Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rootkit Problem Stemming from USB Infection - Any Help Appreciated


  • This topic is locked This topic is locked
2 replies to this topic

#1 brendanmcc

brendanmcc

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:08 AM

Posted 12 October 2009 - 01:27 PM

Here are logs as run under direction of Garmanman:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/08/2009 at 11:00 PM

Application Version : 4.29.1002

Core Rules Database Version : 4154
Trace Rules Database Version: 2082

Scan type : Complete Scan
Total Scan Time : 02:07:52

Memory items scanned : 251
Memory threats detected : 0
Registry items scanned : 7308
Registry threats detected : 0
File items scanned : 137258
File threats detected : 4

Adware.Tracking Cookie
C:\Documents and Settings\Sherna\Cookies\sherna@doubleclick[1].txt

Adware.Casino Games (Golden Palace Casino)
C:\POKER\PADDY POWER POKER\CASINO.EXE

Trojan.Vundo-Variant/F
C:\WINDOWS\SYSTEM32\AZIPCONTMN.DLL
C:\WINDOWS\SYSTEM32\SYSFOLDERAZIPCNT.DLL


+++++++++++++++++++++++++++++

Malwarebytes' Anti-Malware 1.41
Database version: 2926
Windows 5.1.2600 Service Pack 3

08/10/2009 20:21:32
mbam-log-2009-10-08 (20-21-32).txt

Scan type: Quick Scan
Objects scanned: 100973
Time elapsed: 13 minute(s), 0 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

+++++++++++++++++++++++++++

Ran the DrWeb application at the end but nothing was found and no log generated.


+++++++++++++++++++++++++++

RootRepeal Log :

ROOTREPEAL AD, 2007-2009
==================================================
Scan Start Time: 2009/10/10 20:52
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xAA15D000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF7AD5000 Size: 8192 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA8DEE000 Size: 49152 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\hiberfil.sys
Status: Locked to the Windows API!

Path: C:\pagefil2.sys
Status: Locked to the Windows API!

Path: c:\documents and settings\sherna\local settings\temp\~df1298.tmp
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: c:\documents and settings\sherna\local settings\temp\~dfe73e.tmp
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: C:\Documents and Settings\Sherna\Local Settings\Temp\~DF82D9.tmp
Status: Visible to the Windows API, but not on disk.

Path: c:\program files\o2\o2 broadband usb modem\o2 broadband\log\atrecord.txt
Status: Size mismatch (API: 17680090, Raw: 17679530)

Path: c:\program files\o2\o2 broadband usb modem\o2 broadband\log\callbalk_trace.txt
Status: Size mismatch (API: 7184863, Raw: 7184410)

Path: C:\Documents and Settings\Sherna\Local Settings\Temporary Internet Files\Content.IE5\V2EDIBU6\live_player_playlist1_temp[1].xml
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Sherna\Local Settings\Temporary Internet Files\Content.IE5\XXD2NNGM\live_player_playlist1_temp[1].xml
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Sherna\Local Settings\Apps\2.0\O0O3NTN2.R32\OQ3X06YL.GX4\manifests\clickonce_bootstrap.exe.cdf-ms
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Sherna\Local Settings\Apps\2.0\O0O3NTN2.R32\OQ3X06YL.GX4\manifests\clickonce_bootstrap.exe.manifest
Status: Locked to the Windows API!

==EOF==


Windiag Log :

Running from: C:\Documents and Settings\Sherna\Desktop\Win32kDiag.exe

Log file at : C:\Documents and Settings\Sherna\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...





Finished!


