1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

slow internet, abnormal mouse function, + trojan

Discussion in 'Virus & Other Malware Removal' started by buda18, Nov 1, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. buda18

    buda18 Thread Starter

    Joined:
    Jan 20, 2004
    Messages:
    130
    well it's been a while since i last had this computer refreshed, and i've mostly tried to just deal with it, but i need it at full speed once again. symptoms: both mozilla and IE load very slowly, when i single click an icon the mouse acts as though i double clicked (i've had this problem and it was some kind of malware issue), and lastly NOD32 catches some trojan virus (i'll make a note of its name next time i see the notification), but it isn't able to remove it when i click on the "remove" or "fix" button. the name of the threat found by NOD32 is "MBR sector of the 1. physical disk", and the "threat" is "Win32/Olmarisk.AJL trojan"

    as always, thank you guys for your time and commitment.
    i guess i'll just post up a hijack log for now to get things started.

    HIJACK

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 8:41:24 PM, on 11/1/2011
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    I:\WINDOWS\System32\smss.exe
    I:\WINDOWS\system32\winlogon.exe
    I:\WINDOWS\system32\services.exe
    I:\WINDOWS\system32\lsass.exe
    I:\WINDOWS\system32\svchost.exe
    I:\WINDOWS\System32\svchost.exe
    I:\WINDOWS\system32\rundll32.exe
    I:\WINDOWS\system32\spoolsv.exe
    I:\Program Files\Bonjour\mDNSResponder.exe
    I:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    I:\WINDOWS\Explorer.EXE
    I:\Program Files\Java\jre6\bin\jqs.exe
    I:\WINDOWS\system32\nvsvc32.exe
    I:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    I:\WINDOWS\AGRSMMSG.exe
    I:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
    I:\WINDOWS\system32\rundll32.exe
    I:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    I:\Program Files\NETGEAR\WG111v3\WG111v3.exe
    I:\WINDOWS\system32\wscntfy.exe
    I:\Program Files\Mozilla Firefox\firefox.exe
    I:\Program Files\Mozilla Firefox\plugin-container.exe
    I:\WINDOWS\System32\svchost.exe
    I:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - I:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - I:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - I:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - I:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [LogitechGalleryRepair] I:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [LogitechImageStudioTray] I:\Program Files\Logitech\ImageStudio\LogiTray.exe
    O4 - HKLM\..\Run: [VAIO Update 3] "I:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe" /Stationary
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "I:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "I:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [egui] "I:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: Microsoft Office.lnk = I:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = I:\Program Files\NETGEAR\WG111v3\WG111v3.exe
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - I:\Program Files\AIM\aim.exe
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - I:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
    O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} (Pearson Installation Assistant 2) - http://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab
    O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} (Pearson MathXL Player) - http://asp.mathxl.com/books/_Players/MathPlayer.cab
    O23 - Service: Bonjour Service - Apple Inc. - I:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - I:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
    O23 - Service: ESET Service (ekrn) - ESET - I:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - I:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Software Updater (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - I:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Unknown owner - I:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: SonicStage Back-End Service - Sony Corporation - I:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - I:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - I:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - I:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 7315 bytes

