Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot run dds. :( Too many problems to even know what all is wrong...may have started due to Facebook toolbar??


  • This topic is locked This topic is locked
5 replies to this topic

#1 divergurl1999

divergurl1999

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:40 PM

Posted 10 August 2009 - 11:19 AM

I am presently using my son's laptop to assist me in fixing mine, but my laptop is acting so badly, I cannot even run dds that I saved onto a separate drive that I could switch from the working laptop to the affected one. I double clicked on it, after it took an hour and a half to even pull up the proper menu, but the program never worked. I tried to go at it with a right click, but now only get the spinning hourglass. When the computer did initially come up for this session (after a couple of hard crashes), it told me TPSrv Application stopped working and was closed. There is no internet access to the computer right now, so it is not in harm's way right now...but it is in pretty bad shape.

Are there any suggestions on how I can get dds to run with the laptop acting in this manner?

Thank you.
Trish

My hourglass is still spinning but I did get a black screen of death on a Failure - Security Options error that stated across the top of the error box that the "Logon process has failed to create the security options dialog." I am certain Panda is in the process of crashing and will be going back to ZoneAlarm, that apparently hasn't been causing me any problems as I at first suspected, once all of this is over. Someone, please help!!

I finally coerced my computer to run the dds program. Here is the scan txt and per instructions, I am not attaching the other file unless someone asks for it. Thank you, again, very much. I very much appreciate everything you guys do for all of us every day!

Trish

DDS (Ver_09-07-30.01) - NTFSx86
Run by Trish at 12:50:05.15 on Mon 08/10/2009
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1013.288 [GMT -4:00]

SP: Windows Defender *disabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:Windowssystem32wininit.exe
C:Windowssystem32lsm.exe
C:Windowssystem32svchost.exe -k DcomLaunch
C:WindowsMicrosoft.NetFrameworkv3.0WPFPresentationFontCache.exe
C:Windowssystem32svchost.exe -k rpcss
C:WindowsSystem32svchost.exe -k secsvcs
C:Windowssystem32svchost.exe -k NetworkService
C:Program FilesPanda SecurityPanda Global Protection 2010PskSvc.exe
C:Program FilesPanda SecurityPanda Global Protection 2010TPSrv.exe
C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted
C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted
C:PROGRAM FILESPANDA SECURITYPANDA GLOBAL PROTECTION 2010WebProxy.exe
C:Windowssystem32svchost.exe -k netsvcs
C:Windowssystem32SLsvc.exe
C:Windowssystem32svchost.exe -k LocalService
C:WindowsSystem32spoolsv.exe
C:Windowssystem32svchost.exe -k LocalServiceNoNetwork
C:Windowssystem32agrsmsvc.exe
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:Windowssystem32svchost.exe -k bthsvcs
C:Program FilesTOSHIBAConfigFreeCFSvcs.exe
C:Windowssystem32svchost -k Panda
C:Program FilesPanda SecurityPanda Global Protection 2010PsCtrls.exe
C:Program FilesPanda SecurityPanda Global Protection 2010PavFnSvr.exe
C:Program FilesCommon FilesPanda SecurityPavShldpavprsrv.exe
C:Program FilesPanda SecurityPanda Global Protection 2010pavsrvx86.exe
C:Program FilesGoogleUpdateGoogleUpdate.exe
C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted
c:program filespanda securitypanda global protection 2010firewallPSHOST.EXE
C:Program FilesPanda SecurityPanda Global Protection 2010AVENGINE.EXE
C:Program FilesPanda SecurityPanda Global Protection 2010PsImSvc.exe
C:Windowssystem32svchost.exe -k imgsvc
C:Windowssystem32TODDSrv.exe
C:Program FilesToshibaPower SaverTosCoSrv.exe
C:Program FilesCommon FilesUlead SystemsDVDULCDRSvr.exe
C:WindowsSystem32svchost.exe -k WerSvcGroup
C:Windowssystem32SearchIndexer.exe
C:Program FilesGoogleUpdate1.2.183.7GoogleCrashHandler.exe
C:Windowssystem32Dwm.exe
C:Windowssystem32taskeng.exe
C:WindowsExplorer.EXE
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:Program FilesWindows DefenderMSASCui.exe
C:Program Filesltmohltmoh.exe
C:ToshibaIVPISMpinger.exe
C:Program FilesToshibaConfigFreeNDSTray.exe
C:WindowsRtHDVCpl.exe
C:Program FilesSynapticsSynTPSynToshiba.exe
C:WindowsSystem32wpcumi.exe
C:WindowsWindowsMobilewmdc.exe
C:Program FilesiTunesiTunesHelper.exe
C:WindowsSystem32igfxtray.exe
C:WindowsSystem32igfxpers.exe
C:Windowssystem32igfxsrvc.exe
C:Program FilesToshibaPower SaverTPwrMain.exe
C:Program FilesToshibaSmoothViewSmoothView.exe
C:Program FilesToshibaFlashCardsTCrdMain.exe
C:Program FilesPanda SecurityPanda Global Protection 2010ApVxdWin.exe
C:Program FilesToshibaTOSCDSPDTOSCDSPD.exe
C:Windowsehomeehtray.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesNBC DirectDirectPlayerCore.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE
C:Program FilesWindows Media Playerwmpnetwk.exe
C:Windowsehomeehmsas.exe
C:Windowssystem32svchost.exe -k WindowsMobile
C:WindowsSystem32mobsync.exe
C:Program FilesSynapticsSynTPSynTPHelper.exe
C:Program FilesToshibaConfigFreeCFSwMgr.exe
C:Program FilesiPodbiniPodService.exe
C:Program FilesPando NetworksMedia Boosterpmb.exe
C:Program FilesPanda SecurityPanda Global Protection 2010SRVLOAD.EXE
C:Program FilesPanda SecurityPanda Global Protection 2010PavBckPT.exe
C:Program FilesPanda SecurityPanda Global Protection 2010avciman.exe
C:Windowssystem32wbemwmiprvse.exe
C:UsersTrishDesktopdds.scr
C:Windowssystem32wuauclt.exe

