gevumabo.dll ,c:\progra~1\thunmail\testabd.dll,c:\progra~1\micphone\antit.dll
LSA: Notification Packages = scecli pwdmon c:\windows\system32\gevumabo.dll

============= SERVICES / DRIVERS ===============

R0 fazpbtpj;fazpbtpj;c:\windows\system32\drivers\fazpbtpj.sys [1980-1-1 23424]
R0 Shockprf;Shockprf;c:\windows\system32\drivers\shockprf.sys [2005-2-7 59520]
R1 ANC;ANC;c:\windows\system32\drivers\ANC.sys [2005-2-7 11520]
R1 IBMTPCHK;IBMTPCHK;c:\windows\system32\drivers\IBMBLDID.SYS [2005-2-7 2432]
R1 ShockMgr;ShockMgr;c:\windows\system32\drivers\ShockMgr.sys [2005-2-7 4608]
R1 TPPWR;TPPWR;c:\windows\system32\drivers\TPPWR.SYS [2005-2-7 16384]
R1 vet-filt;VET File System Filter;c:\windows\system32\drivers\vet-filt.sys [2009-6-9 26352]
R1 vet-rec;VET File System Recognizer;c:\windows\system32\drivers\vet-rec.sys [2009-6-9 21104]
R1 vetefile;VET File Scan Engine;c:\windows\system32\drivers\vetefile.sys [2009-6-9 879760]
R1 vetfddnt;VET Floppy Boot Sector Monitor;c:\windows\system32\drivers\vetfddnt.sys [2009-6-9 21488]
R1 vetmonnt;VET File Monitor;c:\windows\system32\drivers\vetmonnt.sys [2009-6-9 32240]
R2 caisafe;CAISafe;c:\program files\ca\ca internet security suite\ca anti-virus\isafe.exe [2009-6-9 144696]
R2 ccschedulersvc;CA Common Scheduler Service;c:\program files\ca\ca internet security suite\ccschedulersvc.exe [2009-6-9 128240]
R2 ibmfilter;ibmfilter;c:\windows\system32\drivers\ibmfilter.sys [2004-9-23 64256]
R2 vetmsgnt;VET Message Service;c:\program files\ca\ca internet security suite\ca anti-virus\vetmsg.exe [2009-6-9 296176]
R3 veteboot;VET Boot Scan Engine;c:\windows\system32\drivers\veteboot.sys [2009-6-9 108288]
S0 qofhev;qofhev;c:\windows\system32\drivers\mkoxr.sys --> c:\windows\system32\drivers\mkoxr.sys [?]
S1 ethoydxs;ethoydxs;c:\windows\system32\drivers\ethoydxs.sys [2009-6-5 136192]
S2 bevtservice;bevtservice;c:\windows\system32\bevtservice.exe -k netsvcs --> c:\windows\system32\bEvtService.exe -k netsvcs [?]
S2 eylqmu;eylqmu;c:\windows\system32\drivers\zxsdko.sys --> c:\windows\system32\drivers\zxsdko.sys [?]
S3 isadisk;isadisk;c:\windows\system32\isadisk.sys [1980-1-1 2304]
S3 QCNDISIF;QCNDISIF;c:\windows\system32\drivers\qcndisif.sys [2005-2-7 12288]
S3 sndintd;sndintd;c:\windows\system32\sndintd.sys [1980-1-1 2304]