LOG.TXT :

Volume in drive C has no label.
Volume Serial Number is 0472-B919

Directory of C:\WINDOWS\ERDNT\cache

14/04/2008 01:12 181,248 scecli.dll

Directory of C:\WINDOWS\ERDNT\cache

14/04/2008 01:12 407,040 netlogon.dll

Directory of C:\WINDOWS\ERDNT\cache

14/04/2008 01:11 56,320 eventlog.dll
3 File(s) 644,608 bytes

Directory of C:\WINDOWS\ServicePackFiles\i386

14/04/2008 01:12 181,248 scecli.dll

Directory of C:\WINDOWS\ServicePackFiles\i386

14/04/2008 01:12 407,040 netlogon.dll

Directory of C:\WINDOWS\ServicePackFiles\i386

14/04/2008 01:11 56,320 eventlog.dll
3 File(s) 644,608 bytes

Directory of C:\WINDOWS\system32

14/04/2008 01:12 181,248 scecli.dll

Directory of C:\WINDOWS\system32

14/04/2008 01:12 407,040 netlogon.dll

Directory of C:\WINDOWS\system32

14/04/2008 01:11 56,320 eventlog.dll
3 File(s) 644,608 bytes

Total Files Listed:
9 File(s) 1,933,824 bytes
0 Dir(s) 1,597,939,712 bytes free


+++++++++++++++++++++++++++++++++++

Peek Log file:

Volume in drive C has no label.
Volume Serial Number is 0472-B919

Directory of C:\WINDOWS\ERDNT\cache

14/04/2008 01:12 181,248 scecli.dll

Directory of C:\WINDOWS\ERDNT\cache

14/04/2008 01:12 407,040 netlogon.dll

Directory of C:\WINDOWS\ERDNT\cache

14/04/2008 01:11 56,320 eventlog.dll
3 File(s) 644,608 bytes

Directory of C:\WINDOWS\ServicePackFiles\i386

14/04/2008 01:12 181,248 scecli.dll

Directory of C:\WINDOWS\ServicePackFiles\i386

14/04/2008 01:12 407,040 netlogon.dll

Directory of C:\WINDOWS\ServicePackFiles\i386

14/04/2008 01:11 56,320 eventlog.dll
3 File(s) 644,608 bytes

Directory of C:\WINDOWS\system32

14/04/2008 01:12 181,248 scecli.dll

Directory of C:\WINDOWS\system32

14/04/2008 01:12 407,040 netlogon.dll

Directory of C:\WINDOWS\system32

14/04/2008 01:11 56,320 eventlog.dll
3 File(s) 644,608 bytes

Total Files Listed:
9 File(s) 1,933,824 bytes
0 Dir(s) 1,527,951,360 bytes free

+++++++++++++++++++++++++++

DDS Log


DDS (Ver_09-10-12.01) - NTFSx86
Run by Sherna at 19:09:28.42 on 12/10/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_12
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.759.260 [GMT 1:00]

AV: BitDefender Antivirus *On-access scanning enabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: BitDefender Firewall *enabled* {4055920F-2E99-48A8-A270-4243D2B8F242}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\WINDOWS\system32\hpzipm12.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
C:\Program Files\DNA\btdna.exe
C:\Documents and Settings\Sherna\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Documents and Settings\Sherna\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\O2\O2 Broadband USB Modem\O2 Broadband\O2 Broadband.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncServer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Sherna\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = www.google.ie
mStart Page = about:blank
mWindow Title =
uInternet Connection Wizard,ShellNext = hxxp://www1.euro.dell.com/content/default.aspx?c=ie&l=en&s=gen
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.32.0\gears.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2010\IEToolbar.dll
TB: {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - No File
TB: &Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
uRun: [Google Update] "c:\documents and settings\sherna\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb08.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Conime] %windir%\system32\conime.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2010\bdagent.exe"
mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2010\IEShow.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
uPolicies-explorer: NoStrCmpLogical = 1 (0x1)
mPolicies-system: DisableStatusMessages = 1 (0x1)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5}\Lang0411
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.32.0\gears.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab
DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
DPF: {727927F2-7064-49CA-BDAA-CE1BAF52782B} - hxxp://www.carzone.ie/ie-ola/jsp/photos/TraderMediaPhotoUploader.cab
DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} - hxxp://www.webcamcancun.com/WinWebPush.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
TCP: {0970AEDB-0A5C-44E3-A0AC-5438F052D154} = 62.40.32.33 62.40.32.34
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxdev.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\sherna\applic~1\mozilla\firefox\profiles\g73lm5fl.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - www.google.ie
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-9-19 28544]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-9-15 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-9-15 74480]
R2 BDVEDISK;BDVEDISK;c:\program files\bitdefender\bitdefender 2010\bdvedisk.sys [2009-4-1 82696]
R2 MSSQL$ACT7;SQL Server (ACT7);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2008-11-24 29263712]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [2009-9-17 152328]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [2009-9-1 110856]
S2 gupdate1c8d25deec69aa6;Google Update Service (gupdate1c8d25deec69aa6);c:\program files\google\update\GoogleUpdate.exe [2008-7-10 133104]
S3 Arrakis3;BitDefender Arrakis Server;c:\program files\common files\bitdefender\bitdefender arrakis server\bin\arrakis3.exe [2009-9-13 183880]
S3 CrystalSysInfo;CrystalSysInfo;c:\program files\mediacoder\SysInfo.sys [2007-9-25 15152]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-9-15 7408]