============== Pseudo HJT Report ===============

uSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
uStart Page = hxxp://www.google.com/
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
mStart Page = hxxp://www.yahoo.com/
mDefault_Page_URL = hxxp://www.yahoo.com/
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:progra~1yahoo!companioninstallscpnyt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:progra~1yahoo!companioninstallscpnyt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:program filesadobeacrobat 7.0activexAcroIEHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:program filesjavajre1.6.0binssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:program filesgooglegoogle toolbarGoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:program filesgooglegoogletoolbarnotifier5.2.4204.1700swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:program filesgooglegoogle toolbarcomponentfastsearch_B7C5AC242193BB3E.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:progra~1yahoo!companioninstallscpnyt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:program filesgooglegoogle toolbarGoogleToolbar_32.dll
uRun: [TOSCDSPD] c:program filestoshibatoscdspdTOSCDSPD.exe
uRun: [updateMgr] c:program filesadobeacrobat 7.0readerAdobeUpdateManager.exe AcRdB7_1_0
uRun: [ehTray.exe] c:windowsehomeehTray.exe
uRun: [swg] "c:program filesgooglegoogletoolbarnotifierGoogleToolbarNotifier.exe"
uRun: [DirectPlayerCore] "c:program filesnbc directDirectPlayerCore.exe"
uRun: [WMPNSCFG] c:program fileswindows media playerWMPNSCFG.exe
mRun: [SynTPEnh] c:program filessynapticssyntpSynTPEnh.exe
mRun: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
mRun: [LtMoh] c:program filesltmohLtmoh.exe
mRun: [HWSetup] c:program filestoshibautilitiesHWSetup.exe hwSetUP
mRun: [SVPWUTIL] c:program filestoshibautilitiesSVPWUTIL.exe SVPwUTIL
mRun: [PINGER] c:toshibaivpismpinger.exe /run
mRun: [NDSTray.exe] NDSTray.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [WPCUMI] c:windowssystem32WpcUmi.exe
mRun: [<NO NAME>]
mRun: [AT&T Communication Manager] "c:program filesat&tcommunication managerATTCM.exe" -a
mRun: [Windows Mobile Device Center] %windir%WindowsMobilewmdc.exe
mRun: [QuickTime Task] "c:program filesquicktimeQTTask.exe" -atboottime
mRun: [iTunesHelper] "c:program filesitunesiTunesHelper.exe"
mRun: [IgfxTray] c:windowssystem32igfxtray.exe
mRun: [HotKeysCmds] c:windowssystem32hkcmd.exe
mRun: [Persistence] c:windowssystem32igfxpers.exe
mRun: [TPwrMain] %ProgramFiles%TOSHIBAPower SaverTPwrMain.EXE
mRun: [HSON] %ProgramFiles%TOSHIBATBSHSON.exe
mRun: [SmoothView] %ProgramFiles%ToshibaSmoothViewSmoothView.exe
mRun: [00TCrdMain] %ProgramFiles%TOSHIBAFlashCardsTCrdMain.exe
mRun: [APVXDWIN] "c:program filespanda securitypanda global protection 2010APVXDWIN.EXE" /s
mRun: [SCANINICIO] "c:program filespanda securitypanda global protection 2010Inicio.exe"
mRunOnce: [AFixOldWscUnreg] c:windowstemppsppk1HFSetup4.exe