    DDS

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_20
    Run by Vahab at 20:46:20 on 2011-11-01
    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.287 [GMT -5:00]
    .
    AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
    .
    ============== Running Processes ===============
    .
    I:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    I:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    I:\WINDOWS\system32\rundll32.exe
    I:\WINDOWS\system32\spoolsv.exe
    I:\Program Files\Bonjour\mDNSResponder.exe
    svchost.exe
    I:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    I:\WINDOWS\Explorer.EXE
    I:\Program Files\Java\jre6\bin\jqs.exe
    I:\WINDOWS\system32\nvsvc32.exe
    I:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    I:\WINDOWS\AGRSMMSG.exe
    I:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
    I:\WINDOWS\system32\rundll32.exe
    I:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    I:\Program Files\NETGEAR\WG111v3\WG111v3.exe
    I:\WINDOWS\system32\wscntfy.exe
    I:\Program Files\Mozilla Firefox\firefox.exe
    I:\Program Files\Mozilla Firefox\plugin-container.exe
    I:\WINDOWS\System32\svchost.exe -k HTTPFilter
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    mStart Page = hxxp://www.google.com
    uInternet Settings,ProxyOverride = <local>
    uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - i:\program files\yahoo!\companion\installs\cpn0\yt.dll
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - i:\program files\yahoo!\companion\installs\cpn0\yt.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - i:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - i:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - i:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - i:\program files\yahoo!\companion\installs\cpn0\yt.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [AGRSMMSG] AGRSMMSG.exe
    mRun: [NvCplDaemon] RUNDLL32.EXE i:\windows\system32\NvCpl.dll,NvStartup
    mRun: [LogitechGalleryRepair] i:\program files\logitech\imagestudio\ISStart.exe
    mRun: [LogitechImageStudioTray] i:\program files\logitech\imagestudio\LogiTray.exe
    mRun: [VAIO Update 3] "i:\program files\sony\vaio update 3\VAIOUpdt.exe" /Stationary
    mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    mRun: [Adobe Reader Speed Launcher] "i:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "i:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [QuickTime Task] "i:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    mRun: [egui] "i:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
    StartupFolder: i:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - i:\program files\microsoft office\office\OSA9.EXE
    StartupFolder: i:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - i:\program files\netgear\wg111v3\WG111v3.exe
    dPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
    IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - i:\program files\aim\aim.exe
    IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - i:\program files\messenger\msmsgs.exe
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - i:\progra~1\spybot~1\SDHelper.dll
    DPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB
    DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} - hxxp://esupport.sony.com/VaioInfo.CAB
    DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - i:\program files\yahoo!\common\Yinsthelper.dll
    DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {95D88B35-A521-472B-A182-BB1A98356421} - hxxp://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab
    DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} - hxxp://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
    DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} - hxxp://asp.mathxl.com/books/_Players/MathPlayer.cab
    TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
    TCP: Interfaces\{2858F564-A3E1-46DC-A231-F205FC5E192B} : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - i:\windows\system32\WPDShServiceObj.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - i:\documents and settings\vahab\application data\mozilla\firefox\profiles\djbdybif.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - www.google.com
    FF - plugin: i:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
    FF - plugin: i:\program files\divx\divx plus web player\npdivx32.dll
    FF - plugin: i:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: i:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
    FF - plugin: i:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
    FF - plugin: i:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: i:\program files\viewpoint\viewpoint media player\npViewpoint.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - i:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - i:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - i:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - i:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - i:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    FF - Ext: Java Quick Starter: [email protected] - i:\program files\java\jre6\lib\deploy\jqs\ff
    FF - Ext: XULRunner: {8E4FABEC-B107-4B54-8C73-5C173553B363} - i:\documents and settings\vahab\local settings\application data\{8E4FABEC-B107-4B54-8C73-5C173553B363}
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 ehdrv;ehdrv;i:\windows\system32\drivers\ehdrv.sys [2009-9-29 108792]
    R1 epfwtdir;epfwtdir;i:\windows\system32\drivers\epfwtdir.sys [2009-9-29 96408]
    R2 EAPPkt;Realtek EAPPkt Protocol;i:\windows\system32\drivers\EAPPkt.sys [2007-10-9 38144]
    R2 ekrn;ESET Service;i:\program files\eset\eset nod32 antivirus\ekrn.exe [2009-9-29 735960]
    R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;i:\windows\system32\drivers\wg111v3.sys [2007-12-28 287232]
    S3 MBAMSwissArmy;MBAMSwissArmy;\??\i:\windows\system32\drivers\mbamswissarmy.sys --> i:\windows\system32\drivers\mbamswissarmy.sys [?]
    S4 gupdate;Google Update Service (gupdate);i:\program files\google\update\GoogleUpdate.exe [2009-12-28 135664]
    .
    =============== Created Last 30 ================
    .
    2011-11-01 19:13:21 -------- d-----w- I:\Capitalism.A.Love.Story.DOCU.DVDRip.XviD-SAPHiRE
    2011-11-01 19:13:16 -------- d-----w- I:\[ www.TorrentDay.com ] - Aries.Spears.Hollywood.Look.Im.Smiling.2011.HDTV.XviD-FQM
    2011-11-01 19:02:51 -------- d-----w- I:\The Black Packet - Volume 5 - Whats The Big Fuss Over Hemp And Marijuana (DVD Master)
    2011-10-29 21:09:14 414368 ----a-w- i:\windows\system32\FlashPlayerCPLApp.cpl
    2011-10-29 15:29:41 -------- d-----w- I:\30.Minutes.or.Less.2011.R5.CAM.AUDiO.XviD-FUSiON
    2011-10-28 05:10:35 -------- d-----w- I:\The Union
    2011-10-28 01:19:37 -------- d-----w- i:\program files\ESET
    2011-10-26 06:59:48 -------- d-----w- I:\[ www.Torrentday.com ] - Public.Speaking.2010.HDTV.XviD-hV
    2011-10-26 05:21:21 -------- d-----w- I:\Inside.Job.LiMiTED.BDRip.XviD-DEFACED
    .
    ==================== Find3M ====================
    .
    2011-08-31 22:00:50 22216 ----a-w- i:\windows\system32\drivers\mbam.sys
    2011-08-11 23:19:15 0 ----a-w- i:\documents and settings\all users\application data\wlsn.exe
    2011-08-11 23:19:15 0 ----a-w- i:\documents and settings\all users\application data\sqxx.exe
    2011-08-11 23:19:15 0 ----a-w- i:\documents and settings\all users\application data\rwru.exe
    2011-08-11 23:19:15 0 ----a-w- i:\documents and settings\all users\application data\ixcx.exe
    2008-05-30 19:37:10 1694728 ----a-w- i:\program files\dsetup32.dll
    2008-05-30 19:35:56 97288 ----a-w- i:\program files\DSETUP.dll
    2008-05-30 19:34:50 528392 ----a-w- i:\program files\DXSETUP.exe
    .
    ============= FINISH: 20:47:46.35 ===============