=============== Created Last 30 ================

2009-10-12 09:27 132 a------- c:\windows\system32\rezumatenoi.dat
2009-10-11 17:57 16 a------- c:\windows\system32\asdict.dat
2009-10-11 17:57 4 a------- c:\windows\system32\aspdict-en.dat
2009-10-11 17:57 0 a------- c:\windows\system32\ab_bl.sig
2009-10-11 17:39 <DIR> --d----- c:\docume~1\sherna\applic~1\BitDefender
2009-10-11 17:36 <DIR> --d----- c:\program files\BitDefender
2009-10-11 17:36 <DIR> --d----- c:\docume~1\alluse~1\applic~1\BitDefender
2009-10-11 17:22 <DIR> --d----- c:\program files\common files\BitDefender
2009-10-11 15:38 160,272 a------- c:\windows\system32\drivers\tmcomm.sys
2009-10-10 21:23 <DIR> acdshr-- C:\autorun.inf
2009-10-08 23:46 <DIR> --d----- c:\documents and settings\sherna\DoctorWeb
2009-10-08 20:31 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-10-08 20:31 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-10-08 20:31 <DIR> --d----- c:\docume~1\sherna\applic~1\SUPERAntiSpyware.com
2009-10-08 20:30 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2009-10-08 20:05 <DIR> --d----- c:\docume~1\sherna\applic~1\Malwarebytes
2009-10-08 20:05 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-08 20:05 19,160 a------- c:\windows\system32\drivers\mbam.sys
2009-10-08 20:05 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-10-08 20:05 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-10-08 17:36 <DIR> --d----- c:\program files\Autodesk
2009-10-08 15:48 <DIR> acdshr-- C:\cmdcons
2009-10-08 15:44 229,888 a------- c:\windows\PEV.exe
2009-10-08 15:44 161,792 a------- c:\windows\SWREG.exe
2009-10-08 15:44 98,816 a------- c:\windows\sed.exe
2009-10-08 14:24 <DIR> --d----- c:\program files\Enigma Software Group
2009-10-08 13:56 <DIR> --d----- c:\docume~1\sherna\applic~1\QuickScan
2009-10-08 13:01 <DIR> --d----- c:\windows\system32\wbem\Repository
2009-10-08 12:49 796,917,760 a--sh--- C:\pagefil2.sys
2009-10-05 20:22 <DIR> --d----- c:\program files\iPod
2009-10-05 20:21 <DIR> --d----- c:\program files\iTunes
2009-10-04 15:59 113 a------- c:\windows\PPSMediaList.ini
2009-10-03 13:40 195,440 -------- c:\windows\system32\MpSigStub.exe
2009-09-24 22:04 <DIR> --d----- c:\program files\Veetle
2009-09-19 07:55 28,544 a------- c:\windows\system32\drivers\pavboot.sys
2009-09-19 07:55 <DIR> --d----- c:\program files\Panda Security
2009-09-18 20:41 <DIR> --d----- c:\program files\iPhone Configuration Utility
2009-09-18 20:24 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-17 16:12 152,328 a------- c:\windows\system32\drivers\bdfm.sys
2009-09-17 16:11 105,736 a------- c:\windows\system32\drivers\bdhv.sys
2009-09-16 12:29 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Eastman Kodak Company
2009-09-16 12:28 890 a------- c:\windows\system32\InstallUtil.InstallLog
2009-09-16 10:43 87,040 a------- c:\windows\system32\wiafbdrv.dll
2009-09-16 10:43 87,040 a------- c:\windows\system32\dllcache\wiafbdrv.dll
2009-09-16 09:52 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Kodak
2009-09-16 09:51 <DIR> --d----- c:\docume~1\sherna\applic~1\Temp

==================== Find3M ====================

2009-09-28 01:10 31,960 a---h--- c:\windows\system32\mlfcache.dat
2009-09-01 15:24 110,856 a------- c:\windows\system32\drivers\bdfndisf.sys
2009-08-28 19:42 2,065,696 a------- c:\windows\system32\usbaaplrc.dll
2009-08-28 19:42 40,448 a------- c:\windows\system32\drivers\usbaapl.sys
2009-08-05 10:01 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-08-05 10:01 204,800 -------- c:\windows\system32\dllcache\mswebdvd.dll
2009-07-17 20:01 58,880 a------- c:\windows\system32\atl.dll
2009-07-17 20:01 58,880 -------- c:\windows\system32\dllcache\atl.dll
2009-04-23 10:51 1,486,848 ac------ c:\docume~1\sherna\applic~1\DEAPUpdatev301.dll
2008-04-26 20:13 256 ac------ c:\documents and settings\sherna\pool.bin
2007-02-07 15:12 722,176 ac------ c:\documents and settings\sherna\gotomypc_428.exe
2006-09-18 11:31 563,712 ac------ c:\documents and settings\sherna\gotomypc_370.exe
2008-02-15 10:22 8 ---shr-- c:\windows\system32\266A51E9A6.sys
2007-09-05 15:18 56 ---shr-- c:\windows\system32\6621E744C7.sys
2007-10-02 11:41 168 ---shr-- c:\windows\system32\C744E72166.sys
2008-06-09 12:57 7,520 a--sh--- c:\windows\system32\KGyGaAvL.sys
2008-07-24 09:17 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008072420080725\index.dat

============= FINISH: 19:12:07.18 ===============


Attach.txt


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-10-12.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 27/06/2006 18:09:46
System Uptime: 10/12/2009 10:15:48 (-1407 hours ago)

Motherboard: Dell Inc. | | 0RJ272
Processor: Intel® Celeron® M processor 1.60GHz | Microprocessor | 1596/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 34 GiB total, 0.705 GiB free.
D: is CDROM ()
E: is CDROM (CDFS)

==== Disabled Device Manager Items =============

Class GUID: {78A1C341-4539-11D3-B88D-00C04FAD5171}
Description: Totalidea Ramdisk
Device ID: ROOT\UNKNOWN\0030
Manufacturer: Totalidea
Name: Totalidea Ramdisk
PNP Device ID: ROOT\UNKNOWN\0030
Service: Ramdisk