=============== Created Last 30 ================

2009-06-13 22:16 61,440 a------- c:\windows\system32\drivers\isoyb.sys
2009-06-13 18:20 <DIR> --d----- c:\program files\Trend Micro
2009-06-12 22:10 <DIR> --d----- C:\VundoFix Backups
2009-06-12 19:19 61,440 a------- c:\windows\system32\drivers\qklwyx.sys
2009-06-11 21:45 40,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-10 21:49 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-06-09 18:26 250,544 a------- c:\windows\system32\KeyHelp.ocx
2009-06-09 18:26 <DIR> --d----- c:\program files\common files\Scanner
2009-06-09 18:25 879,760 a------- c:\windows\system32\drivers\vetefile.sys
2009-06-09 18:25 111,856 a------- c:\windows\system32\isafprod.dll
2009-06-09 18:25 108,288 a------- c:\windows\system32\drivers\veteboot.sys
2009-06-09 18:25 99,568 a------- c:\windows\system32\isafeif.dll
2009-06-09 18:25 83,256 a------- c:\windows\system32\vetredir.dll
2009-06-09 18:25 32,240 a------- c:\windows\system32\drivers\vetmonnt.sys
2009-06-09 18:25 26,352 a------- c:\windows\system32\drivers\vet-filt.sys
2009-06-09 18:25 21,488 a------- c:\windows\system32\drivers\vetfddnt.sys
2009-06-09 18:25 21,104 a------- c:\windows\system32\drivers\vet-rec.sys
2009-06-09 18:24 111,856 a------- c:\windows\system32\wbem\canvprov.dll
2009-06-09 18:24 6,552 a------- c:\windows\system32\wbem\canvprov.mof
2009-06-09 18:24 <DIR> --d----- c:\program files\CA
2009-06-08 21:36 437,248 a------- c:\windows\system32\Installer.exe
2009-06-08 21:36 258,048 a------- c:\windows\system32\wscsvc32.exe
2009-06-08 21:36 82,432 a------- c:\windows\system32\resdll.dll
2009-06-06 21:43 0 a------- c:\windows\system32\34.tmp
2009-06-06 21:26 <DIR> --d----- c:\docume~1\alluse~1\applic~1\CA
2009-06-06 16:13 <DIR> --dshr-- c:\program files\MicPhone
2009-06-06 16:13 67,584 a------- c:\windows\system32\A0.tmp
2009-06-06 16:13 152,576 a------- c:\windows\system32\9F.tmp
2009-06-06 16:13 80 a------- c:\windows\system32\9D.tmp
2009-06-05 21:17 67,584 a------- c:\windows\system32\36.tmp
2009-06-05 21:17 153,088 a------- c:\windows\system32\35.tmp
2009-06-05 21:16 120 a------- c:\windows\system32\2A.tmp
2009-06-05 21:10 67,584 a------- c:\windows\system32\33.tmp
2009-06-05 21:10 153,088 a------- c:\windows\system32\32.tmp
2009-06-05 20:56 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Protexis
2009-06-05 20:45 67,584 a------- c:\windows\system32\31.tmp
2009-06-05 20:45 152,064 a------- c:\windows\system32\2F.tmp
2009-06-05 20:44 120 a------- c:\windows\system32\26.tmp
2009-06-05 15:43 67,584 a------- c:\windows\system32\2E.tmp
2009-06-05 15:43 153,088 a------- c:\windows\system32\2C.tmp
2009-06-05 15:43 80 a------- c:\windows\system32\2B.tmp
2009-06-05 15:23 67,584 a------- c:\windows\system32\29.tmp
2009-06-05 15:23 153,088 a------- c:\windows\system32\28.tmp
2009-06-05 15:23 80 a------- c:\windows\system32\27.tmp
2009-06-05 15:17 136,192 a------- c:\windows\system32\drivers\ethoydxs.sys
2009-06-05 15:17 67,584 a------- c:\windows\system32\25.tmp
2009-06-05 15:17 153,088 a------- c:\windows\system32\24.tmp
2009-06-05 15:16 80 a------- c:\windows\system32\23.tmp
2009-06-05 14:45 136,192 a------- c:\windows\system32\drivers\wanatw4.sys
2009-05-25 11:50 1 a------- c:\windows\system32\20.tmp
2009-05-25 11:49 84 a------- c:\windows\system32\1F.tmp
2009-05-25 11:05 <DIR> --d----- c:\windows\system32\LogFiles
2009-05-25 10:09 29,184 a------- c:\windows\system32\jhxm32.dll
2009-05-25 09:17 <DIR> --d----- c:\windows\system32\sysloc
2009-05-24 18:58 41,240 ----h--- c:\documents and settings\thomas lake\Thomas Lake.exe
2009-05-24 18:58 70,144 a------- c:\windows\system32\22.tmp
2009-05-24 18:54 120 a------- c:\windows\system32\1E.tmp
2009-05-24 14:28 107,852 a------- c:\windows\system32\drivers\5df2a0c3.sys
2009-05-24 14:28 22,528 a------- C:\orrx.exe
2009-05-24 14:27 <DIR> --d----- c:\docume~1\alluse~1\applic~1\94932966
2009-05-24 14:27 <DIR> --d----- c:\docume~1\alluse~1\applic~1\14922974
2009-05-24 14:26 29,696 a------- C:\bpyphcxc.exe
2009-05-24 14:21 1 a------- c:\windows\system32\1C.tmp
2009-05-24 14:21 84 a------- c:\windows\system32\1B.tmp
2009-05-24 11:31 0 a------- c:\windows\system32\1A.tmp
2009-05-22 10:57 70,144 a------- c:\windows\system32\1D.tmp
2009-05-22 10:56 120 a------- c:\windows\system32\19.tmp
2009-05-22 09:18 70,144 a------- c:\windows\system32\30.tmp
2009-05-22 09:18 120 a------- c:\windows\system32\2D.tmp
2009-05-22 08:10 <DIR> --d----- c:\windows\system32\3361
2009-05-22 08:10 108,336 a------- c:\windows\system32\MSWINSCK.OCX
2009-05-22 08:10 <DIR> --d----- c:\windows\dhcp
2009-05-17 10:40 0 a------- c:\windows\system32\18.tmp
2009-05-17 10:40 1 a------- c:\windows\system32\14.tmp
2009-05-16 19:03 94,208 a------- c:\windows\system32\13.tmp
2009-05-16 19:03 1 a------- c:\windows\system32\12.tmp
2009-05-16 17:27 94,208 a------- c:\windows\system32\17.tmp
2009-05-16 17:27 1 a------- c:\windows\system32\16.tmp
2009-05-16 17:27 84 a------- c:\windows\system32\15.tmp