    ATTACH

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 10/5/2007 7:44:11 PM
    System Uptime: 11/1/2011 1:52:22 PM (7 hours ago)
    .
    Motherboard: ASUSTek Computer Inc. | | P4SD-VL
    Processor: Intel(R) Pentium(R) 4 CPU 3.20GHz | CPU 1 | 3192/200mhz
    Processor: Intel(R) Pentium(R) 4 CPU 3.20GHz | CPU 1 | 3192/200mhz
    .
    ==== Disk Partitions =========================
    .
    A: is Removable
    C: is FIXED (FAT32) - 57 GiB total, 2.047 GiB free.
    D: is CDROM ()
    E: is Removable
    F: is Removable
    G: is Removable
    H: is CDROM ()
    I: is FIXED (NTFS) - 233 GiB total, 156.084 GiB free.
    J: is Removable
    K: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Intel(R) PRO/100 VE Network Connection
    Device ID: PCI\VEN_8086&DEV_1050&SUBSYS_815C104D&REV_02\4&2E98101C&0&40F0
    Manufacturer: Intel
    Name: Intel(R) PRO/100 VE Network Connection
    PNP Device ID: PCI\VEN_8086&DEV_1050&SUBSYS_815C104D&REV_02\4&2E98101C&0&40F0
    Service: E100B
    .
    Class GUID:
    Description: Multimedia Video Controller
    Device ID: PCI\VEN_4444&DEV_0016&SUBSYS_813D104D&REV_01\4&2E98101C&0&50F0
    Manufacturer:
    Name: Multimedia Video Controller
    PNP Device ID: PCI\VEN_4444&DEV_0016&SUBSYS_813D104D&REV_01\4&2E98101C&0&50F0
    Service:
    .
    ==== System Restore Points ===================
    .
    RP1: 8/11/2011 1:34:27 PM - System Checkpoint
    RP2: 8/12/2011 10:16:54 PM - Removed ESET NOD32 Antivirus
    RP3: 8/12/2011 10:22:40 PM - Installed ESET NOD32 Antivirus
    RP4: 8/23/2011 6:36:27 PM - System Checkpoint
    RP5: 8/25/2011 4:38:56 PM - System Checkpoint
    RP6: 8/26/2011 9:32:51 PM - System Checkpoint
    RP7: 8/28/2011 12:17:21 AM - System Checkpoint
    RP8: 8/30/2011 8:01:25 PM - System Checkpoint
    RP9: 8/31/2011 9:38:26 PM - System Checkpoint
    RP10: 9/3/2011 3:36:23 PM - System Checkpoint
    RP11: 9/4/2011 4:10:52 PM - System Checkpoint
    RP12: 9/5/2011 10:08:55 PM - System Checkpoint
    RP13: 9/6/2011 11:56:49 PM - System Checkpoint
    RP14: 9/8/2011 12:02:56 AM - System Checkpoint
    RP15: 9/11/2011 6:49:34 PM - System Checkpoint
    RP16: 9/16/2011 12:56:27 AM - System Checkpoint
    RP17: 9/19/2011 5:37:44 PM - System Checkpoint
    RP18: 9/21/2011 9:17:04 PM - System Checkpoint
    RP19: 9/23/2011 3:25:46 AM - System Checkpoint
    RP20: 9/29/2011 7:56:18 PM - System Checkpoint
    RP21: 10/5/2011 9:53:27 PM - System Checkpoint
    RP22: 10/7/2011 9:37:05 PM - System Checkpoint
    RP23: 10/9/2011 2:03:22 AM - System Checkpoint
    RP24: 10/19/2011 4:52:57 PM - System Checkpoint
    RP25: 10/25/2011 5:15:18 PM - System Checkpoint
    RP26: 10/26/2011 6:19:16 AM - Removed ESET NOD32 Antivirus
    RP27: 10/27/2011 8:19:34 PM - Installed ESET NOD32 Antivirus
    RP28: 10/29/2011 9:50:46 AM - Removed Apple Application Support
    RP29: 10/29/2011 9:51:59 AM - Removed Apple Mobile Device Support
    RP30: 10/29/2011 9:53:35 AM - Removed Apple Software Update
    RP31: 10/30/2011 7:59:09 PM - System Checkpoint
    RP32: 10/31/2011 11:54:48 PM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    AAC Decoder
    Adobe Anchor Service CS3
    Adobe Asset Services CS3
    Adobe Bridge CS3
    Adobe Bridge Start Meeting
    Adobe Camera Raw 4.0
    Adobe CMaps
    Adobe Color - Photoshop Specific
    Adobe Color Common Settings
    Adobe Color EU Extra Settings
    Adobe Color JA Extra Settings
    Adobe Color NA Recommended Settings
    Adobe Default Language CS3
    Adobe Device Central CS3
    Adobe ExtendScript Toolkit 2
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Fonts All
    Adobe Help Viewer CS3
    Adobe Linguistics CS3
    Adobe PDF Library Files
    Adobe Photoshop CS3
    Adobe Reader 9.4.6
    Adobe Setup