StartupFolder: c:userstrishappdataroamingmicros~1windowsstartm~1programsstartuponenot~1.lnk - c:program filesmicrosoft officeoffice12ONENOTEM.EXE
StartupFolder: c:progra~2micros~1windowsstartm~1programsstartupadober~1.lnk - c:program filesadobeacrobat 7.0readerreader_sl.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:progra~1micros~4office12EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:program filesjavajre1.6.0binnpjpi160.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:progra~1micros~4office12ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:windowswindowsmobileINetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:windowswindowsmobileINetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:progra~1micros~4office12REFIEBAR.DLL
LSP: c:windowssystem32wpclsp.dll
Trusted Zone: countrywide.commy
Trusted Zone: islandreefjob.comwww
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/E/3/9/E39C664F-A8E3-4F69-A109-1AE9849204EE/OGAControl.cab
DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} - file:///D:/components/hidinputmonitorx.ocx
DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} - file:///D:/components/A9.ocx
DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} - file:///D:/components/wmvhdrating.ocx
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {BE319D04-18BD-4B34-AECC-EE7CB610FCA9} - hxxp://l.yimg.com/jh/games/web_games/sony/bewitched/main.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:userstrishappdataroamingmozillafirefoxprofiles0knj2b01.default
FF - prefs.js: browser.search.selectedEngine - Causes Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.freecause.com/search?fr=freecause&ourmark=3&type=58997&p=
FF - component: c:userstrishappdataroamingmozillafirefoxprofiles0knj2b01.defaultextensions{336dc353-5272-420c-84e7-ba1f3c9c2aeb}componentsEngine.dll
FF - component: c:userstrishappdataroamingmozillafirefoxprofiles0knj2b01.defaultextensions{95080666-90c6-4dc0-8ca6-85d13d3fe3ae}componentsEngine.dll
FF - plugin: c:program filesgooglegoogle earth pluginnpgeplugin.dll
FF - plugin: c:program filesgooglegoogle updater2.4.1536.6592npCIDetect13.dll
FF - plugin: c:program filesgoogleupdate1.2.183.7npGoogleOneClick8.dll
FF - plugin: c:program filesjavajre1.6.0binnpjava11.dll
FF - plugin: c:program filesjavajre1.6.0binnpjava12.dll
FF - plugin: c:program filesjavajre1.6.0binnpjava13.dll
FF - plugin: c:program filesjavajre1.6.0binnpjava14.dll
FF - plugin: c:program filesjavajre1.6.0binnpjava32.dll
FF - plugin: c:program filesjavajre1.6.0binnpjpi160.dll
FF - plugin: c:program filesjavajre1.6.0binnpoji610.dll
FF - plugin: c:program filesmozilla firefoxpluginsnpPandoWebInst.dll
FF - plugin: c:program filesnbc directnpDirectPlayerMozilla.dll
FF - plugin: c:userstrishappdataroamingidmbinflashplatformwinntpluginsnpidmdcp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:windowsmicrosoft.netframeworkv3.5windows presentation foundationdotnetassistantextension