==================== Find3M ====================

2009-06-14 16:15 107,772 a------- c:\windows\system32\drivers\f8863985.sys
2009-06-14 16:15 107,772 a------- c:\windows\system32\drivers\c4b9cc21.sys
2009-06-14 16:15 107,772 a------- c:\windows\system32\drivers\5e07aa2b.sys
2009-06-14 16:15 107,772 a------- c:\windows\system32\drivers\2b791b1c.sys
2009-06-14 16:15 104,444 a------- c:\windows\system32\drivers\cfa50922.sys
2009-05-25 11:42 159 a------- C:\xcrashdump.dat
2009-05-24 18:50 90,112 a------- c:\windows\DUMP57c0.tmp
2009-05-24 18:49 90,112 a------- c:\windows\DUMP58c4.tmp
2009-05-24 18:47 90,112 a------- c:\windows\DUMP57ba.tmp
2009-05-24 18:46 90,112 a------- c:\windows\DUMP57b9.tmp
2009-05-24 18:45 90,112 a------- c:\windows\DUMP56c7.tmp
2009-05-24 18:44 90,112 a------- c:\windows\DUMP57b3.tmp
2009-05-24 18:43 90,112 a------- c:\windows\DUMP5806.tmp
2009-05-24 18:41 90,112 a------- c:\windows\DUMP5811.tmp
2009-05-24 18:40 90,112 a------- c:\windows\DUMP587f.tmp
2009-05-24 18:39 90,112 a------- c:\windows\DUMP577f.tmp
2009-05-24 18:38 90,112 a------- c:\windows\DUMP5842.tmp
2009-05-24 18:37 90,112 a------- c:\windows\DUMP5c47.tmp
2009-05-24 18:35 90,112 a------- c:\windows\DUMP566c.tmp
2009-05-24 18:34 90,112 a------- c:\windows\DUMP5958.tmp
2009-05-24 18:33 90,112 a------- c:\windows\DUMP5890.tmp
2009-05-24 18:32 90,112 a------- c:\windows\DUMP5bbb.tmp
2009-05-24 18:30 90,112 a------- c:\windows\DUMP5da6.tmp
2009-05-24 18:29 90,112 a------- c:\windows\DUMP57f4.tmp
2009-05-24 18:28 90,112 a------- c:\windows\DUMP58d7.tmp
2009-05-24 18:27 90,112 a------- c:\windows\DUMP56f7.tmp
2009-05-24 18:26 90,112 a------- c:\windows\DUMP57bf.tmp
2009-05-24 18:24 90,112 a------- c:\windows\DUMP561a.tmp
2009-05-24 18:23 90,112 a------- c:\windows\DUMP5790.tmp
2009-05-24 18:22 90,112 a------- c:\windows\DUMP57b8.tmp
2009-05-24 18:21 90,112 a------- c:\windows\DUMP5928.tmp
2009-05-24 18:20 90,112 a------- c:\windows\DUMP587e.tmp
2009-05-24 18:18 90,112 a------- c:\windows\DUMP564b.tmp
2009-05-24 18:17 90,112 a------- c:\windows\DUMP577e.tmp
2009-05-24 18:16 90,112 a------- c:\windows\DUMP58ba.tmp
2009-05-24 18:15 90,112 a------- c:\windows\DUMP57b2.tmp
2009-05-24 18:14 90,112 a------- c:\windows\DUMP5752.tmp
2009-05-24 18:12 90,112 a------- c:\windows\DUMP5872.tmp
2009-05-24 18:11 90,112 a------- c:\windows\DUMP57e0.tmp
2009-05-24 18:10 90,112 a------- c:\windows\DUMP594e.tmp
2009-05-24 18:09 90,112 a------- c:\windows\DUMP57f3.tmp
2009-05-24 18:08 90,112 a------- c:\windows\DUMP586c.tmp
2009-05-24 18:06 90,112 a------- c:\windows\DUMP57b1.tmp
2009-05-24 18:05 90,112 a------- c:\windows\DUMP58cd.tmp
2009-05-24 18:04 90,112 a------- c:\windows\DUMP5676.tmp
2009-05-24 18:03 90,112 a------- c:\windows\DUMP57b7.tmp
2009-05-24 18:02 90,112 a------- c:\windows\DUMP5810.tmp
2009-05-24 18:00 90,112 a------- c:\windows\DUMP56b1.tmp
2009-05-24 17:59 90,112 a------- c:\windows\DUMP57b0.tmp
2009-05-24 17:58 90,112 a------- c:\windows\DUMP57fb.tmp