    Adobe Shockwave Player 11.5
    Adobe Stock Photos CS3
    Adobe Type Support
    Adobe Update Manager CS3
    Adobe Version Cue CS3 Client
    Adobe WinSoft Linguistics Plugin
    Adobe XMP Panels CS3
    Agere Systems AC'97 Modem
    AOL Instant Messenger
    AutoUpdate
    BitLord 1.1
    CamStudio
    Compatibility Pack for the 2007 Office system
    Diner Dash
    DivX Codec
    DivX Converter
    DivX Player
    DivX Plus DirectShow Filters
    DivX Plus Web Player
    DivX Version Checker
    ESET NOD32 Antivirus
    Free Mp3 Wma Converter V 1.8.0
    Google Earth
    Google Update Helper
    Google Updater
    H.264 Decoder
    Heavy Weapon Deluxe 1.0
    HijackThis 2.0.2
    Hotfix for Windows XP (KB926239)
    Hotfix for Windows XP (KB952287)
    ImagXpress
    Intel(R) PRO Network Adapters and Drivers
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 20
    Java(TM) 6 Update 3
    Java(TM) 6 Update 5
    Java(TM) 6 Update 7
    K-Lite Codec Pack 5.2.0 (Full)
    LimeWire PRO 5.4.6
    Logitech ImageStudio
    Logitech Pocket Digital
    Logitech® Camera Driver
    Magic ISO Maker v5.4 (build 0251)
    Magic M4A to MP3 Converter 3.1
    Malwarebytes' Anti-Malware version 1.51.2.1300
    Microsoft .NET Framework 2.0
    Microsoft .NET Framework 3.0
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Office 2000 Premium
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    MKV Splitter
    Mozilla Firefox (3.6.23)
    MSN
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 6.0 Parser (KB925673)
    MVision
    NavNet
    neroxml
    NETGEAR WG111v3 wireless USB 2.0 adapter
    NVIDIA Drivers
    NVIDIA Windows 2000/XP Display Drivers
    OpenMG Limited Patch 4.7-07-14-05-01
    OpenMG Secure Module 4.7.00
    PDF Settings
    Project64 1.6
    QuickTime
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB890046)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB904706)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB917953)
    Security Update for Windows XP (KB918118)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB921503)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB924667)
    Security Update for Windows XP (KB925902)
    Security Update for Windows XP (KB926255)
    Security Update for Windows XP (KB926436)
    Security Update for Windows XP (KB927779)
    Security Update for Windows XP (KB927802)
    Security Update for Windows XP (KB928255)
    Security Update for Windows XP (KB928843)
    Security Update for Windows XP (KB929123)
    Security Update for Windows XP (KB930178)
    Security Update for Windows XP (KB931261)
    Security Update for Windows XP (KB931784)
    Security Update for Windows XP (KB932168)
    Security Update for Windows XP (KB933729)
    Security Update for Windows XP (KB935839)
    Security Update for Windows XP (KB935840)
    Security Update for Windows XP (KB936021)
    Security Update for Windows XP (KB937143)
    Security Update for Windows XP (KB937894)
    Security Update for Windows XP (KB938127)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB938829)
    Security Update for Windows XP (KB939653)
    Security Update for Windows XP (KB941202)
    Security Update for Windows XP (KB941568)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB941644)
    Security Update for Windows XP (KB941693)
    Security Update for Windows XP (KB942615)
    Security Update for Windows XP (KB943055)
    Security Update for Windows XP (KB943460)
    Security Update for Windows XP (KB943485)
    Security Update for Windows XP (KB944533)
    Security Update for Windows XP (KB944653)
    Security Update for Windows XP (KB946026)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB947864)
    Security Update for Windows XP (KB948590)
