Results 1 to 2 of 2

Thread: Virus Malware

  1. 2011-05-02, 04:18 #1
    casino86
    casino86 is offline
    Junior Member
    Join Date
    May 2011
    Location
    New Jersey for now
    Posts
    1

    Default Virus Malware

    First internet explorer and firefox got shut down, and I got a message that I have a malware. It asked me to update my internet security by buying a preminum package. So I turned off the modem box, and I quarantine the malware with adware. I tried to access to internet afterward, but I couldn't open any shorcut using exe files. But somehow I manage to get access to internet, and used file from Broken EXE Association to fix that problem. But I'm using window 7, and I think I messed things up by using the outdated file. Here's the DDS file before the patch.

    .
    DDS (Ver_11-03-05.01) - NTFS_AMD64
    Run by casino86 at 21:26:31.67 on 2011-05-01
    Internet Explorer: 8.0.7600.16385
    Microsoft Windows 7 Home Premium 6.1.7600.0.949.82.1033.18.6109.4420 [GMT -4:00]
    .
    AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
    AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
    SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
    FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\Dell\DellDock\DockLogin.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\CloudManager\CloudManager.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
    C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
    C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\DllHost.exe
    C:\Program Files (x86)\MicroCloudEngine\MicroCloudEngine.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Windows\system32\wuauclt.exe
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe
    C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\casino86\Desktop\dds.com
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110319132144.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
    uRun: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
    mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
    mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
    StartupFolder: C:\Users\casino86\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files\Dell\DellDock\DellDock.exe
    uPolicies-explorer: HideSCAHealth = 1 (0x1)
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {90B508F3-F928-4D14-BF4E-9D0D732573E4} - hxxp://www.limeusa.com/files/application/LimeusaControl2.CAB
    DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110319132144.dll
    BHO-X64: scriptproxy - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
    mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\casino86\AppData\Roaming\Mozilla\Firefox\Profiles\28d1g0py.default\
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [2011-4-21 69376]
    R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-1-5 529128]
    R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2010-1-5 283360]
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-3-4 55280]
    R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\System32\drivers\mfenlfk.sys [2010-1-5 75032]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
    R2 CloudManager;CloudManager;C:\Program Files (x86)\CloudManager\CloudManager.exe [2010-11-24 1179800]
    R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-3-4 13336]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-4-18 2146496]
    R2 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-19 355440]
    R2 McNaiAnn;McAfee VirusScan Announcer;"C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-19 355440]
    R2 McProxy;McAfee Proxy Service;"C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-19 355440]
    R2 McShield;McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2011-3-4 200056]
    R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2011-3-4 245352]
    R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe [2011-3-4 149032]
    R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
    R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-3-4 705856]
    R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2010-1-5 62800]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2011-3-4 138752]
    R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-4-18 17152]
    R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2010-1-5 190136]
    R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2010-1-5 441328]
    R3 MicroCloudEngine;MicroCloudEngine;C:\Program Files (x86)\MicroCloudEngine\MicroCloudEngine.exe [2010-11-19 1917088]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-4 236544]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2010-1-5 94864]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-20 1255736]
    S4 McOobeSv;McAfee OOBE Service;"C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2011-3-19 355440]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2011-05-01 22:15:41 192512 --sha-w- C:\Windows\SysWow64\1psxe.dll
    2011-05-01 22:15:32 512000 --sha-w- C:\Users\casino86\AppData\Local\nmf.exe
    2011-04-22 01:23:55 16432 ----a-w- C:\Windows\System32\lsdelete.exe
    2011-04-22 01:17:13 69376 ----a-w- C:\Windows\System32\drivers\Lbd.sys