2009-05-24 17:57 90,112 a------- c:\windows\DUMP569d.tmp
2009-05-24 17:56 90,112 a------- c:\windows\DUMP569c.tmp
2009-05-24 17:54 90,112 a------- c:\windows\DUMP57e8.tmp
2009-05-24 17:53 90,112 a------- c:\windows\DUMP5675.tmp
2009-05-24 17:52 90,112 a------- c:\windows\DUMP56c6.tmp
2009-05-24 17:51 90,112 a------- c:\windows\DUMP56bb.tmp
2009-05-24 17:50 90,112 a------- c:\windows\DUMP581b.tmp
2009-05-24 17:48 90,112 a------- c:\windows\DUMP58b9.tmp
2009-05-24 17:47 90,112 a------- c:\windows\DUMP5638.tmp
2009-05-24 17:46 90,112 a------- c:\windows\DUMP57be.tmp
2009-05-24 17:45 90,112 a------- c:\windows\DUMP584a.tmp
2009-05-24 17:44 90,112 a------- c:\windows\DUMP5841.tmp
2009-05-24 17:41 90,112 a------- c:\windows\DUMP562f.tmp
2009-05-24 17:40 90,112 a------- c:\windows\DUMP581a.tmp
2009-05-24 17:39 90,112 a------- c:\windows\DUMP5819.tmp
2009-05-24 17:38 90,112 a------- c:\windows\DUMP5797.tmp
2009-05-24 17:36 90,112 a------- c:\windows\DUMP5b7f.tmp
2009-05-24 17:35 90,112 a------- c:\windows\DUMP56d8.tmp
2009-05-24 17:34 90,112 a------- c:\windows\DUMP57fa.tmp
2009-05-24 17:33 90,112 a------- c:\windows\DUMP5908.tmp
2009-05-24 17:32 90,112 a------- c:\windows\DUMP5a53.tmp
2009-05-24 17:30 90,112 a------- c:\windows\DUMP5bb3.tmp
2009-05-24 17:29 90,112 a------- c:\windows\DUMP5840.tmp
2009-05-24 17:28 90,112 a------- c:\windows\DUMP5927.tmp
2009-05-24 17:27 90,112 a------- c:\windows\DUMP5837.tmp
2009-05-24 17:25 90,112 a------- c:\windows\DUMP57df.tmp
2009-05-24 17:24 90,112 a------- c:\windows\DUMP580f.tmp
2009-05-24 17:23 90,112 a------- c:\windows\DUMP56c5.tmp
2009-05-24 17:22 90,112 a------- c:\windows\DUMP57b6.tmp
2009-05-24 17:21 90,112 a------- c:\windows\DUMP57f2.tmp
2009-05-24 17:19 90,112 a------- c:\windows\DUMP57ca.tmp
2009-05-24 17:18 90,112 a------- c:\windows\DUMP56a6.tmp
2009-05-24 17:17 90,112 a------- c:\windows\DUMP57c9.tmp
2009-05-24 17:16 90,112 a------- c:\windows\DUMP5854.tmp
2009-05-24 17:15 90,112 a------- c:\windows\DUMP562e.tmp
2009-05-24 17:13 90,112 a------- c:\windows\DUMP577d.tmp
2009-05-24 17:12 90,112 a------- c:\windows\DUMP578f.tmp
2009-05-24 17:11 90,112 a------- c:\windows\DUMP5658.tmp
2009-05-24 17:10 90,112 a------- c:\windows\DUMP56ce.tmp
2009-05-24 17:09 90,112 a------- c:\windows\DUMP56f6.tmp
2009-05-24 17:07 90,112 a------- c:\windows\DUMP58fe.tmp
2009-05-24 17:06 90,112 a------- c:\windows\DUMP57af.tmp
2009-05-24 17:05 90,112 a------- c:\windows\DUMP5931.tmp
2009-05-24 17:04 90,112 a------- c:\windows\DUMP577c.tmp
2009-05-24 17:03 90,112 a------- c:\windows\DUMP5749.tmp
2009-05-24 17:01 90,112 a------- c:\windows\DUMP56ec.tmp
2009-05-24 17:00 90,112 a------- c:\windows\DUMP5619.tmp
2009-05-24 16:59 90,112 a------- c:\windows\DUMP5784.tmp
2009-05-24 16:58 90,112 a------- c:\windows\DUMP5783.tmp
2009-05-24 16:57:09 A------- 90,112 c:\windows\DUMP5926.tmp
2008-12-27 18:34 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008122720081228\index.dat