============= SERVICES / DRIVERS ===============

R0 pavboot;Panda boot driver;c:windowssystem32driverspavboot.sys [2009-8-5 28544]
R1 APPFLT;App Filter Plugin;c:windowssystem32driversAPPFLT.SYS [2009-8-5 73728]
R1 DSAFLT;DSA Filter Plugin;c:windowssystem32driversdsaflt.sys [2009-8-5 52992]
R1 FNETMON;NetMon Filter Plugin;c:windowssystem32driversfnetmon.sys [2009-8-5 22072]
R1 IDSFLT;Ids Filter Plugin;c:windowssystem32driversidsflt.sys [2009-8-5 193792]
R1 NETFLTDI;Panda Net Driver [TDI Layer];c:windowssystem32driversNETFLTDI.SYS [2009-8-5 158848]
R2 AmFSM;AmFSM;c:windowssystem32driversamm8660.sys [2009-8-5 49208]
R2 ComFiltr;Panda Anti-Dialer;c:windowssystem32driversCOMFiltr.sys [2009-8-5 13880]
R3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34;c:windowssystem32driversneti1634.sys [2009-8-5 197888]
R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:windowssystem32driversNETw5v32.sys [2008-11-17 3668480]

============== File Associations ===============

JSEFile=c:progra~1pandas~1pandag~1PavScrip.exe "%1" %*
VBEFile=c:progra~1pandas~1pandag~1PavScrip.exe "%1" %*
VBSFile=c:progra~1pandas~1pandag~1PavScrip.exe "%1" %*

=============== Created Last 30 ================

2009-08-05 12:23 8,627 a------- c:windowssystem32PAV_FOG.OPC
2009-08-05 11:58 13,880 a------- c:windowssystem32driversCOMFiltr.sys
2009-08-05 11:58 262 a------- c:windowssystem32PavCPL.dat
2009-08-05 11:58 185,356 a------- c:windowssystem32driversAPPFCONT.DAT.bck
2009-08-05 11:58 185,356 a------- c:windowssystem32driversAPPFCONT.DAT
2009-08-05 11:58 1,132 a------- c:windowssystem32driversAPPFLTR.CFG.bck
2009-08-05 11:58 1,132 a------- c:windowssystem32driversAPPFLTR.CFG
2009-08-05 11:58 52,992 a------- c:windowssystem32driversdsaflt.sys
2009-08-05 11:58 46,720 a------- c:windowssystem32driverswnmflt.sys
2009-08-05 11:58 193,792 a------- c:windowssystem32driversidsflt.sys
2009-08-05 11:56 158,848 a------- c:windowssystem32driversNETFLTDI.SYS
2009-08-05 11:56 73,728 a------- c:windowssystem32driversAPPFLT.SYS
2009-08-05 11:56 22,072 a------- c:windowssystem32driversfnetmon.sys
2009-08-05 11:55 <DIR> --d----- c:programdataBackup
2009-08-05 11:55 <DIR> --d----- c:progra~2Backup
2009-08-05 11:55 54,832 a------- c:windowssystem32pavcpl.cpl
2009-08-05 11:55 446,464 a------- c:windowssystem32HHActiveX.dll
2009-08-05 11:54 193,792 a------- c:windowssystem32TpUtil.dll
2009-08-05 11:54 107,568 a------- c:windowssystem32SYSTOOLS.DLL
2009-08-05 11:54 87,296 a------- c:windowssystem32PavLspHook.dll
2009-08-05 11:54 55,552 a------- c:windowssystem32pavipc.dll
2009-08-05 11:54 518,400 a------- c:windowssystem32PavSHook.dll
2009-08-05 11:54 197,888 a------- c:windowssystem32driversneti1634.sys
2009-08-05 11:54 49,208 a------- c:windowssystem32driversamm8660.sys
2009-08-05 11:54 <DIR> --d----- c:windowssystem32PAV
2009-08-05 11:54 <DIR> --d----- c:userstrishappdataroamingPanda Security
2009-08-05 11:54 <DIR> --d----- c:programdataPanda Security
2009-08-05 11:54 <DIR> --d----- c:program filesPanda Security
2009-08-05 11:54 <DIR> --d----- c:progra~2Panda Security
2009-08-05 11:48 28,544 a------- c:windowssystem32driverspavboot.sys
2009-08-05 11:47 177,416 a------- c:windowssystem32driversPavProc.sys
2009-08-05 11:47 41,144 a------- c:windowssystem32driversShlDrv51.sys
2009-08-05 11:47 <DIR> --d----- c:program filescommon filesPanda Security
2009-08-05 11:36 163 a------- c:windowsAvDetected.ini
2009-07-23 07:55 0 a---h--- c:windowssystem32driversMsft_Kernel_SynTP_01007.Wdf
2009-07-23 07:34 289,792 a------- c:windowssystem32atmfd.dll
2009-07-23 07:34 156,672 a------- c:windowssystem32t2embed.dll
2009-07-23 07:34 72,704 a------- c:windowssystem32fontsub.dll
2009-07-23 07:34 10,240 a------- c:windowssystem32dciman32.dll

==================== Find3M ====================

2009-08-05 11:57 143,360 a------- c:windowsinfinfstrng.dat
2009-08-05 11:57 143,360 a------- c:windowsinfinfstor.dat
2009-08-05 11:57 86,016 a------- c:windowsinfinfpub.dat
2008-08-25 18:31 266,128 a------- c:userstrishZoneAlarm Antivirus and Firewall.exe
2008-08-25 16:15 174 a--sh--- c:program filesdesktop.ini
2008-08-25 16:05 665,600 a------- c:windowsinfdrvindex.dat
2008-08-25 15:15 570,743,456 a------- c:userstrishWindows6.0-KB936330-X86-wave1 Vista SP1.exe
2006-11-30 21:07 262,144 a------- c:progra~2ntuser.dat
2006-11-02 08:42 287,440 a------- c:windowsinfperflib0409perfi.dat
2006-11-02 08:42 287,440 a------- c:windowsinfperflib0409perfh.dat
2006-11-02 08:42 30,674 a------- c:windowsinfperflib0409perfd.dat
2006-11-02 08:42 30,674 a------- c:windowsinfperflib0409perfc.dat
2006-11-02 05:20 287,440 a------- c:windowsinfperflib0000perfi.dat
2006-11-02 05:20 287,440 a------- c:windowsinfperflib0000perfh.dat
2006-11-02 05:20 30,674 a------- c:windowsinfperflib0000perfd.dat
2006-11-02 05:20 30,674 a------- c:windowsinfperflib0000perfc.dat
2009-03-13 07:52 16,384 a--sh--- c:windowsserviceprofileslocalserviceappdatalocalmicrosoftwindowshistoryhistory.ie5index.dat
2009-03-13 07:52 32,768 a--sh--- c:windowsserviceprofileslocalserviceappdatalocalmicrosoftwindowstemporary internet filescontent.ie5index.dat
2009-03-13 07:52 16,384 a--sh--- c:windowsserviceprofileslocalserviceappdataroamingmicrosoftwindowscookiesindex.dat
2008-08-24 11:21 16,384 a--sh--- c:windowstempcookiesindex.dat
2008-08-24 11:21 32,768 a--sh--- c:windowstemphistoryhistory.ie5index.dat
2008-08-24 11:21 32,768 a--sh--- c:windowstemptemporary internet filescontent.ie5index.dat

============= FINISH: 12:54:21.40 ===============

Merged 3 posts. ~ OB

Edited by Orange Blossom, 10 August 2009 - 11:33 PM.


BC AdBot (Login to Remove)

 


#2 DocSatan

DocSatan

    Bleepin' Wanna-Be


  • Members
  • 2,156 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Boston, Ma.
  • Local time:08:40 PM

Posted 21 August 2009 - 07:43 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

#3 divergurl1999

divergurl1999
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:40 PM

Posted 24 August 2009 - 09:55 AM

Thank you for replying to my post. I apologize for my own delay as I have not been on the computer all weekend. It took about 4 and a half minutes to run the scan on my computer. Below is the log.

I was previously running a paid subscription to Zone Alarm Security Suite and only recently, after these problems arose, uninstalled the program (because it wasn't finding anything) and installed the Panda, which also found nothing wrong with my computer. I would like to go back to Zone Alarm, if you think it is wise. I have paid for the program and would like to know your honest opinion of the program before re-installing it once I get this problem sorted out...if Zone Alarm wasn't the cause or allowance of my problems, that is.

Anyway, thank you so much. A donation will be made promptly on Friday, payday. Thank you thank you thank you much.

Trish

ps Why would it say Windows Defender is disabled because it is out of date? Wouldn't that be updated by Microsoft? ::shaking head::



DDS (Ver_09-07-30.01) - NTFSx86
Run by Trish at 10:42:30.63 on Mon 08/24/2009
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1013.237 [GMT -4:00]

SP: Windows Defender *disabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Panda Security\Panda Global Protection 2010\PskSvc.exe
C:\Program Files\Panda Security\Panda Global Protection 2010\TPSrv.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2010\WebProxy.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\system32\svchost -k Panda
C:\Program Files\Panda Security\Panda Global Protection 2010\PsCtrls.exe
C:\Program Files\Panda Security\Panda Global Protection 2010\PavFnSvr.exe
C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
C:\Program Files\Panda Security\Panda Global Protection 2010\pavsrvx86.exe
C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
c:\program files\panda security\panda global protection 2010\firewall\PSHOST.EXE
C:\Program Files\Panda Security\Panda Global Protection 2010\AVENGINE.EXE
C:\Program Files\Panda Security\Panda Global Protection 2010\PsImSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ltmoh\ltmoh.exe
C:\Toshiba\IVP\ISM\pinger.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\wpcumi.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Panda Security\Panda Global Protection 2010\ApVxdWin.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\NBC Direct\DirectPlayerCore.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Pando Networks\Media Booster\pmb.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpshare.exe
C:\Windows\system32\wuauclt.exe
E:\Computer Stuff\dds.scr
C:\Program Files\Panda Security\Panda Global Protection 2010\SRVLOAD.EXE
C:\Program Files\Panda Security\Panda Global Protection 2010\PavBckPT.exe

============== Pseudo HJT Report ===============

uSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
uStart Page = hxxp://www.google.com/
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
mStart Page = hxxp://www.yahoo.com/
mDefault_Page_URL = hxxp://www.yahoo.com/
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe
uRun: [updateMgr] c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe AcRdB7_1_0
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [DirectPlayerCore] "c:\program files\nbc direct\DirectPlayerCore.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [HWSetup] c:\program files\toshiba\utilities\HWSetup.exe hwSetUP
mRun: [SVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTIL
mRun: [PINGER] c:\toshiba\ivp\ism\pinger.exe /run
mRun: [NDSTray.exe] NDSTray.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [<NO NAME>]
mRun: [AT&T Communication Manager] "c:\program files\at&t\communication manager\ATTCM.exe" -a
mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun: [APVXDWIN] "c:\program files\panda security\panda global protection 2010\APVXDWIN.EXE" /s
mRun: [SCANINICIO] "c:\program files\panda security\panda global protection 2010\Inicio.exe"
mRunOnce: [AFixOldWscUnreg] c:\windows\temp\psppk1\HFSetup4.exe
StartupFolder: c:\users\trish\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\npjpi160.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL
LSP: c:\windows\system32\wpclsp.dll
Trusted Zone: countrywide.com\my
Trusted Zone: islandreefjob.com\www
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/E/3/9/E39C664F-A8E3-4F69-A109-1AE9849204EE/OGAControl.cab
DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} - file:///D:/components/hidinputmonitorx.ocx
DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} - file:///D:/components/A9.ocx
DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} - file:///D:/components/wmvhdrating.ocx
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {BE319D04-18BD-4B34-AECC-EE7CB610FCA9} - hxxp://l.yimg.com/jh/games/web_games/sony/bewitched/main.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\trish\appdata\roaming\mozilla\firefox\profiles\0knj2b01.default\
FF - prefs.js: browser.search.selectedEngine - Causes Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.freecause.com/search?fr=freecause&ourmark=3&type=58997&p=
FF - component: c:\users\trish\appdata\roaming\mozilla\firefox\profiles\0knj2b01.default\extensions\{336dc353-5272-420c-84e7-ba1f3c9c2aeb}\components\Engine.dll
FF - component: c:\users\trish\appdata\roaming\mozilla\firefox\profiles\0knj2b01.default\extensions\{95080666-90c6-4dc0-8ca6-85d13d3fe3ae}\components\Engine.dll
FF - plugin: c:\program files\google\google earth plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre1.6.0\bin\npjava11.dll
FF - plugin: c:\program files\java\jre1.6.0\bin\npjava12.dll
FF - plugin: c:\program files\java\jre1.6.0\bin\npjava13.dll
FF - plugin: c:\program files\java\jre1.6.0\bin\npjava14.dll
FF - plugin: c:\program files\java\jre1.6.0\bin\npjava32.dll
FF - plugin: c:\program files\java\jre1.6.0\bin\npjpi160.dll
FF - plugin: c:\program files\java\jre1.6.0\bin\npoji610.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\nbc direct\npDirectPlayerMozilla.dll
FF - plugin: c:\users\trish\appdata\roaming\idm\bin\flash\platform\winnt\plugins\npidmdcp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

============= SERVICES / DRIVERS ===============


============== File Associations ===============

JSEFile=c:\progra~1\pandas~1\pandag~1\PavScrip.exe "%1" %*
VBEFile=c:\progra~1\pandas~1\pandag~1\PavScrip.exe "%1" %*
VBSFile=c:\progra~1\pandas~1\pandag~1\PavScrip.exe "%1" %*

=============== Created Last 30 ================

2009-08-05 12:23 8,627 a------- c:\windows\system32\PAV_FOG.OPC
2009-08-05 11:58 13,880 a------- c:\windows\system32\drivers\COMFiltr.sys
2009-08-05 11:58 262 a------- c:\windows\system32\PavCPL.dat
2009-08-05 11:58 187,528 a------- c:\windows\system32\drivers\APPFCONT.DAT.bck
2009-08-05 11:58 187,528 a------- c:\windows\system32\drivers\APPFCONT.DAT
2009-08-05 11:58 1,132 a------- c:\windows\system32\drivers\APPFLTR.CFG.bck
2009-08-05 11:58 1,132 a------- c:\windows\system32\drivers\APPFLTR.CFG
2009-08-05 11:58 52,992 a------- c:\windows\system32\drivers\dsaflt.sys
2009-08-05 11:58 46,720 a------- c:\windows\system32\drivers\wnmflt.sys
2009-08-05 11:58 193,792 a------- c:\windows\system32\drivers\idsflt.sys
2009-08-05 11:56 158,848 a------- c:\windows\system32\drivers\NETFLTDI.SYS
2009-08-05 11:56 73,728 a------- c:\windows\system32\drivers\APPFLT.SYS
2009-08-05 11:56 22,072 a------- c:\windows\system32\drivers\fnetmon.sys
2009-08-05 11:55 <DIR> --d----- c:\programdata\Backup
2009-08-05 11:55 <DIR> --d----- c:\progra~2\Backup
2009-08-05 11:55 54,832 a------- c:\windows\system32\pavcpl.cpl
2009-08-05 11:55 446,464 a------- c:\windows\system32\HHActiveX.dll
2009-08-05 11:54 193,792 a------- c:\windows\system32\TpUtil.dll
2009-08-05 11:54 107,568 a------- c:\windows\system32\SYSTOOLS.DLL
2009-08-05 11:54 87,296 a------- c:\windows\system32\PavLspHook.dll
2009-08-05 11:54 55,552 a------- c:\windows\system32\pavipc.dll
2009-08-05 11:54 518,400 a------- c:\windows\system32\PavSHook.dll
2009-08-05 11:54 197,888 a------- c:\windows\system32\drivers\neti1634.sys
2009-08-05 11:54 49,208 a------- c:\windows\system32\drivers\amm8660.sys
2009-08-05 11:54 <DIR> --d----- c:\windows\system32\PAV
2009-08-05 11:54 <DIR> --d----- c:\users\trish\appdata\roaming\Panda Security
2009-08-05 11:54 <DIR> --d----- c:\programdata\Panda Security
2009-08-05 11:54 <DIR> --d----- c:\program files\Panda Security
2009-08-05 11:54 <DIR> --d----- c:\progra~2\Panda Security
2009-08-05 11:48 28,544 a------- c:\windows\system32\drivers\pavboot.sys
2009-08-05 11:47 177,416 a------- c:\windows\system32\drivers\PavProc.sys
2009-08-05 11:47 41,144 a------- c:\windows\system32\drivers\ShlDrv51.sys
2009-08-05 11:47 <DIR> --d----- c:\program files\common files\Panda Security
2009-08-05 11:36 163 a------- c:\windows\AvDetected.ini

==================== Find3M ====================

2009-08-05 11:57 143,360 a------- c:\windows\inf\infstrng.dat
2009-08-05 11:57 143,360 a------- c:\windows\inf\infstor.dat
2009-08-05 11:57 86,016 a------- c:\windows\inf\infpub.dat
2009-07-23 07:55 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_SynTP_01007.Wdf
2009-06-15 11:24 156,672 a------- c:\windows\system32\t2embed.dll
2009-06-15 11:20 72,704 a------- c:\windows\system32\fontsub.dll
2009-06-15 11:20 10,240 a------- c:\windows\system32\dciman32.dll
2009-06-15 08:52 289,792 a------- c:\windows\system32\atmfd.dll
2008-08-25 18:31 266,128 a------- c:\users\trish\ZoneAlarm Antivirus and Firewall.exe
2008-08-25 16:15 174 a--sh--- c:\program files\desktop.ini
2008-08-25 16:05 665,600 a------- c:\windows\inf\drvindex.dat
2008-08-25 15:15 570,743,456 a------- c:\users\trish\Windows6.0-KB936330-X86-wave1 Vista SP1.exe
2006-11-30 21:07 262,144 a------- c:\progra~2\ntuser.dat
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2009-03-13 07:52 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2009-03-13 07:52 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2009-03-13 07:52 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat
2008-08-24 11:21 16,384 a--sh--- c:\windows\temp\cookies\index.dat
2008-08-24 11:21 32,768 a--sh--- c:\windows\temp\history\history.ie5\index.dat
2008-08-24 11:21 32,768 a--sh--- c:\windows\temp\temporary internet files\content.ie5\index.dat

============= FINISH: 10:47:28.96 ===============

#4 thewall

thewall

  • Malware Response Team
  • 6,425 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:07:40 PM

Posted 29 August 2009 - 05:10 PM

Hello divergurl1999 :thumbup2: Welcome to the BC HijackThis Log and Analysis forum. Sorry about your wait, but I will be assisting you in cleaning up your system from here on out.


I ask that you refrain from running tools other than those we suggest while we are performing the clean-up. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.



In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond the your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.









If you can get to this file and download it I will need you to do so. If not then you will have to use a flash drive or CD to transfer the file over. If you have any problems let me know.




Please save this file to your desktop. Click on Start->Run, and copy-paste the following command (the bolded text) into the "Open" box, and click OK. When it's finished, there will be a log called Win32kDiag.txt on your desktop. Please open it with notepad and post the contents here.
"%userprofile%\desktop\win32kdiag.exe" -r


Please do not post any logs as an attachment unless asked to do so.



Thanks,



thewall
If I have helped you then please consider donating so I can continue the fight against malware Posted Image
All donations go directly to the helper

Posted Image

Due to the large amount of backlogs we have I cannot respond to PMs for help unless I am already working with you

#5 thewall

thewall

  • Malware Response Team
  • 6,425 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:07:40 PM

Posted 01 September 2009 - 09:43 AM

Hello, are you still requiring assistance?
If I have helped you then please consider donating so I can continue the fight against malware Posted Image
All donations go directly to the helper

Posted Image

Due to the large amount of backlogs we have I cannot respond to PMs for help unless I am already working with you

#6 thewall

thewall

  • Malware Response Team
  • 6,425 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:07:40 PM

Posted 03 September 2009 - 08:27 AM

Due to the lack of feedback This Topic is closed.

Should you need it reopened, please contact my by PM. Include the address of this thread in your request.

If you have a new issue, please start a New Topic.

This applies only to the original poster. Everyone else please begin a New Topic.
If I have helped you then please consider donating so I can continue the fight against malware Posted Image
All donations go directly to the helper

Posted Image

Due to the large amount of backlogs we have I cannot respond to PMs for help unless I am already working with you




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users