==== System Restore Points ===================

RP919: 07/09/2009 15:06:12 - System Checkpoint
RP920: 08/09/2009 02:03:03 - Software Distribution Service 3.0
RP921: 09/09/2009 02:38:44 - System Checkpoint
RP922: 10/09/2009 09:19:53 - Software Distribution Service 3.0
RP923: 11/09/2009 03:00:39 - Software Distribution Service 3.0
RP924: 11/09/2009 09:52:32 - Software Distribution Service 3.0
RP925: 12/09/2009 11:48:00 - System Checkpoint
RP926: 13/09/2009 12:04:55 - System Checkpoint
RP927: 14/09/2009 14:44:53 - System Checkpoint
RP928: 14/09/2009 18:07:26 - Software Distribution Service 3.0
RP929: 16/09/2009 14:37:54 - System Checkpoint
RP930: 17/09/2009 15:50:06 - System Checkpoint
RP931: 18/09/2009 11:30:02 - Software Distribution Service 3.0
RP932: 19/09/2009 11:49:58 - System Checkpoint
RP933: 20/09/2009 12:18:59 - System Checkpoint
RP934: 21/09/2009 15:22:03 - System Checkpoint
RP935: 22/09/2009 09:16:45 - Software Distribution Service 3.0
RP936: 23/09/2009 10:09:06 - System Checkpoint
RP937: 24/09/2009 10:33:28 - System Checkpoint
RP938: 24/09/2009 18:34:12 - Software Distribution Service 3.0
RP939: 25/09/2009 19:31:50 - System Checkpoint
RP940: 27/09/2009 14:50:47 - System Checkpoint
RP941: 28/09/2009 00:57:02 - Installed MobileMe Control Panel
RP942: 29/09/2009 08:08:53 - Software Distribution Service 3.0
RP943: 30/09/2009 10:23:05 - System Checkpoint
RP944: 01/10/2009 10:49:58 - System Checkpoint
RP945: 02/10/2009 11:29:47 - System Checkpoint
RP946: 03/10/2009 13:40:40 - Software Distribution Service 3.0
RP947: 04/10/2009 15:15:37 - System Checkpoint
RP948: 05/10/2009 17:44:16 - System Checkpoint
RP949: 06/10/2009 10:01:05 - Software Distribution Service 3.0
RP950: 07/10/2009 09:30:44 - Avg8 Update
RP951: 07/10/2009 09:39:01 - Avg8 Update
RP952: 08/10/2009 11:10:01 - System Checkpoint
RP953: 08/10/2009 13:00:00 - Restore Operation
RP954: 08/10/2009 17:36:08 - Installed Autodesk MapGuide® Viewer ActiveX Control Release 6.5
RP955: 08/10/2009 20:31:09 - Installed SUPERAntiSpyware Free Edition
RP956: 09/10/2009 09:31:02 - Software Distribution Service 3.0
RP957: 10/10/2009 08:49:07 - Avg8 Update
RP958: 11/10/2009 13:43:14 - System Checkpoint
RP959: 11/10/2009 17:31:13 - Removed AVG Free 8.5
RP960: 11/10/2009 17:36:20 - Installed BitDefender Internet Security 2010

==== Installed Programs ======================

ABBYY FineReader 6.0 Sprint
Acrobat.com
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader 9.1.2
Adobe Setup
Adobe Shockwave Player
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
AFPL Ghostscript 8.54
AFPL Ghostscript Fonts
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Software Suite
Autodesk MapGuide® Viewer ActiveX Control Release 6.5
AutoIt v3.2.4.9
BitDefender Internet Security 2010
BitTorrent
Bonjour
Broadcom Management Programs
Camera RAW Plug-In for EPSON Creativity Suite
CCProxy 6.63
CinepPlayer 30 Update
ClearType Tuning Control Panel Applet
Compatibility Pack for the 2007 Office system
Conexant HDA D110 MDC V.92 Modem
Crystal Reports for .NET Framework 2.0 (x86)
Dell CinePlayer
Dell Driver Reset Tool
Dell Media Experience
Dell Support 5.0.0 (630)
DNA
EPSON Attach To Email
EPSON Easy Photo Print
EPSON File Manager
EPSON Scan
EPSON Scan Assistant
EPSON Stylus SX200_SX400_TX200_TX400 Manual
EPSON Stylus SX400 Series Printer Uninstall
Eusing Free Registry Cleaner
Free Newsletter Templates - Word Templates uninstall
FreeUndelete
FUJIFILM USB Driver
Glary Utilities 2.10.0.622
Gmail POP Troubleshooter
Google Chrome
Google Earth
Google Gears
Google Update Helper
GPL Ghostscript 8.63
Highlight Viewer (Windows Live Toolbar)
HijackThis 1.99.1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
HP Color LaserJet 2820/2830/2840 2.0
hp deskjet 5100 series
HP Image Zone 4.7
HP Memories Disc
HP Photo and Imaging 2.0 - Deskjet Series
hp print screen utility
hppFaxUtility
hppIOFiles
hppManuals2800
hppscan2800
hppTooCool
Image Resizer Powertoy for Windows XP
Intel® Graphics Media Accelerator Driver for Mobile
iPhone Configuration Utility
iPhoneBrowser
iTunes
J2SE Runtime Environment 5.0 Update 6
Java 2 Runtime Environment, SE v1.4.2_03
Java™ 6 Update 12
Java™ 6 Update 7
Malwarebytes' Anti-Malware
MCU
MediaCoder 0.7.0.4399
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Bootvis
Microsoft Office 2000 Professional
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Standard 2007
Microsoft Office Visio Standard 2007 Trial
Microsoft Office Visio Viewer 2007
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (ACT7)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 7.0
MobileMe Control Panel
Modem Helper
Mozilla Firefox (3.5.1)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser (KB933579)
NetWaiting
OpenOffice.org Installer 1.0
Paddy Power Poker Odds Calculator 1.2.9
Panda ActiveScan
Panda ActiveScan 2.0
PC Wizard 2007.1.73
PDF Settings
Picasa 3
PPStream
QuickSet
QuickTime
RealPlayer
Roxio DLA
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Safari
Scan
Scribus 1.3.3.9
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
SEI DEAP
SEI DEAP III
Serif PagePlus 9.0
Smart Menus (Windows Live Toolbar)
SmartDraw 2008
SmartDraw PDF Filter
Sonic Activation Module
Sonic Update Manager
SopCast 3.0.3
SopCore 1.1.1
Spybot - Search & Destroy
Spybot - Search & Destroy 1.4
SUPERAntiSpyware Free Edition
Synaptics Pointing Device Driver
Test My Hardware 2.4
Totalidea RAM-Disk Driver
TVAnts 1.0
TVUPlayer 2.3.2.47
Tweak UI
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
Veetle TV 0.9.15
WebFldrs XP
Windows Defender
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Favorites for Windows Live Toolbar
Windows Live installer
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Media Format 11 runtime
Windows Media Player 11
winpwn-2.5 2.5.0.0
WinZip 11.2

==== Event Viewer Messages From Past Week ========

11/10/2009 17:40:33, error: ipnathlp [31012] - The DNS proxy agent encountered an error while obtaining the local list of name-resolution servers. Some DNS or WINS servers may be inaccessible to clients on the local network. The data is the error code.
11/10/2009 09:03:57, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows CardSpace service to connect.
11/10/2009 09:03:57, error: Service Control Manager [7000] - The Windows CardSpace service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
08/10/2009 20:51:46, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
08/10/2009 20:49:55, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: APPDRV AvgLdx86 AvgMfx86 Fips intelppm pavboot SASDIFSV SASKUTIL
08/10/2009 20:49:50, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
08/10/2009 16:49:12, error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
08/10/2009 16:49:11, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
08/10/2009 16:49:09, error: Service Control Manager [7034] - The AVG Free8 E-mail Scanner service terminated unexpectedly. It has done this 2 time(s).
08/10/2009 16:49:08, error: Service Control Manager [7031] - The SQL Server Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
08/10/2009 16:49:06, error: Service Control Manager [7034] - The SQL Server VSS Writer service terminated unexpectedly. It has done this 1 time(s).
08/10/2009 16:49:06, error: Service Control Manager [7034] - The SQL Server (ACT7) service terminated unexpectedly. It has done this 1 time(s).
08/10/2009 16:49:05, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).
08/10/2009 16:49:05, error: Service Control Manager [7034] - The NICCONFIGSVC service terminated unexpectedly. It has done this 1 time(s).
08/10/2009 16:49:05, error: Service Control Manager [7034] - The Kodak AiO Device Service service terminated unexpectedly. It has done this 1 time(s).
08/10/2009 16:49:05, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
08/10/2009 16:49:05, error: Service Control Manager [7031] - The Windows Defender service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
08/10/2009 16:49:05, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
08/10/2009 16:02:12, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the PEVSystemStart service to connect.
08/10/2009 15:46:15, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
08/10/2009 15:39:32, error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
08/10/2009 15:06:28, error: Service Control Manager [7031] - The AVG Free8 WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
08/10/2009 15:05:52, error: Service Control Manager [7034] - The AVG Free8 E-mail Scanner service terminated unexpectedly. It has done this 1 time(s).
08/10/2009 13:06:43, error: WinDefend [2004] - Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80092003 Error description: An error occurred while reading or writing to a file. Signatures loading: Backup Loading signature version: 1.67.379.0 Loading engine version: 1.1.5101.0
08/10/2009 12:17:54, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000007F' while processing the file 'pagefil2.sys' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
08/10/2009 12:17:40, error: Service Control Manager [7000] - The McAfee SpamKiller Server service failed to start due to the following error: The system cannot find the path specified.
08/10/2009 12:17:40, error: Service Control Manager [7000] - The McAfee Services service failed to start due to the following error: The system cannot find the path specified.
07/10/2009 17:12:34, error: Print [6161] - The document Untitled - Notepad owned by Sherna failed to print on printer hp deskjet 5100 series. Data type: NT EMF 1.008. Size of the spool file in bytes: 904. Number of bytes printed: 0. Total number of pages in the document: 1. Number of pages printed: 1. Client machine: \\BRENLAPTOP. Win32 error code returned by the print processor: 2 (0x2).
07/10/2009 17:09:34, error: Print [6161] - The document Untitled - Notepad owned by Sherna failed to print on printer hp deskjet 5100 series. Data type: NT EMF 1.008. Size of the spool file in bytes: 908. Number of bytes printed: 0. Total number of pages in the document: 1. Number of pages printed: 1. Client machine: \\BRENLAPTOP. Win32 error code returned by the print processor: 2 (0x2).
07/10/2009 16:57:49, error: Print [6161] - The document Microsoft Word - RESIDENTIAL TENANCY AGREEMENT 08 10 2009.doc owned by Sherna failed to print on printer hp deskjet 5100 series. Data type: NT EMF 1.008. Size of the spool file in bytes: 401828. Number of bytes printed: 0. Total number of pages in the document: 14. Number of pages printed: 1. Client machine: \\BRENLAPTOP. Win32 error code returned by the print processor: 2 (0x2).
07/10/2009 16:56:46, error: Print [6161] - The document Microsoft Word - RESIDENTIAL TENANCY AGREEMENT 08 10 2009.doc owned by Sherna failed to print on printer hp deskjet 5100 series. Data type: NT EMF 1.008. Size of the spool file in bytes: 296976. Number of bytes printed: 0. Total number of pages in the document: 14. Number of pages printed: 1. Client machine: \\BRENLAPTOP. Win32 error code returned by the print processor: 2 (0x2).
07/10/2009 16:35:37, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'avgcorex.dll.old' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
07/10/2009 11:32:20, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
07/10/2009 09:41:52, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the service.
07/10/2009 09:41:22, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the avg8wd service.

==== End Of File =========================

Any help would be much appreciated - Brendan

BC AdBot (Login to Remove)

 


#2 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:02:08 AM

Posted 27 October 2009 - 11:00 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,958 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:02:08 AM

Posted 06 November 2009 - 08:41 PM

Due to the lack of feedback, this Topic is now closed.

In case you still have problems, please send me a Private message to reopen this topic within the next 5 days. Beyond that point, please start a new topic.

Orange Blossom :(
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users