============= FINISH: 16:15:43.31 ===============


--------------------------------------------------------------------


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-05-14.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2/12/2005 4:12:24 AM
System Uptime: 6/14/2009 4:06:54 PM (0 hours ago)

Motherboard: IBM | | 2373K1U
Processor: Intel® Pentium® M processor 1.70GHz | None | 1694/400mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 33 GiB total, 6.978 GiB free.
D: is CDROM ()
E: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

Access IBM
Access IBM Message Center
Adobe Download Manager 2.0 (Remove Only)
Adobe Flash Player 10 ActiveX
Adobe Reader 6.0
America Online (Choose which version to remove)
Apple Mobile Device Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
ATI HYDRAVISION
Atmel Tpm Install 2.1.1.01
AutoUpdate
Bonjour
CA Anti-Virus
CA Internet Security Suite
CA Pest Patrol Realtime Protection
DivX Codec
DivX Player
Free YouTube to iPod Converter version 3.1
Google Update Helper
Google Updater
Hotfix for Windows XP (KB952287)
IBM 32-bit Runtime Environment for Java 2, v1.4.1
IBM Access Connections
IBM Active Protection System
IBM DLA
IBM fingerprint software 4.5.3
IBM Integrated 56K Modem
IBM Rescue and Recovery with Rapid Restore
IBM Themes
IBM ThinkPad Battery MaxiMiser and Power Management Features
IBM ThinkPad Configuration
IBM ThinkPad EasyEject Utility
IBM ThinkPad Keyboard Customizer Utility
IBM ThinkPad Power Management Driver
IBM ThinkPad Presentation Director
IBM ThinkPad UltraNav Driver
IBM ThinkPad UltraNav Wizard
IBM ThinkVantage Technologies Welcome Message
IBM TrackPoint Accessibility Features
IBM Update Connector
Intel® PRO Network Adapters and Drivers
Intel® Sebring API
InterVideo AVControlSDK
InterVideo DeviceService
InterVideo WinDVD
iPod for Windows 2006-06-28
iTunes
Java™ 6 Update 5
LightScribe 1.4.124.1
Malwarebytes' Anti-Malware
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2003 Web Components
Microsoft Office Basic Edition 2003
Microsoft Office Converter Pack
Microsoft Office XP Web Components
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft XML Parser
MobileMe Control Panel
Move Networks Media Player for Internet Explorer
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 Parser and SDK
PC-Doctor for Windows
Pure Networks Port Magic
QuickTime
RealPlayer Basic
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961373)
ThinkPad FullScreen Magnifier
ThinkPad Software Installer
Uninstall 1.0.0.1
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Viewpoint Media Player
Wallpapers
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Media Encoder 9 Series
Windows XP Service Pack 3

==== Event Viewer Messages From Past Week ========

6/9/2009 9:45:48 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error message: The referenced assembly is not installed on your system. .
6/9/2009 9:45:48 PM, error: SideBySide [59] - Generate Activation Context failed for C:\DOCUME~1\THOMAS~1\LOCALS~1\Temp\RarSFX0\basic\setup.exe. Reference error message: The operation completed successfully. .
6/9/2009 9:45:48 PM, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
6/9/2009 9:17:49 AM, error: System Error [1003] - Error code 100000d1, parameter1 e1f18000, parameter2 00000002, parameter3 00000000, parameter4 ed9d2b00.
6/9/2009 5:29:49 PM, error: System Error [1003] - Error code 100000d1, parameter1 e1f04000, parameter2 00000002, parameter3 00000000, parameter4 ed9d2b00.
6/9/2009 5:14:06 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: eectrl
6/9/2009 5:14:06 PM, error: Service Control Manager [7023] - The 6to4 service terminated with the following error: The specified module could not be found.
6/9/2009 5:14:06 PM, error: Service Control Manager [7003] - The DHCP Client service depends on the following nonexistent service: dhcpsrv
6/9/2009 5:14:06 PM, error: Service Control Manager [7000] - The Ulead Burning Helper service failed to start due to the following error: The system cannot find the file specified.
6/9/2009 5:14:06 PM, error: Service Control Manager [7000] - The Task Scheduler service failed to start due to the following error: The system cannot find the file specified.
6/9/2009 5:14:06 PM, error: Service Control Manager [7000] - The eylqmu service failed to start due to the following error: The system cannot find the file specified.
6/9/2009 4:57:43 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
6/9/2009 11:37:08 AM, error: System Error [1003] - Error code 100000d1, parameter1 e1f0a000, parameter2 00000002, parameter3 00000000, parameter4 ed9d2b00.
6/9/2009 10:06:57 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD ANC eectrl Fips IBMTPCHK intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss ShockMgr Smapint Tcpip TDSMAPI TPHKDRV TPPWR TSMAPIP vet-filt vet-rec vetefile vetmonnt
6/9/2009 10:06:57 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error: A device attached to the system is not functioning.
6/9/2009 10:06:57 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
6/9/2009 10:06:57 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
6/9/2009 10:06:57 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
6/9/2009 10:06:57 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
6/8/2009 9:55:38 PM, error: HTTP [15005] - Unable to bind to the underlying transport for 0.0.0.0:2869. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number.
6/8/2009 9:33:17 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
6/8/2009 9:32:46 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
6/8/2009 9:30:21 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
6/8/2009 9:26:14 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service PPCtlPriv with arguments "" in order to run the server: {F974178A-A284-440A-BEFC-5B0D11BCDB68}
6/8/2009 9:26:14 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service CaCCProvSP with arguments "" in order to run the server: {AACF4A1C-BC69-4359-9518-DF3F77E462BF}
6/8/2009 9:23:52 PM, error: DCOM [10005] - DCOM got error "%1055" attempting to start the service CaCCProvSP with arguments "" in order to run the server: {AACF4A1C-BC69-4359-9518-DF3F77E462BF}
6/8/2009 9:23:50 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service iPod Service with arguments "-Service" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
6/8/2009 9:22:14 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ANC eectrl Fips IBMTPCHK intelppm ShockMgr Smapint TDSMAPI TPHKDRV TPPWR TSMAPIP vet-filt vet-rec vetefile vetmonnt
6/8/2009 10:28:37 PM, error: System Error [1003] - Error code 100000d1, parameter1 e1f1a000, parameter2 00000002, parameter3 00000000, parameter4 ed9d2b00.
6/7/2009 8:23:33 PM, error: DCOM [10005] - DCOM got error "%1055" attempting to start the service iPod Service with arguments "-Service" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
6/7/2009 4:53:59 AM, error: BROWSER [8007] - The browser was unable to update the service status bits. The data is the error.
6/13/2009 5:13:40 PM, error: System Error [1003] - Error code 100000d1, parameter1 e2016000, parameter2 00000002, parameter3 00000000, parameter4 ed8ceb00.
6/13/2009 10:19:30 PM, error: Service Control Manager [7000] - The silcmlni service failed to start due to the following error: A device attached to the system is not functioning.
6/12/2009 7:22:41 PM, error: Service Control Manager [7000] - The rwdixi service failed to start due to the following error: A device attached to the system is not functioning.
6/11/2009 10:47:40 PM, error: Service Control Manager [7034] - The avast!antivirus service terminated unexpectedly. It has done this 1 time(s).
6/11/2009 10:47:40 PM, error: Service Control Manager [7031] - The Windows Network Data Management System Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

==== End Of File ===========================

BC AdBot (Login to Remove)

 


m

#2 abbey

abbey
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:54 PM

Posted 15 June 2009 - 06:49 AM

please close thread. thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users