    2011-04-22 01:17:12 49752 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
    2011-04-22 01:16:35 -------- d-----w- C:\Users\casino86\AppData\Local\Sunbelt Software
    2011-04-22 01:14:19 -------- dc-h--w- C:\PROGRA~3\{AA5544E4-9BBC-419B-9204-40B5924D26AA}
    2011-04-22 01:14:16 -------- d-----w- C:\Program Files (x86)\Lavasoft
    2011-04-16 20:04:48 -------- d-----w- C:\Program Files (x86)\uTorrent
    2011-04-16 20:03:48 -------- d-----w- C:\Users\casino86\AppData\Roaming\uTorrent
    .
    ==================== Find3M ====================
    .
    2011-03-12 12:03:46 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
    2011-03-12 11:31:58 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
    2011-03-11 06:23:13 187264 ----a-w- C:\Windows\System32\drivers\storport.sys
    2011-03-11 06:23:06 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
    2011-03-11 06:23:06 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys
    2011-03-11 06:23:06 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
    2011-03-11 06:23:00 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
    2011-03-11 06:22:41 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
    2011-03-11 06:22:40 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
    2011-03-11 06:19:26 1395712 ----a-w- C:\Windows\System32\mfc42.dll
    2011-03-11 06:19:26 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
    2011-03-11 06:18:20 2566144 ----a-w- C:\Windows\System32\esent.dll
    2011-03-11 06:15:54 96768 ----a-w- C:\Windows\System32\fsutil.exe
    2011-03-11 05:40:24 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
    2011-03-11 05:40:24 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
    2011-03-11 05:39:35 1686016 ----a-w- C:\Windows\SysWow64\esent.dll
    2011-03-11 05:37:34 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
    2011-03-08 06:14:30 976896 ----a-w- C:\Windows\System32\inetcomm.dll
    2011-03-08 05:38:13 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
    2011-03-04 16:47:13 521448 ----a-w- C:\Windows\System32\deployJava1.dll
    2011-03-04 16:46:49 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2011-03-04 06:17:25 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2011-03-04 06:17:24 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2011-03-03 06:17:10 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll
    2011-03-03 06:14:38 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
    2011-03-03 05:27:30 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
    2011-03-03 03:58:32 3133440 ----a-w- C:\Windows\System32\win32k.sys
    2011-02-26 06:23:14 2870272 ----a-w- C:\Windows\explorer.exe
    2011-02-26 05:33:07 2614784 ----a-w- C:\Windows\SysWow64\explorer.exe
    2011-02-24 06:30:00 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
    2011-02-24 06:29:15 1197056 ----a-w- C:\Windows\System32\wininet.dll
    2011-02-24 06:24:57 57856 ----a-w- C:\Windows\System32\licmgr10.dll
    2011-02-24 05:32:52 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
    2011-02-24 05:32:44 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-02-24 05:30:16 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
    2011-02-24 05:05:13 482816 ----a-w- C:\Windows\System32\html.iec
    2011-02-24 04:24:04 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-02-24 04:23:48 386048 ----a-w- C:\Windows\SysWow64\html.iec
    2011-02-24 03:50:26 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2011-02-23 05:16:28 461312 ----a-w- C:\Windows\System32\drivers\srv.sys
    2011-02-23 05:16:01 401920 ----a-w- C:\Windows\System32\drivers\srv2.sys
    2011-02-23 05:15:50 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
    2011-02-23 05:15:27 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
    2011-02-23 05:15:14 286720 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
    2011-02-23 05:15:13 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
    2011-02-23 05:15:06 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
    2011-02-19 06:36:13 46080 ----a-w- C:\Windows\System32\atmlib.dll
    2011-02-19 05:32:08 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2011-02-19 04:13:39 367104 ----a-w- C:\Windows\System32\atmfd.dll
    2011-02-19 03:37:02 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2011-02-18 06:37:05 612352 ----a-w- C:\Windows\System32\vbscript.dll
    2011-02-18 06:33:50 31232 ----a-w- C:\Windows\System32\prevhost.exe
    2011-02-18 05:36:26 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2011-02-18 05:33:29 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
    2011-02-12 06:14:41 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
    2011-02-05 12:41:43 556928 ----a-w- C:\Windows\System32\winresume.efi
    2011-02-05 12:41:35 640896 ----a-w- C:\Windows\System32\winload.efi
    2011-02-05 12:41:24 20352 ----a-w- C:\Windows\System32\kdusb.dll
    2011-02-05 12:41:24 19328 ----a-w- C:\Windows\System32\kd1394.dll
    2011-02-05 12:41:23 17792 ----a-w- C:\Windows\System32\kdcom.dll
    2011-02-05 12:39:21 603976 ----a-w- C:\Windows\System32\winload.exe
    2011-02-05 12:39:21 518160 ----a-w- C:\Windows\System32\winresume.exe
    .
    ============= FINISH: 21:26:56.61 ===============

    Attach File

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_11-03-05.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 2011-03-18 오후 6:58:45
    System Uptime: 2011-05-01 오후 9:07:15 (0 hours ago)
    .
    Motherboard: Dell Inc. | | 018D1Y
    Processor: Pentium(R) Dual-Core CPU E5800 @ 3.20GHz | CPU 1 | 3203/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 919 GiB total, 839.021 GiB free.
    D: is CDROM ()
    E: is Removable
    F: is Removable
    G: is Removable
    H: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP23: 2011-04-10 오전 11:10:51 - Scheduled Checkpoint
    RP24: 2011-04-13 오전 8:23:50 - Windows Update
    RP25: 2011-04-20 오전 8:48:54 - Scheduled Checkpoint
    RP26: 2011-04-27 오전 8:24:23 - Windows Update
    .
    ==== Installed Programs ======================
    .
    Ad-Aware
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.1.2
    CloudManager
    Consumer In-Home Service Agreement
    D3DX10
    Dell DataSafe Local Backup
    Dell DataSafe Local Backup - Support Software
    Dell DataSafe Online
    Dell Dock
    Dell Getting Started Guide
    eBay
    GOM Player
    GoToAssist 8.0.0.514
    Intel(R) Control Center
    Intel(R) Rapid Storage Technology
    Internet Explorer
    Java Auto Updater
    Java(TM) 6 Update 23
    Junk Mail filter update
    League of Legends
    LimeUSA Download
    LimeUSA Upload
    Magic Online
    McAfee Security Center
    Mesh Runtime
    Messenger Companion
    MicroCloudEngine
    Microsoft Office 2010
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Mozilla Firefox 4.0.1 (x86 ko)
    MSVCRT
    MSVCRT_amd64
    Pando Media Booster
    Realtek High Definition Audio Driver
    Roxio Burn
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Skype Toolbars
    Skype™ 4.2
    Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    WildTangent Games
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    μTorrent
    알집
    알툴즈 업데이트
    .
    ==== Event Viewer Messages From Past Week ========
    .
    2011-05-01 오후 9:20:16, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user casino86-PC\casino86 SID (S-1-5-21-2224069508-976022635-3281214422-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    2011-05-01 오후 9:20:13, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user casino86-PC\casino86 SID (S-1-5-21-2224069508-976022635-3281214422-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    2011-05-01 오후 9:20:10, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user casino86-PC\casino86 SID (S-1-5-21-2224069508-976022635-3281214422-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    2011-04-26 오전 11:22:03, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004
    2011-04-26 오전 11:22:03, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004
    2011-04-24 오전 11:37:14, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004
    2011-04-24 오전 11:37:14, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004
    .
    ==== End Of File ===========================


    I hope any of that made sense. I heard misfortune never comes alone, but I wasn't expecting something like this to happen when one of the family member died. What a day.
  2. 2011-05-12, 03:12 #2
    shelf life
    shelf life is offline
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,066

    Default

    hi casino86,

    Your post is a few days old. If you still need help simply post back.
    How Can I Reduce My Risk?
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules