Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Tablet Driver disabled and Active Desktop disabled upon reboot


  • This topic is locked This topic is locked
2 replies to this topic

#1 LightDarkSoy

LightDarkSoy

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:38 AM

Posted 18 February 2011 - 01:18 AM

I'm using a Windows XP with Google Chrome as my browser
The problem started when I was trying to get to Youtube. I clicked the link and a fatal error occurred. Something about a redirect loop. One of the possible solutions google gave me was to clear all cookies and so I did. But then when I did that and went to my desktop, my wallpaper was gone and it said "Active Desktop Recovery" "Active desktop has been turned off" etc. I ran ATF Cleaner and Super-Anti-Spyware free edition in safe mode and thought the problem was solved. Anti-Spyware found something called "Hijacker.Tubby" and "Hijacker.Deskbar" It quarantined them and I thought it was done. But my Active desktop was still disabled and the driver for my wacom tablet isn't running.
I need this solved as quick as possible because this problem is setting me back on several assignments for my art class. I can't just start over on a piece of paper; too much time was put into the work that's already been done.

Here are my logs:

DDS (Ver_10-12-12.02) - NTFSx86
Run by Family at 17:33:32.32 on 02/17/2011 Thu
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Professional 5.1.2600.3.932.81.1033.18.1022.359 [GMT -8:00]


============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\WTouch\WTouchService.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\WTouch\WTouchUser.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Blaze Media Pro\NMSAccess32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\Pen_Tablet.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Family\Application Data\Dropbox\bin\Dropbox.exe
E:\Downloads\Applications\HiJackThis.exe
C:\Documents and Settings\Family\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Family\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Family\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Family\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Family\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Family\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Family\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Family\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Family\Desktop\dds.scr
C:\WINDOWS\system32\conime.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: NCH Toolbar: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - c:\program files\nch\tbNCH.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: ATLAS Toolbar: {3c6301ed-0f78-4af2-8150-d9c052361a8e} - c:\program files\atlas v13\ATLIECP.DLL
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: NCH Toolbar: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - c:\program files\nch\tbNCH.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
TB: ATLAS Toolbar: {3c6301ed-0f78-4af2-8150-d9c052361a8e} - c:\program files\atlas v13\ATLIECP.DLL
TB: NCH Toolbar: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - c:\program files\nch\tbNCH.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {9565115D-C7D6-46D3-BD63-B67B481A4368} - No File
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
StartupFolder: c:\docume~1\family\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\family\application data\dropbox\bin\Dropbox.exe
IE: &Translate with ATLAS - c:\program files\atlas v13\Atlscript.html
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: ATLAS Translation &Editor - c:\program files\atlas v13\AtlscriptEdit.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

============= SERVICES / DRIVERS ===============

R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [2010-1-3 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [2010-1-3 5248]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2004-8-3 14336]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\common files\epson\epw!3 ssrp\E_S50ST7.EXE [2011-1-15 153600]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\common files\epson\epw!3 ssrp\E_S50RP7.EXE [2011-1-15 121856]
R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2011-2-17 4408616]
R2 WTouchService;WTouch Service;c:\program files\wtouch\WTouchService.exe [2011-2-17 112936]
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [2009-3-31 20160]
S3 AVPsys;AVPsys;c:\windows\system32\drivers\cdaudio.sys [2001-8-17 18688]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\magix\common\database\bin\fbserver.exe [2010-1-19 1527900]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 RegGuard;RegGuard;c:\windows\system32\drivers\regguard.sys [2010-1-19 24416]

=============== Created Last 30 ================

2011-02-18 01:11:42 220968 ------w- c:\windows\system32\Touch_Tablet.dll
2011-02-18 01:11:41 -------- d-----w- c:\program files\WTouch
2011-02-18 01:11:16 6124840 ------w- c:\windows\system32\PenTablet.cpl
2011-02-18 01:11:10 11440 ----a-w- c:\windows\system32\drivers\WacomVKHid.sys
2011-02-18 01:11:03 11312 ----a-w- c:\windows\system32\drivers\wacommousefilter.sys
2011-02-18 01:11:00 13736 ----a-w- c:\windows\system32\drivers\wacomvhid.sys
2011-02-18 01:10:54 -------- d-----w- c:\windows\system32\WTablet
2011-02-18 01:10:52 284672 ------w- c:\windows\system32\Wintab32.dll
2011-02-18 01:10:51 392488 ------w- c:\windows\system32\Pen_Tablet.dll
2011-02-18 01:10:49 4408616 ------w- c:\windows\system32\Pen_Tablet.exe
2011-02-18 01:10:43 -------- d-----w- c:\program files\Tablet
2011-02-18 00:50:36 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-02-16 04:12:34 -------- d-----w- c:\docume~1\family\locals~1\applic~1\IMVU_Inc
2011-02-14 06:40:19 -------- d-----w- c:\program files\Fate
2011-02-12 09:06:36 -------- d-----w- c:\program files\thriXXX
2011-02-12 05:25:52 -------- d-----w- c:\program files\directx
2011-02-11 21:34:32 -------- d-----w- c:\docume~1\family\applic~1\Dropbox
2011-02-10 00:43:48 439296 -c----w- c:\windows\system32\dllcache\shimgvw.dll
2011-01-28 14:59:14 -------- d-----w- c:\docume~1\alluse~1\applic~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-01-28 14:58:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2011-01-28 14:58:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2011-01-28 14:58:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2011-01-28 14:58:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2011-01-28 14:58:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2011-01-28 14:58:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2011-01-28 14:58:37 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2011-01-21 12:58:13 -------- d-----w- C:\evee
2011-01-21 10:29:23 974380 ----a-w- c:\windows\Let's Meow Meow! Uninstaller.exe
2011-01-21 10:28:52 -------- d-----w- c:\program files\Let's Meow Meow!
2011-01-19 14:35:59 6656 -c--a-w- c:\windows\system32\dllcache\c_is2022.dll
2011-01-19 14:35:59 6656 ----a-w- c:\windows\system32\c_is2022.dll

==================== Find3M ====================

2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-19 14:18:59 1875968 ----a-w- c:\windows\system32\msir3jp.lex
2011-01-19 14:18:56 98304 ----a-w- c:\windows\system32\msir3jp.dll
2011-01-19 14:18:39 1677824 ----a-w- c:\windows\system32\chsbrkr.dll
2011-01-19 14:18:34 838144 ----a-w- c:\windows\system32\chtbrkr.dll
2011-01-19 14:18:15 70656 ----a-w- c:\windows\system32\korwbrkr.dll
2011-01-19 14:15:36 9216 ----a-w- c:\windows\system32\kbdnecAT.dll
2011-01-19 14:15:36 7680 ----a-w- c:\windows\system32\kbdnecNT.dll
2011-01-19 14:15:36 7168 ----a-w- c:\windows\system32\kbdnec95.dll
2011-01-19 14:15:36 6144 ----a-w- c:\windows\system32\kbd101a.dll
2011-01-15 06:14:57 3082 ----a-w- c:\windows\system32\affv208325p1now.sys
2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10:33 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:59:20 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:59:19 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:59:19 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55:26 385024 ----a-w- c:\windows\system32\html.iec
2010-12-09 15:15:09 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 14:30:22 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-12-09 13:38:47 2192768 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 13:07:05 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-11-30 01:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-30 01:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts

============= FINISH: 17:34:17.09 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 LightDarkSoy

LightDarkSoy
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:38 AM

Posted 19 February 2011 - 03:08 AM

Nevermind, problem solved.

#3 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:38 PM

Posted 20 February 2011 - 04:37 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users