    Security Update for Windows XP (KB948881)
    Security Update for Windows XP (KB950749)
    Security Update for Windows XP (KB950759)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958215)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB960714)
    Security Update for Windows XP (KB960715)
    Segoe UI
    SonicStage 4.3
    Spybot - Search & Destroy
    SpywareBlaster 4.2
    System Requirements Lab
    TrackMania Nations ESWC 0.1.7.5
    Update for Windows XP (KB894391)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB908531)
    Update for Windows XP (KB910437)
    Update for Windows XP (KB911280)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    Update for Windows XP (KB927891)
    Update for Windows XP (KB930916)
    Update for Windows XP (KB933360)
    Update for Windows XP (KB936357)
    Update for Windows XP (KB938828)
    Update for Windows XP (KB942763)
    Update for Windows XP (KB942840)
    Update for Windows XP (KB946627)
    Update for Windows XP (KB955839)
    VAIO Update 3
    VC80CRTRedist - 8.0.50727.4053
    VideoLAN VLC media player 0.8.6c
    Viewpoint Media Player
    VSO CopyToDVD 4
    WebFldrs XP
    Windows Communication Foundation
    Windows Driver Package - NVIDIA (nv) Display (03/11/2004 4.6.6.3)
    Windows Genuine Advantage Notifications (KB905474)
    Windows Imaging Component
    Windows Installer 3.1 (KB893803)
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Messenger
    Windows Live Sign-in Assistant
    Windows Live Upload Tool
    Windows Media Format 11 runtime
    Windows Media Player 10
    Windows Presentation Foundation
    Windows Workflow Foundation
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB891781
    WinRAR archiver
    WinXP Manager
    World of Tanks v.0.6.3.11
    XML Paper Specification Shared Components Pack 1.0
    Yahoo! Install Manager
    Yahoo! Internet Mail
    Yahoo! Messenger
    Yahoo! Software Update
    Yahoo! Toolbar
    .
    ==== Event Viewer Messages From Past Week ========
    .
    11/1/2011 1:53:04 PM, error: Dhcp [1002] - The IP address lease 192.168.1.101 for the Network Card with network address 00223FDC462B has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
    10/31/2011 11:15:50 PM, error: Service Control Manager [7038] - The SSDPSRV service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: Access is denied. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
    10/31/2011 11:15:50 PM, error: Service Control Manager [7000] - The SSDP Discovery Service service failed to start due to the following error: The service did not start due to a logon failure.
    10/29/2011 9:53:43 AM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: This operation returned because the timeout period expired.
    10/29/2011 9:48:52 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Beep
    10/27/2011 6:29:07 PM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00223FDC462B. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
    .
    ==== End Of File ===========================
     
  2. buda18

    buda18 Thread Starter

    Joined:
    Jan 20, 2004
    Messages:
    130
    friendly bump :)
     
  3. buda18

    buda18 Thread Starter

    Joined:
    Jan 20, 2004
    Messages:
    130
    another friendly bump
     
  4. buda18

    buda18 Thread Starter

    Joined:
    Jan 20, 2004
    Messages:
    130
    and another friendly bump
     
  5. buda18

    buda18 Thread Starter

    Joined:
    Jan 20, 2004
    Messages:
    130
    one more bump
     
  6. buda18

    buda18 Thread Starter

    Joined:
    Jan 20, 2004
    Messages:
    130
    back up for some help
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1025035

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice