eehsun
2010-09-09, 00:34
The following is my DDS log file:
DDS (Ver_10-03-17.01) - NTFSx86
Run by Owner at 1:29:09,31 on 09.09.2010
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_21
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1254.90.1055.18.3065.1931 [GMT 3:00]
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
============== Running Processes ===============
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
C:\windows\system32\svchost.exe -k rpcss
C:\windows\system32\Ati2evxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\SLsvc.exe
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\Hpservice.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\Ati2evxx.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\AEADISRV.EXE
C:\windows\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\drivers\CDAC11BA.EXE
c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\UAService7.exe
C:\windows\System32\svchost.exe -k WerSvcGroup
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\taskeng.exe
C:\windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\MagicDisc\MagicDisc.exe
c:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\conime.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\Users\Owner\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=tr_tr&c=83&bd=all&pf=cmnb
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=tr_tr&c=83&bd=all&pf=cmnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=tr_tr&c=83&bd=all&pf=cmnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=tr_tr&c=83&bd=all&pf=cmnb
uInternet Settings,ProxyOverride = local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: BHO_Startup Class: {3134413b-49b4-425c-98a5-893c1f195601} - c:\program files\hewlett-packard\file sanitizer\IEBHO.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: AOL Toolbar BHO: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
BHO: Windows Live Oturum Açma Yardım Aracı: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: QUICKfind BHO Object: {c08df07a-3e49-4e25-9ab0-d3882835f153} - c:\progra~1\idm\quickf~1\plugins\IEHelp.dll
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\free download manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Credential Manager for HP ProtectTools: {df21f1db-80c6-11d3-9483-b03d0ec10000} - c:\program files\hewlett-packard\iam\bin\ItIEAddIn.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: ZoneAlarm Toolbar: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} -
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Google Update] "c:\users\Owner\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [WebcamMaxAutoRun] "c:\program files\webcammax\WebcamMax.exe" -a
mRun: [<NO NAME>]
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [PTHOSTTR] c:\program files\hewlett-packard\hp protecttools security manager\PTHOSTTR.EXE /Start
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [File Sanitizer] c:\program files\hewlett-packard\file sanitizer\CoreShredder.exe
mRun: [CognizanceTS] rundll32.exe c:\progra~1\hewlet~1\iam\bin\ASTSVCC.dll,RegisterModule
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"
mRun: [accrdsub] "c:\program files\actividentity\activclient\accrdsub.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [WatchDog] c:\program files\intervideo\dvd check\DVDCheck.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] c:\program files\analog devices\soundmax\soundmax.exe /tray
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\users\ihsanu~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\dvdche~1.lnk - c:\program files\intervideo\dvd check\DVDCheck.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} - hxxp://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
AppInit_DLLs: APSHook.dll acaptuser32.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File
LSA: Notification Packages = scecli ASWLNPkg
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
Hosts: 74.125.43.103 youtube.com
Hosts: 74.125.43.103 www.youtube.com (http://www.youtube.com)
Hosts: 74.125.43.103 docs.google.com
Hosts: 74.125.43.103 video.google.com
Hosts: 74.125.43.103 books.google.com
Note: multiple HOSTS entries found. Please refer to Attach.txt
============= SERVICES / DRIVERS ===============
R0 SbAlg;SbAlg;c:\windows\system32\drivers\SbAlg.sys [2008-5-14 51376]
R0 SbFsLock;SbFsLock;c:\windows\system32\drivers\SbFsLock.sys [2008-5-14 12928]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-10-9 11608]
R1 RsvLock;RsvLock;c:\windows\system32\drivers\rsvlock.sys [2008-5-14 12496]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-10-9 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-10-9 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-10-9 56816]
R2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\hewlett-packard\hp protecttools security manager\PTChangeFilterService.exe [2008-5-14 34184]
R2 HpFkCryptService;Drive Encryption Service;c:\program files\hewlett-packard\drive encryption\HpFkCrypt.exe [2008-5-14 256512]
R2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\hewlett-packard\file sanitizer\HPFSService.exe [2008-6-26 77824]
R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2008-4-7 24936]
R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2008-6-26 193840]
R3 DKRtWrt;DKRtWrt;c:\windows\system32\drivers\DKRtWrt.sys [2010-3-13 45616]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]
S3 accoca;ActivClient Middleware Service;c:\program files\actividentity\activclient\accoca.exe [2007-5-16 182576]
S3 ASBroker;Logon Session Broker;c:\windows\system32\svchost.exe -k Cognizance [2008-1-21 21504]
S3 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Cognizance [2008-1-21 21504]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-1-21 179712]
=============== Created Last 30 ================
2010-09-08 21:24:28 0 --sha-w- C:\DkHyperbootSync
2010-09-08 16:57:48 689664 ----a-w- C:\MicrosoftFixit50202.msi
2010-09-08 14:40:56 2048 ----a-w- c:\windows\system32\tzres.dll
2010-09-08 14:40:36 81920 ----a-w- c:\windows\system32\iccvid.dll
2010-09-08 14:40:34 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-09-08 14:40:34 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-09-08 14:40:33 36352 ----a-w- c:\windows\system32\rtutils.dll
2010-09-08 14:22:15 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-09-08 14:22:15 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-09-08 14:22:15 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-09-08 14:22:15 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-09-08 14:22:15 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-09-08 14:02:48 78848 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-09-08 14:02:48 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-09-08 14:02:48 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-09-08 14:02:00 2036736 ----a-w- c:\windows\system32\win32k.sys
2010-09-08 14:01:59 1314816 ----a-w- c:\windows\system32\quartz.dll
2010-09-08 14:01:58 67072 ----a-w- c:\windows\system32\asycfilt.dll
2010-09-08 14:01:58 62464 ----a-w- c:\windows\system32\l3codeca.acm
2010-09-08 14:01:18 171520 ----a-w- c:\windows\system32\wintrust.dll
2010-09-08 14:00:54 738304 ----a-w- c:\windows\system32\inetcomm.dll
2010-09-08 14:00:53 1257472 ----a-w- c:\windows\system32\msxml3.dll
2010-09-08 14:00:52 98304 ----a-w- c:\windows\system32\cabview.dll
2010-09-08 13:39:59 0 d-----w- C:\1541989d9960cdc66ba1794abe18
2010-09-08 13:38:47 6776168 ----a-w- C:\WindowsUpdateAgent30-x86.exe
2010-09-08 12:07:07 0 d-----w- c:\program files\Media Player Classic - Home Cinema
2010-09-08 12:02:15 0 d-----w- c:\program files\Guliverkli2
2010-09-08 11:59:21 0 d-----w- c:\program files\MediaInfo
2010-09-08 11:54:54 0 d-----w- c:\program files\Auslogics
2010-09-08 11:24:08 12697800 ----a-w- C:\Opera_1070_9036_in.exe
2010-09-06 11:03:15 0 d-----w- c:\users\ihsanu~1\appdata\roaming\cald3
2010-09-06 11:03:09 0 d-----w- c:\program files\IDM
2010-09-06 11:02:37 0 d-----w- c:\program files\Cambridge
2010-09-04 17:04:05 0 d-----w- c:\programdata\Apple Computer
2010-09-04 17:03:45 0 d-----w- c:\programdata\Apple
2010-09-04 16:54:44 0 d-----w- c:\users\ihsanu~1\appdata\roaming\BSplayer PRO
2010-09-04 16:54:43 0 d-----w- c:\program files\Webteh
2010-09-04 03:13:17 0 d-----w- c:\program files\Microsoft
2010-09-04 03:13:04 0 d-----w- c:\program files\Windows Live SkyDrive
2010-09-04 02:57:22 0 d-----w- c:\program files\common files\Windows Live
2010-09-04 02:45:18 0 d-----w- c:\program files\UltraISO
2010-09-04 02:45:18 0 d-----w- c:\program files\common files\EZB Systems
2010-09-04 01:55:50 0 d-----w- C:\eMule-0.50a-Xtreme-8.0-bin
2010-09-04 01:51:57 0 d-----w- c:\users\ihsanu~1\appdata\roaming\WebcamMax
2010-09-04 01:51:57 0 d-----w- c:\programdata\WebcamMax
2010-09-04 01:51:47 0 d-----w- c:\program files\WebcamMax
2010-09-04 01:45:22 0 d-----w- c:\program files\VideoLAN
2010-09-04 01:43:25 0 d-----w- c:\users\ihsanu~1\appdata\roaming\Mirillis
2010-09-04 01:43:25 0 d-----w- c:\programdata\Mirillis
2010-09-04 01:43:19 0 d-----w- c:\program files\Mirillis
2010-09-04 01:37:55 0 d-----w- c:\users\ihsanu~1\appdata\roaming\Free Download Manager
2010-09-04 01:37:54 0 d-----w- c:\programdata\FreeDownloadManager.ORG
2010-09-04 01:37:53 0 d-----w- c:\program files\Free Download Manager
2010-09-04 00:59:28 0 d-----w- c:\users\ihsanu~1\appdata\roaming\CBS Interactive
2010-09-02 13:51:41 638414 ---ha-w- c:\users\Owner\Dreamy-dreamy-1920x1200.jpg
2010-09-02 10:57:53 0 d-----w- c:\program files\CCleaner
2010-09-01 16:57:22 0 d-----w- c:\users\ihsanu~1\appdata\roaming\SUPERAntiSpyware.com
2010-09-01 16:57:22 0 d-----w- c:\programdata\SUPERAntiSpyware.com
2010-09-01 16:57:18 0 d-----w- c:\program files\SUPERAntiSpyware
2010-08-26 21:24:13 0 d-----w- c:\program files\Folder Guide
2010-08-23 11:51:28 0 d-----w- c:\program files\Unlocker
2010-08-23 11:39:50 0 d-----w- c:\users\ihsanu~1\appdata\roaming\IrfanView
2010-08-23 11:39:50 0 d-----w- c:\program files\IrfanView
2010-08-23 11:18:29 0 d-----w- c:\program files\FileHippo.com
2010-08-23 11:07:18 0 d-----w- c:\users\ihsanu~1\appdata\roaming\MiniLyrics
2010-08-23 11:07:11 0 d-----w- c:\program files\Minilyrics
2010-08-23 10:32:33 0 d-----w- c:\programdata\DFX
2010-08-23 10:32:31 0 d-----w- c:\program files\DFX
2010-08-23 10:32:31 0 d-----w- c:\program files\common files\DFX
2010-08-23 10:26:03 0 d-----w- c:\program files\Winamp Detect
2010-08-23 10:26:02 0 d-----w- c:\program files\Winamp Toolbar
2010-08-21 21:57:34 0 d-----w- c:\program files\Trend Micro
2010-08-21 21:48:17 0 d-----w- c:\users\ihsanu~1\appdata\roaming\Malwarebytes
2010-08-21 21:48:10 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-21 21:48:09 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-21 21:48:09 0 d-----w- c:\programdata\Malwarebytes
2010-08-21 21:48:09 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-21 21:08:28 0 d-----w- C:\Fix
2010-08-10 02:15:58 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-08-10 02:15:58 69632 ----a-w- c:\windows\system32\QuickTime.qts
==================== Find3M ====================
2010-09-08 21:26:52 628474 ----a-w- c:\windows\system32\perfh01F.dat
2010-09-08 21:26:52 134444 ----a-w- c:\windows\system32\perfc01F.dat
2010-09-08 21:20:24 4956 ----a-w- c:\windows\bthservsdp.dat
2010-07-31 12:08:05 51200 ----a-w- c:\windows\inf\infpub.dat
2010-07-31 12:08:05 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-07-30 19:13:38 56 ---ha-w- c:\programdata\ezsidmv.dat
2010-07-26 10:52:36 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-28 16:17:26 833024 ----a-w- c:\windows\system32\wininet.dll
2010-06-28 16:13:32 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-06-23 18:14:21 58782409 ----a-w- C:\War3TFT_124e_English.exe
2010-06-16 15:11:22 438272 ----a-w- c:\windows\system32\IKEEXT.DLL
2010-06-16 15:10:50 595456 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2010-06-16 15:09:32 328704 ----a-w- c:\windows\system32\BFE.DLL
2010-06-15 22:01:28 146460 ---ha-w- c:\windows\system32\mlfcache.dat
2010-06-11 15:31:42 274432 ----a-w- c:\windows\system32\schannel.dll
2010-03-13 12:06:33 86016 ----a-w- c:\windows\inf\infstor.dat
2009-10-10 16:35:29 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-04-16 18:19:19 36196 ----a-w- c:\windows\inf\perflib\041f\perfd.dat
2008-04-16 18:19:19 36196 ----a-w- c:\windows\inf\perflib\041f\perfc.dat
2008-04-16 18:19:19 281380 ----a-w- c:\windows\inf\perflib\041f\perfi.dat
2008-04-16 18:19:19 281380 ----a-w- c:\windows\inf\perflib\041f\perfh.dat
2008-01-21 02:57:01 174 --sha-w- c:\program files\desktop.ini
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2008-06-26 15:45:10 8192 --sha-w- c:\windows\users\default\NTUSER.DAT
============= FINISH: 1:29:42,27 ===============
My OS is Windows Vista Home Basic SP1
My problem is that I don't seem to be able to use Windows Update. I can search for updates without a problem, but when I select the updates that I want to install and proceed to installing the selected updates, an error message appears, saying "You need to provide Administrator permission"
And I am the only user in my PC and I am an administrator.
When I first encountered this problem, I searched the Microsoft KB and found a solution by running a fix downloaded from their site. What this fix did was to basically reset the Windows Update components. And this seemed to fix my problem for that time.
(http://support.microsoft.com/kb/971058/en-us)
Then I did an update (42 items) and only 31 of them were able to be installed, with 11 failures. On a succeeding update, I was able to install the remaining 11, too.
But when I wanted to check for updates for a third time (I had left some updates out and I wanted to install them), I again, encountered the "You need to provide Administrator permission" error. I stayed calm, thought that the fix from MS would again resolve the issue, but unfortunately did not this time..
And the following is what I have tried so far to get rid of the problem:
And I continued my research on the net. Some people suggested simple solutions like cleaning temp folders and browsing history etc.. which did not help.
Another suggestion concerned the removal of the tracks of any previously uninstalled antivius software. I am currently running Avira, but before that, I had McAfee preinstalled on my laptop (of course I had removed that via add-remove programs before installing avira). In order to clean the leftovers of McAfee I downloaded and ran their official cleanup tool. However this did not help with the original problem, either.
And finally, someone from the below link mentioned the possibility of a "hijackware infection", and that's why I came here, to see whether I have one.
http://social.answers.microsoft.com/Forums/en/vistawu/thread/66ae3678-96fb-4f6f-804e-1c465ad70c43
Any help will be much appreciated.
DDS (Ver_10-03-17.01) - NTFSx86
Run by Owner at 1:29:09,31 on 09.09.2010
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_21
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1254.90.1055.18.3065.1931 [GMT 3:00]
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
============== Running Processes ===============
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
C:\windows\system32\svchost.exe -k rpcss
C:\windows\system32\Ati2evxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\SLsvc.exe
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\Hpservice.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\Ati2evxx.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\AEADISRV.EXE
C:\windows\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\drivers\CDAC11BA.EXE
c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\UAService7.exe
C:\windows\System32\svchost.exe -k WerSvcGroup
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\taskeng.exe
C:\windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\MagicDisc\MagicDisc.exe
c:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\conime.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\Users\Owner\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=tr_tr&c=83&bd=all&pf=cmnb
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=tr_tr&c=83&bd=all&pf=cmnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=tr_tr&c=83&bd=all&pf=cmnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=tr_tr&c=83&bd=all&pf=cmnb
uInternet Settings,ProxyOverride = local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: BHO_Startup Class: {3134413b-49b4-425c-98a5-893c1f195601} - c:\program files\hewlett-packard\file sanitizer\IEBHO.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: AOL Toolbar BHO: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
BHO: Windows Live Oturum Açma Yardım Aracı: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: QUICKfind BHO Object: {c08df07a-3e49-4e25-9ab0-d3882835f153} - c:\progra~1\idm\quickf~1\plugins\IEHelp.dll
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\free download manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Credential Manager for HP ProtectTools: {df21f1db-80c6-11d3-9483-b03d0ec10000} - c:\program files\hewlett-packard\iam\bin\ItIEAddIn.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: ZoneAlarm Toolbar: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} -
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Google Update] "c:\users\Owner\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [WebcamMaxAutoRun] "c:\program files\webcammax\WebcamMax.exe" -a
mRun: [<NO NAME>]
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [PTHOSTTR] c:\program files\hewlett-packard\hp protecttools security manager\PTHOSTTR.EXE /Start
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [File Sanitizer] c:\program files\hewlett-packard\file sanitizer\CoreShredder.exe
mRun: [CognizanceTS] rundll32.exe c:\progra~1\hewlet~1\iam\bin\ASTSVCC.dll,RegisterModule
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"
mRun: [accrdsub] "c:\program files\actividentity\activclient\accrdsub.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [WatchDog] c:\program files\intervideo\dvd check\DVDCheck.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] c:\program files\analog devices\soundmax\soundmax.exe /tray
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\users\ihsanu~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\dvdche~1.lnk - c:\program files\intervideo\dvd check\DVDCheck.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} - hxxp://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
AppInit_DLLs: APSHook.dll acaptuser32.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File
LSA: Notification Packages = scecli ASWLNPkg
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
Hosts: 74.125.43.103 youtube.com
Hosts: 74.125.43.103 www.youtube.com (http://www.youtube.com)
Hosts: 74.125.43.103 docs.google.com
Hosts: 74.125.43.103 video.google.com
Hosts: 74.125.43.103 books.google.com
Note: multiple HOSTS entries found. Please refer to Attach.txt
============= SERVICES / DRIVERS ===============
R0 SbAlg;SbAlg;c:\windows\system32\drivers\SbAlg.sys [2008-5-14 51376]
R0 SbFsLock;SbFsLock;c:\windows\system32\drivers\SbFsLock.sys [2008-5-14 12928]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-10-9 11608]
R1 RsvLock;RsvLock;c:\windows\system32\drivers\rsvlock.sys [2008-5-14 12496]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-10-9 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-10-9 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-10-9 56816]
R2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\hewlett-packard\hp protecttools security manager\PTChangeFilterService.exe [2008-5-14 34184]
R2 HpFkCryptService;Drive Encryption Service;c:\program files\hewlett-packard\drive encryption\HpFkCrypt.exe [2008-5-14 256512]
R2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\hewlett-packard\file sanitizer\HPFSService.exe [2008-6-26 77824]
R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2008-4-7 24936]
R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2008-6-26 193840]
R3 DKRtWrt;DKRtWrt;c:\windows\system32\drivers\DKRtWrt.sys [2010-3-13 45616]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]
S3 accoca;ActivClient Middleware Service;c:\program files\actividentity\activclient\accoca.exe [2007-5-16 182576]
S3 ASBroker;Logon Session Broker;c:\windows\system32\svchost.exe -k Cognizance [2008-1-21 21504]
S3 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Cognizance [2008-1-21 21504]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-1-21 179712]
=============== Created Last 30 ================
2010-09-08 21:24:28 0 --sha-w- C:\DkHyperbootSync
2010-09-08 16:57:48 689664 ----a-w- C:\MicrosoftFixit50202.msi
2010-09-08 14:40:56 2048 ----a-w- c:\windows\system32\tzres.dll
2010-09-08 14:40:36 81920 ----a-w- c:\windows\system32\iccvid.dll
2010-09-08 14:40:34 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-09-08 14:40:34 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-09-08 14:40:33 36352 ----a-w- c:\windows\system32\rtutils.dll
2010-09-08 14:22:15 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-09-08 14:22:15 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-09-08 14:22:15 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-09-08 14:22:15 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-09-08 14:22:15 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-09-08 14:02:48 78848 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-09-08 14:02:48 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-09-08 14:02:48 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-09-08 14:02:00 2036736 ----a-w- c:\windows\system32\win32k.sys
2010-09-08 14:01:59 1314816 ----a-w- c:\windows\system32\quartz.dll
2010-09-08 14:01:58 67072 ----a-w- c:\windows\system32\asycfilt.dll
2010-09-08 14:01:58 62464 ----a-w- c:\windows\system32\l3codeca.acm
2010-09-08 14:01:18 171520 ----a-w- c:\windows\system32\wintrust.dll
2010-09-08 14:00:54 738304 ----a-w- c:\windows\system32\inetcomm.dll
2010-09-08 14:00:53 1257472 ----a-w- c:\windows\system32\msxml3.dll
2010-09-08 14:00:52 98304 ----a-w- c:\windows\system32\cabview.dll
2010-09-08 13:39:59 0 d-----w- C:\1541989d9960cdc66ba1794abe18
2010-09-08 13:38:47 6776168 ----a-w- C:\WindowsUpdateAgent30-x86.exe
2010-09-08 12:07:07 0 d-----w- c:\program files\Media Player Classic - Home Cinema
2010-09-08 12:02:15 0 d-----w- c:\program files\Guliverkli2
2010-09-08 11:59:21 0 d-----w- c:\program files\MediaInfo
2010-09-08 11:54:54 0 d-----w- c:\program files\Auslogics
2010-09-08 11:24:08 12697800 ----a-w- C:\Opera_1070_9036_in.exe
2010-09-06 11:03:15 0 d-----w- c:\users\ihsanu~1\appdata\roaming\cald3
2010-09-06 11:03:09 0 d-----w- c:\program files\IDM
2010-09-06 11:02:37 0 d-----w- c:\program files\Cambridge
2010-09-04 17:04:05 0 d-----w- c:\programdata\Apple Computer
2010-09-04 17:03:45 0 d-----w- c:\programdata\Apple
2010-09-04 16:54:44 0 d-----w- c:\users\ihsanu~1\appdata\roaming\BSplayer PRO
2010-09-04 16:54:43 0 d-----w- c:\program files\Webteh
2010-09-04 03:13:17 0 d-----w- c:\program files\Microsoft
2010-09-04 03:13:04 0 d-----w- c:\program files\Windows Live SkyDrive
2010-09-04 02:57:22 0 d-----w- c:\program files\common files\Windows Live
2010-09-04 02:45:18 0 d-----w- c:\program files\UltraISO
2010-09-04 02:45:18 0 d-----w- c:\program files\common files\EZB Systems
2010-09-04 01:55:50 0 d-----w- C:\eMule-0.50a-Xtreme-8.0-bin
2010-09-04 01:51:57 0 d-----w- c:\users\ihsanu~1\appdata\roaming\WebcamMax
2010-09-04 01:51:57 0 d-----w- c:\programdata\WebcamMax
2010-09-04 01:51:47 0 d-----w- c:\program files\WebcamMax
2010-09-04 01:45:22 0 d-----w- c:\program files\VideoLAN
2010-09-04 01:43:25 0 d-----w- c:\users\ihsanu~1\appdata\roaming\Mirillis
2010-09-04 01:43:25 0 d-----w- c:\programdata\Mirillis
2010-09-04 01:43:19 0 d-----w- c:\program files\Mirillis
2010-09-04 01:37:55 0 d-----w- c:\users\ihsanu~1\appdata\roaming\Free Download Manager
2010-09-04 01:37:54 0 d-----w- c:\programdata\FreeDownloadManager.ORG
2010-09-04 01:37:53 0 d-----w- c:\program files\Free Download Manager
2010-09-04 00:59:28 0 d-----w- c:\users\ihsanu~1\appdata\roaming\CBS Interactive
2010-09-02 13:51:41 638414 ---ha-w- c:\users\Owner\Dreamy-dreamy-1920x1200.jpg
2010-09-02 10:57:53 0 d-----w- c:\program files\CCleaner
2010-09-01 16:57:22 0 d-----w- c:\users\ihsanu~1\appdata\roaming\SUPERAntiSpyware.com
2010-09-01 16:57:22 0 d-----w- c:\programdata\SUPERAntiSpyware.com
2010-09-01 16:57:18 0 d-----w- c:\program files\SUPERAntiSpyware
2010-08-26 21:24:13 0 d-----w- c:\program files\Folder Guide
2010-08-23 11:51:28 0 d-----w- c:\program files\Unlocker
2010-08-23 11:39:50 0 d-----w- c:\users\ihsanu~1\appdata\roaming\IrfanView
2010-08-23 11:39:50 0 d-----w- c:\program files\IrfanView
2010-08-23 11:18:29 0 d-----w- c:\program files\FileHippo.com
2010-08-23 11:07:18 0 d-----w- c:\users\ihsanu~1\appdata\roaming\MiniLyrics
2010-08-23 11:07:11 0 d-----w- c:\program files\Minilyrics
2010-08-23 10:32:33 0 d-----w- c:\programdata\DFX
2010-08-23 10:32:31 0 d-----w- c:\program files\DFX
2010-08-23 10:32:31 0 d-----w- c:\program files\common files\DFX
2010-08-23 10:26:03 0 d-----w- c:\program files\Winamp Detect
2010-08-23 10:26:02 0 d-----w- c:\program files\Winamp Toolbar
2010-08-21 21:57:34 0 d-----w- c:\program files\Trend Micro
2010-08-21 21:48:17 0 d-----w- c:\users\ihsanu~1\appdata\roaming\Malwarebytes
2010-08-21 21:48:10 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-21 21:48:09 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-21 21:48:09 0 d-----w- c:\programdata\Malwarebytes
2010-08-21 21:48:09 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-21 21:08:28 0 d-----w- C:\Fix
2010-08-10 02:15:58 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-08-10 02:15:58 69632 ----a-w- c:\windows\system32\QuickTime.qts
==================== Find3M ====================
2010-09-08 21:26:52 628474 ----a-w- c:\windows\system32\perfh01F.dat
2010-09-08 21:26:52 134444 ----a-w- c:\windows\system32\perfc01F.dat
2010-09-08 21:20:24 4956 ----a-w- c:\windows\bthservsdp.dat
2010-07-31 12:08:05 51200 ----a-w- c:\windows\inf\infpub.dat
2010-07-31 12:08:05 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-07-30 19:13:38 56 ---ha-w- c:\programdata\ezsidmv.dat
2010-07-26 10:52:36 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-28 16:17:26 833024 ----a-w- c:\windows\system32\wininet.dll
2010-06-28 16:13:32 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-06-23 18:14:21 58782409 ----a-w- C:\War3TFT_124e_English.exe
2010-06-16 15:11:22 438272 ----a-w- c:\windows\system32\IKEEXT.DLL
2010-06-16 15:10:50 595456 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2010-06-16 15:09:32 328704 ----a-w- c:\windows\system32\BFE.DLL
2010-06-15 22:01:28 146460 ---ha-w- c:\windows\system32\mlfcache.dat
2010-06-11 15:31:42 274432 ----a-w- c:\windows\system32\schannel.dll
2010-03-13 12:06:33 86016 ----a-w- c:\windows\inf\infstor.dat
2009-10-10 16:35:29 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-04-16 18:19:19 36196 ----a-w- c:\windows\inf\perflib\041f\perfd.dat
2008-04-16 18:19:19 36196 ----a-w- c:\windows\inf\perflib\041f\perfc.dat
2008-04-16 18:19:19 281380 ----a-w- c:\windows\inf\perflib\041f\perfi.dat
2008-04-16 18:19:19 281380 ----a-w- c:\windows\inf\perflib\041f\perfh.dat
2008-01-21 02:57:01 174 --sha-w- c:\program files\desktop.ini
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2008-06-26 15:45:10 8192 --sha-w- c:\windows\users\default\NTUSER.DAT
============= FINISH: 1:29:42,27 ===============
My OS is Windows Vista Home Basic SP1
My problem is that I don't seem to be able to use Windows Update. I can search for updates without a problem, but when I select the updates that I want to install and proceed to installing the selected updates, an error message appears, saying "You need to provide Administrator permission"
And I am the only user in my PC and I am an administrator.
When I first encountered this problem, I searched the Microsoft KB and found a solution by running a fix downloaded from their site. What this fix did was to basically reset the Windows Update components. And this seemed to fix my problem for that time.
(http://support.microsoft.com/kb/971058/en-us)
Then I did an update (42 items) and only 31 of them were able to be installed, with 11 failures. On a succeeding update, I was able to install the remaining 11, too.
But when I wanted to check for updates for a third time (I had left some updates out and I wanted to install them), I again, encountered the "You need to provide Administrator permission" error. I stayed calm, thought that the fix from MS would again resolve the issue, but unfortunately did not this time..
And the following is what I have tried so far to get rid of the problem:
And I continued my research on the net. Some people suggested simple solutions like cleaning temp folders and browsing history etc.. which did not help.
Another suggestion concerned the removal of the tracks of any previously uninstalled antivius software. I am currently running Avira, but before that, I had McAfee preinstalled on my laptop (of course I had removed that via add-remove programs before installing avira). In order to clean the leftovers of McAfee I downloaded and ran their official cleanup tool. However this did not help with the original problem, either.
And finally, someone from the below link mentioned the possibility of a "hijackware infection", and that's why I came here, to see whether I have one.
http://social.answers.microsoft.com/Forums/en/vistawu/thread/66ae3678-96fb-4f6f-804e-1c465ad70c43
Any help will be much appreciated.