Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91987 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

[Closed]I am new and need a advice on weather i have a virus


  • This topic is locked This topic is locked
53 replies to this topic

#16 CatByte

CatByte

    Classroom Administrator

  • Classroom Admin
  • 21,060 posts
  • MVP

Posted 21 October 2009 - 06:19 PM

Sure, no problem

To Enter Safemode
  • Go to Start> Shut off your Computer> Restart
  • As the computer starts to boot-up, Tap the F8 KEY repeatedly,
  • this will bring up a menu.
  • Use the Up and Down Arrow Keys to scroll up to Safemode
  • Then press the Enter Key on your Keyboard
  • go into your usual account

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015

    Advertisements

Register to Remove


#17 reynolds.ma

reynolds.ma

    Authentic Member

  • Authentic Member
  • PipPip
  • 30 posts

Posted 21 October 2009 - 06:53 PM

Gmer is scanning now....

#18 reynolds.ma

reynolds.ma

    Authentic Member

  • Authentic Member
  • PipPip
  • 30 posts

Posted 21 October 2009 - 08:31 PM

Ok here are the Gmer results:

GMER 1.0.15.15163 - http://www.gmer.net
Rootkit scan 2009-10-21 22:23:31
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\MELISS~2\LOCALS~1\Temp\aftcipob.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Cdfs \Cdfs F6BD0400

---- EOF - GMER 1.0.15 ----

#19 CatByte

CatByte

    Classroom Administrator

  • Classroom Admin
  • 21,060 posts
  • MVP

Posted 21 October 2009 - 08:47 PM

Hi,

Please do the following:

Please download Malwarebytes' Anti-Malware
  • Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected. <-- very important
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



NEXT

Run an on-line scan with Kaspersky

Using Internet Explorer or Firefox, visit Kaspersky On-line Scanner

1. Click Accept, when prompted to download and install the program files and database of malware definitions.
2. To optimize scanning time and produce a more sensible report for review:
  • Close any open programs
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
3. Click Run at the Security prompt.
The program will then begin downloading and installing and will also update the database.
Please be patient as this can take several minutes.
  • Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
  • Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
  • Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
  • Click View scan report at the bottom.

    Posted Image
  • Click the Save as Text button to save the file to your desktop so that you may post it in your next reply


In your next reply please include
  • MBAM Log
  • Kaspersky report

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015


#20 reynolds.ma

reynolds.ma

    Authentic Member

  • Authentic Member
  • PipPip
  • 30 posts

Posted 21 October 2009 - 09:50 PM

Having troulble with Kaspersky. After it initailly downloaded it seemed to freeze. It did n't prompt me to do anything and the "Scan" bar was not green and did not allow me click on "my computer" So i hit F5, and it just said "attention, Kaspersky is already installed" and does nothing else, not allowing me to scan yet. Am i missing a prompt? I was waiting to turn my Norton 360 off untill i was able to scan so that i don't get a virus in the meantime, should i have it off while downloading?

#21 CatByte

CatByte

    Classroom Administrator

  • Classroom Admin
  • 21,060 posts
  • MVP

Posted 22 October 2009 - 03:04 AM

Kaspersly can be a little finicky,

try this scan instead:

Go here to run an online scanner from ESET.

  • Note: You will need to use Internet explorer for this scan
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activeX control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • Use notepad to open the logfile located at C:\Program Files\Eset\Eset Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic and also let me know how things are now.

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015


#22 reynolds.ma

reynolds.ma

    Authentic Member

  • Authentic Member
  • PipPip
  • 30 posts

Posted 23 October 2009 - 07:19 AM

Malwarebytes log: Malwarebytes' Anti-Malware 1.41 Database version: 3009 Windows 5.1.2600 Service Pack 3 10/21/2009 11:10:51 PM mbam-log-2009-10-21 (23-10-51).txt Scan type: Quick Scan Objects scanned: 125231 Time elapsed: 7 minute(s), 54 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ESET log: ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6210 # api_version=3.0.2 # EOSSerial=04a264245755c54c999e25952498e2af # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2009-10-23 12:40:16 # local_time=2009-10-23 08:40:16 (-0500, Eastern Daylight Time) # country="United States" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=512 16777215 100 0 0 0 0 0 # compatibility_mode=7425 16777213 50 77 0 46929502 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=135587 # found=1 # cleaned=0 # scan_time=6988 C:\WINDOWS\Downloaded Program Files\vzbb.dll Win32/Adware.MegaSearch application 00000000000000000000000000000000 I

#23 CatByte

CatByte

    Classroom Administrator

  • Classroom Admin
  • 21,060 posts
  • MVP

Posted 23 October 2009 - 07:23 AM

Hi,

Please do the following:

Go Start > Run and copy/paste the following single-line command into the Run box and click OK:

cmd /c del /f/a/q "C:\WINDOWS\Downloaded Program Files\vzbb.dll"



NEXT

Please post a fresh DDS and Attach.txt and advise how your computer is running now and if there are any outstanding issues.

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015


#24 reynolds.ma

reynolds.ma

    Authentic Member

  • Authentic Member
  • PipPip
  • 30 posts

Posted 23 October 2009 - 09:11 AM

DDS (Ver_09-10-13.01) - NTFSx86 Run by Melissa Reynolds at 11:04:22.29 on Fri 10/23/2009 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.959.209 [GMT -4:00] AV: Norton 360 *On-access scanning disabled* (Updated) {A5F1BC7C-EA33-4247-961C-0217208396C4} FW: Norton 360 *enabled* {371C0A40-5A0C-4AD2-A6E5-69C02037FBF3} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\iolo\common\lib\ioloServiceManager.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe svchost.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe C:\Program Files\Snapfish Picture Mover\SnapfishPictureMover.exe C:\Program Files\Verizon Wireless\V CAST Music Manager\MEMonitor.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Melissa Reynolds\Desktop\dds.com ============== Pseudo HJT Report =============== uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8 uSearch Page = hxxp://www.google.com uWindow Title = Windows Internet Explorer provided by Yahoo! uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8 uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=pavilion&pf=laptop uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uURLSearchHooks: SearchSettings Class: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\search settings\kb127\SearchSettings.dll BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File BHO: SpywareGuardDLBLOCK.CBrowserHelper: {4a368e80-174f-4872-96b5-0b27ddd11db2} - c:\program files\spywareguard\dlprotect.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: NCO 2.0 IE BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\common files\symantec shared\coshared\browser\2.6\coIEPlg.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Tunebite_WebRipPlugin Class: {aa102584-3b97-47e7-b9bc-75d54c110a7d} - c:\program files\rapidsolution\tunebite\plugins\ie\TB_WebRipIePlugin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll BHO: SearchSettings Class: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\search settings\kb127\SearchSettings.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\common files\symantec shared\coshared\browser\2.6\CoIEPlg.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File TB: {5BED3930-2E9E-76D8-BACC-80DF2188D455} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [AnyDVD] c:\program files\slysoft\anydvd\AnyDVDtray.exe uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe mRun: [ehTray] c:\windows\ehome\ehtray.exe mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /installquiet /nodetect mRun: [MsmqIntCert] regsvr32 /s mqrt.dll mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe" mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [RecGuard] c:\windows\sminst\RecGuard.exe mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" mRun: [osCheck] "c:\program files\norton 360\osCheck.exe" mRun: [VirtualCloneDrive] "c:\program files\elaborate bytes\virtualclonedrive\VCDDaemon.exe" /s mRun: [CloneCDTray] "c:\program files\slysoft\clonecd\CloneCDTray.exe" /s mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRunOnce: [Uninstall Adobe Download Manager] "c:\windows\system32\rundll32.exe" "c:\program files\nos\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp StartupFolder: c:\docume~1\meliss~2\startm~1\programs\startup\memoni~1.lnk - c:\program files\verizon wireless\v cast music manager\MEMonitor.exe StartupFolder: c:\docume~1\meliss~2\startm~1\programs\startup\spywar~1.lnk - c:\program files\spywareguard\sgmain.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autoca~1.lnk - c:\program files\common files\autodesk shared\acstart16.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\google~1.lnk - c:\program files\google\google calendar sync\GoogleCalendarSync.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\snapfi~1.lnk - c:\program files\snapfish picture mover\SnapfishPictureMover.exe IE: &Search - ?p=ZKxdm173YYUS IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: SpywareGuard.Handler: {81559c35-8464-49f7-bb0e-07a383bef910} - c:\program files\spywareguard\spywareguard.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\meliss~2\applic~1\mozilla\firefox\profiles\vp3h7nyq.default\ FF - component: c:\program files\mozilla firefox\components\coFFPlgn.dll FF - plugin: c:\documents and settings\melissa reynolds\application data\move networks\plugins\npqmp071505000010.dll FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} ============= SERVICES / DRIVERS =============== R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-10-18 54752] R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2009-10-21 615344] R2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2009-10-21 615344] R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-2-18 149352] R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-10-23 102448] R3 wsvad_driver;WS Audio Device;c:\windows\system32\drivers\VirtualAudio.sys [2009-4-11 16896] S3 5U870CAP_VID_1262&PID_25FD;HP Pavilion Webcam ;c:\windows\system32\drivers\5U870CAP.sys [2006-6-6 61952] S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-1-12 23888] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864] S3 MovRVDrv32;MovRVDrv32;c:\windows\system32\drivers\MovRVDrv32.sys [2009-4-11 3768] ============== File Associations =============== JSEFile=NOTEPAD.EXE %1 VBEFile=NOTEPAD.EXE %1 VBSFile=NOTEPAD.EXE %1 =============== Created Last 30 ================ 2009-10-22 23:51 <DIR> --d----- c:\program files\ESET 2009-10-21 13:19 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf 2009-10-21 13:19 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2009-10-21 13:18 7,808 a------- c:\windows\system32\drivers\eabfiltr.sys 2009-10-21 13:17 1,419,232 a------- c:\windows\system32\wdfcoinstaller01005.dll 2009-10-21 13:17 16,768 a------- c:\windows\system32\drivers\HpqKbFiltr.sys 2009-10-21 10:27 406 a------- c:\windows\system32\ioloBootDefrag.cfg 2009-10-21 10:26 2,116,008 a------- c:\windows\system32\Incinerator.dll 2009-10-21 10:26 93,096 a------- c:\windows\system32\IncContxMenu.dll 2009-10-21 10:26 9,341 a------- c:\windows\system32\drivers\filedisk.sys 2009-10-21 10:26 30,208 a------- c:\windows\system32\iolobtdfg.exe 2009-10-21 10:26 12,288 a------- c:\windows\system32\smrgdf.exe 2009-10-21 10:26 <DIR> --d----- c:\program files\iolo 2009-10-21 10:24 74,703 a------- c:\windows\system32\mfc45.dll 2009-10-21 10:17 <DIR> --d----- c:\docume~1\meliss~2\applic~1\iolo 2009-10-21 10:17 <DIR> --d----- c:\docume~1\alluse~1\applic~1\iolo 2009-10-18 22:15 <DIR> --d----- c:\program files\SpywareGuard 2009-10-18 09:17 <DIR> --d----- c:\documents and settings\melissa reynolds\Tracing 2009-10-18 09:12 <DIR> --d----- c:\program files\Microsoft Office Outlook Connector 2009-10-18 09:11 54,752 a------- c:\windows\system32\drivers\fssfltr_tdi.sys 2009-10-18 09:09 3,426,072 a------- c:\windows\system32\d3dx9_32.dll 2009-10-18 09:09 <DIR> --d----- c:\program files\Microsoft SQL Server Compact Edition 2009-10-18 09:04 <DIR> --d----- c:\program files\Microsoft 2009-10-18 09:04 <DIR> --d----- c:\program files\Windows Live SkyDrive 2009-10-17 10:36 <DIR> --d----- c:\program files\Trend Micro 2009-10-13 19:59 2,146,304 a------- c:\windows\system32\GPhotos.scr 2009-10-11 20:43 <DIR> --d----- c:\windows\MACROMED 2009-10-11 20:43 <DIR> --d----- c:\windows\A3W_DATA 2009-10-01 23:29 737,280 a------- c:\windows\iun6002.exe 2009-10-01 23:29 <DIR> --d----- c:\program files\CQA Electronic Exam 3.05 2009-10-01 23:25 <DIR> --d----- C:\CQA98 2009-10-01 23:24 248,064 a------- c:\windows\UNINST16.EXE 2009-10-01 23:24 26,768 a------- c:\windows\system\CTL3D.DLL 2009-09-29 19:21 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-09-24 18:59 104,512 a------- c:\windows\system32\drivers\AnyDVD.sys ==================== Find3M ==================== 2009-10-15 14:50 174,781 a------- c:\windows\fonts\Kingthings Christmas.mtt.bin 2009-09-11 13:08 24,744 -------- c:\windows\system32\drivers\ElbyCDIO.sys 2009-09-11 10:18 136,192 a------- c:\windows\system32\msv1_0.dll 2009-09-11 10:18 136,192 -------- c:\windows\system32\dllcache\msv1_0.dll 2009-09-10 14:54 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-10 14:53 19,160 a------- c:\windows\system32\drivers\mbam.sys 2009-09-04 17:03 58,880 a------- c:\windows\system32\msasn1.dll 2009-09-04 17:03 58,880 -------- c:\windows\system32\dllcache\msasn1.dll 2009-08-28 19:42 2,065,696 a------- c:\windows\system32\usbaaplrc.dll 2009-08-28 19:42 40,448 a------- c:\windows\system32\drivers\usbaapl.sys 2009-08-28 06:35 173,056 a------- c:\windows\system32\dllcache\ie4uinit.exe 2009-08-26 04:00 247,326 a------- c:\windows\system32\strmdll.dll 2009-08-26 04:00 247,326 -------- c:\windows\system32\dllcache\strmdll.dll 2009-08-23 17:00 922,112 -------- c:\windows\system32\imapi2fs.dll 2009-08-23 17:00 922,112 -------- c:\windows\system32\dllcache\imapi2fs.dll 2009-08-23 17:00 426,496 -------- c:\windows\system32\imapi2.dll 2009-08-23 17:00 426,496 -------- c:\windows\system32\dllcache\imapi2.dll 2009-08-23 17:00 62,592 -------- c:\windows\system32\dllcache\cdrom.sys 2009-08-17 23:33 1,193,832 a------- c:\windows\system32\FM20.DLL 2009-08-06 19:24 327,896 a------- c:\windows\system32\dllcache\wucltui.dll 2009-08-06 19:24 209,632 a------- c:\windows\system32\dllcache\wuweb.dll 2009-08-06 19:24 35,552 a------- c:\windows\system32\dllcache\wups.dll 2009-08-06 19:24 53,472 a------- c:\windows\system32\dllcache\wuauclt.exe 2009-08-06 19:24 96,480 a------- c:\windows\system32\dllcache\cdm.dll 2009-08-06 19:23 575,704 a------- c:\windows\system32\dllcache\wuapi.dll 2009-08-06 19:23 1,929,952 a------- c:\windows\system32\dllcache\wuaueng.dll 2009-08-06 19:23 274,288 a------- c:\windows\system32\mucltui.dll 2009-08-06 19:23 215,920 a------- c:\windows\system32\muweb.dll 2009-08-05 05:01 204,800 a------- c:\windows\system32\mswebdvd.dll 2009-08-05 05:01 204,800 -------- c:\windows\system32\dllcache\mswebdvd.dll 2009-08-04 20:44 2,189,184 -------- c:\windows\system32\dllcache\ntoskrnl.exe 2009-08-04 11:13 2,145,280 a------- c:\windows\system32\ntoskrnl.exe 2009-08-04 11:13 2,145,280 -------- c:\windows\system32\dllcache\ntkrnlmp.exe 2009-08-04 10:20 2,023,936 a------- c:\windows\system32\ntkrnlpa.exe 2009-08-04 10:20 2,023,936 -------- c:\windows\system32\dllcache\ntkrpamp.exe 2009-08-04 10:20 2,066,048 -------- c:\windows\system32\dllcache\ntkrnlpa.exe 2009-07-26 16:44 48,448 a------- c:\windows\system32\sirenacm.dll 2008-02-29 21:32 1,504,768 ac-sh--- c:\program files\ehthumbs.db 2008-02-08 00:07 6,544 ac------ c:\docume~1\alluse~1\applic~1\ypinfo.bin 2006-12-26 18:45 22 ac-sh--- c:\windows\sminst\HPCD.sys 2008-05-08 07:05 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008042120080428\index.dat 2008-05-08 07:05 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008050820080509\index.dat ============= FINISH: 11:05:24.28 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-10-13.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 4/24/2008 2:44:21 AM System Uptime: 10/23/2009 10:54:43 AM (1 hours ago) Motherboard: Quanta | | 30B7 Processor: AMD Turion™ 64 X2 Mobile Technology TL-50 | Socket S1 | 1607/200mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 81 GiB total, 25.864 GiB free. D: is FIXED (FAT32) - 12 GiB total, 1.037 GiB free. E: is CDROM () ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP461: 10/16/2009 8:11:09 AM - October 2009 RP462: 10/16/2009 9:37:58 AM - October 2009 RP463: 10/17/2009 11:59:28 AM - System Checkpoint RP464: 10/18/2009 9:08:41 AM - Installed Windows XP KB954708. RP465: 10/18/2009 9:09:34 AM - Installed DirectX RP466: 10/18/2009 12:13:44 PM - Software Distribution Service 3.0 RP467: 10/18/2009 10:05:25 PM - Removed Adobe Reader 7.1.0 RP468: 10/18/2009 10:07:11 PM - Installed Adobe Reader 9.2. RP469: 10/19/2009 7:43:13 AM - Software Distribution Service 3.0 RP470: 10/19/2009 8:02:14 AM - Norton 360 Registry Clean RP471: 10/20/2009 11:23:44 AM - System Checkpoint RP472: 10/20/2009 12:18:27 PM - Removed Adobe Reader 9.2. RP473: 10/21/2009 1:06:03 PM - System Checkpoint RP474: 10/21/2009 1:17:50 PM - Installed HP Quick Launch Buttons RP475: 10/21/2009 1:19:18 PM - Installed Windows XP Wdf01005. RP476: 10/21/2009 1:34:59 PM - Removed HP Quick Launch Buttons ==== Installed Programs ====================== Acrobat.com Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin AiO_Scan AnyDVD AppCore Apple Application Support Apple Mobile Device Support Apple Software Update Autodesk Architectural Desktop 2006 Autodesk DWF Viewer AXCAD Backup Bonjour BufferChm Canon MP160 ccCommon CCScore CloneCD CloneDVD2 CloneDVDmobile Conexant HD Audio Coupon Printer for Windows CP_AtenaShokunin1Config CP_CalendarTemplates1 cp_LightScribeConfig cp_OnlineProjectsConfig CP_Package_Basic1 CP_Package_Variety1 CP_Package_Variety2 CP_Package_Variety3 CP_Panorama1Config cp_PosterPrintConfig cp_UpdateProjectsConfig CQA Electronic Exam 3.05 Critical Update for Windows Media Player 11 (KB959772) CueTour Customer Experience Enhancement Destinations DeviceManagementQFolder ESET Online Scanner v3 ESSCDBK ESScore ESSgui ESSini ESSPCD ESSSONIC ESSTOOLS essvatgt FullDPAppQFolder Garmin WebUpdater GearDrvs Google Calendar Sync Google Earth Google Updater HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 10 (KB903157) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB954708) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) HP Driver Diagnostics HP Help and Support HP Imaging Device Functions 6.0 HP Photosmart Premier Software 6.0 HP PSC & OfficeJet 4.7 HP QuickPlay 2.3 HP Update HP User Guides 0031 HP Wireless Assistant 2.00 G2 HpSdpAppCoreApp InstantShareDevices iolo technologies' System Mechanic Professional iTunes J2SE Runtime Environment 5.0 Update 6 Jasc Animation Shop 3 Jasc Animation Shop 3 20041030_07 Help file Patch Jasc Paint Shop Pro 9 Jasc Paint Shop Pro 9 GDI+ Patch Jasc Paint Shop Pro 9.01 - (9.0.1.1) Java™ 6 Update 13 Java™ 6 Update 7 Junk Mail filter update kgcbaby kgcbase kgchday kgchlwn kgcinvt kgckids kgcmove kgcvday Kodak EasyShare software KSU LG USB Modem driver LightScribe 1.4.97.1 LiveUpdate (Symantec Corporation) LiveUpdate 2.7 (Symantec Corporation) Macromedia Flash Player 8 Macromedia Shockwave Player Malwarebytes' Anti-Malware Microsoft .NET Framework 1.0 Hotfix (KB953295) Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB953297) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Microsoft Money 2006 Microsoft National Language Support Downlevel APIs Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft Software Update for Web Folders (English) 12 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Move Media Player Mozilla Firefox (3.5.3) MSVCRT MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) netbrdg NetWaiting Norton 360 Norton 360 (Symantec Corporation) Norton 360 HTMLHelp Norton Confidential Core Notifier NVIDIA Drivers Office 2003 Trial Assistant OfotoXMI OptionalContentQFolder PCDADDIN PCDHELP PhotoGallery Picasa 3 QuickTime RandMap Safari Scan Search Settings 1.2 Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB969679) Security Update for Microsoft Office Excel 2007 (KB969682) Security Update for Microsoft Office Outlook 2007 (KB972363) Security Update for Microsoft Office PowerPoint 2007 (KB957789) Security Update for Microsoft Office Publisher 2007 (KB969693) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB969613) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB969604) Security Update for Step By Step Interactive Training (KB923723) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 8 (KB969897) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB972260) Security Update for Windows Internet Explorer 8 (KB974455) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player 10 (KB911565) Security Update for Windows Media Player 10 (KB936782) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Segoe UI SFR SHASTA SKIN0001 SkinsHP1 SKINXSDK Soft Data Fax Modem with SmartCP Sonic Audio Module Sonic Copy Module Sonic Data Module Sonic Express Labeler Sonic MyDVD Plus Sonic Update Manager Sonic_PrimoSDK SonicAC3Encoder SonicMPEGEncoder SPBBC 32bit Spybot - Search & Destroy SpywareGuard v2.2 staticcr Symantec Real Time Storage Protection Component Symantec Technical Support Controls SymNet Synaptics Pointing Device Driver tooltips TourSetup Trivial Pursuit Digital Choice v1.2.5 for Windows XP/Vista Tunebite Unload Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Outlook 2007 Junk Email Filter (KB974810) Update for Windows Internet Explorer 8 (KB968220) Update for Windows Media Player 10 (KB910393) Update for Windows Media Player 10 (KB913800) Update for Windows Media Player 10 (KB926251) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955839) Update for Windows XP (KB961503) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB973815) Update Rollup 2 for Windows XP Media Center Edition 2005 V CAST Music Manager VirtualCloneDrive Vongo VPRINTOL WebFldrs XP Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray Windows Genuine Advantage Validation Tool (KB892130) Windows Installer Clean Up Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Toolbar Windows Live Upload Tool Windows Live Writer Windows Media Connect Windows Media Format 11 runtime Windows Media Player 11 Windows XP Media Center Edition 2005 KB925766 Windows XP Media Center Edition 2005 KB973768 Windows XP Service Pack 3 WIRELESS Wireless Home Network Setup ==== Event Viewer Messages From Past Week ======== 10/23/2009 6:53:29 AM, error: Service Control Manager [7034] - The Symantec Lic NetConnect service service terminated unexpectedly. It has done this 1 time(s). 10/23/2009 6:53:29 AM, error: Service Control Manager [7034] - The LiveUpdate Notice service terminated unexpectedly. It has done this 1 time(s). 10/23/2009 6:53:29 AM, error: Service Control Manager [7031] - The Symantec Settings Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. 10/23/2009 6:53:29 AM, error: Service Control Manager [7031] - The Symantec Event Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 200 milliseconds: Restart the service. 10/22/2009 7:37:27 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service. 10/21/2009 8:31:02 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK8 eeCtrl ElbyCDIO FileDisk Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SPBBCDrv SRTSPX SYMTDI Tcpip 10/21/2009 8:31:02 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning. 10/21/2009 8:31:02 PM, error: Service Control Manager [7001] - The Message Queuing Triggers service depends on the Message Queuing service which failed to start because of the following error: The dependency service or group failed to start. 10/21/2009 8:31:02 PM, error: Service Control Manager [7001] - The Message Queuing service depends on the Distributed Transaction Coordinator service which failed to start because of the following error: The dependency service or group failed to start. 10/21/2009 8:31:02 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning. 10/21/2009 8:31:02 PM, error: Service Control Manager [7001] - The fssfltr service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning. 10/21/2009 8:31:02 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning. 10/21/2009 8:31:02 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning. 10/21/2009 8:31:02 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning. 10/21/2009 8:31:02 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning. 10/21/2009 8:30:00 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E} 10/21/2009 8:29:51 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 10/21/2009 8:04:56 PM, error: System Error [1003] - Error code 10000050, parameter1 8958a000, parameter2 00000000, parameter3 b47d49df, parameter4 00000000. 10/21/2009 10:23:25 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} 10/21/2009 1:18:11 PM, error: HBtnKey [4] - 10/16/2009 8:30:27 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service ntmssvc with arguments "-Service" in order to run the server: {D61A27C6-8F53-11D0-BFA0-00A024151983} ==== End Of File =========================== I still have an issue, when i restart or shut down and start, I get an RUNDLL error message immediatly: C:\program Files\NOS\bin\get_Plus\Helper.dll

#25 CatByte

CatByte

    Classroom Administrator

  • Classroom Admin
  • 21,060 posts
  • MVP

Posted 23 October 2009 - 05:29 PM

Hi,

The message is from the Adobe get Plus download Manager.

Disable it in FireFox

To disable the process in Firefox, go to Tools, Add-ons and switch to the Plugins tab. Scroll down to the GetPlus for Adobe 15229 (may vary) and hit the Disable button.

Then go to Start > Control Panel > Add/Remove Programs - a list of installed programs will populate.

Scroll down to the Get Plus Download Manager for Adobe and select REMOVE. (If it is there)

Reboot your computer > the alert should have disappeared.

Let me know if you were able to complete this. If not there is something elde I can try.


Meantime, do the following:

Visit ADOBEand download the latest version of Acrobat Reader (version 9.2)
Having the latest updates ensures there are no security vulnerabilities in your system.


NEXT


Please download JavaRa to your desktop and unzip it to its own folder.
  • Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions
  • Accept any prompts.
  • Open JavaRa.exe again and select Search For Updates.
  • Select Update Using Sun Java's Website then click Search and click on the Open Webpage button.
  • Scroll down to the Java SE Runtime Environment (JRE) option.
  • Download and install the latest Java Runtime Environment (JRE) version for your computer.(version 6, update 16)

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015

    Advertisements

Register to Remove


#26 reynolds.ma

reynolds.ma

    Authentic Member

  • Authentic Member
  • PipPip
  • 30 posts

Posted 23 October 2009 - 06:29 PM

in my "add or remove programs" I do not have anything listed as a GetPlus or Adobe Download, but I do have: Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.2 can i delete any of those?

#27 reynolds.ma

reynolds.ma

    Authentic Member

  • Authentic Member
  • PipPip
  • 30 posts

Posted 23 October 2009 - 06:42 PM

I did everything but remove any programs and i still get the error message

#28 CatByte

CatByte

    Classroom Administrator

  • Classroom Admin
  • 21,060 posts
  • MVP

Posted 23 October 2009 - 07:25 PM

Hi,

Please do the following:

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below.
  • They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Copy/paste the text inside the Codebox below into notepad:

Here's how to do that:
Click Start > Run type Notepad click OK.
This will open an empty notepad file:

Copy all the text inside of the code box - Press Ctrl+C (or right click on the highlighted section and choose 'copy')

Folder::
c:\program files\nos

DDS::
mRunOnce: [Uninstall Adobe Download Manager] "c:\windows\system32\rundll32.exe" "c:\program files\nos\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp

SkipFix::

Now paste the copied text into the open notepad - press CTRL+V (or right click and choose 'paste')

Save this file to your desktop, Save this as "CFScript"


Here's how to do that:

1.Click File;
2.Click Save As... Change the directory to your desktop;
3.Change the Save as type to "All Files";
4.Type in the file name: CFScript
5.Click Save ...

Posted Image
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you.
  • Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.



Leave the other programs installed

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015


#29 reynolds.ma

reynolds.ma

    Authentic Member

  • Authentic Member
  • PipPip
  • 30 posts

Posted 23 October 2009 - 07:56 PM

Ok, where do i download combofix from?

#30 CatByte

CatByte

    Classroom Administrator

  • Classroom Admin
  • 21,060 posts
  • MVP

Posted 23 October 2009 - 08:08 PM

My sincere apologies...I forgot I didn't use that tool...disregard that.

Please do this instead:


Please download OTM by OldTimer.
  • Save it to your desktop.
  • Please click OTM and then click >> run.
  • Copy the lines inside the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

:Processes
explorer.exe

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall Adobe Download Manager"=-

:Files
c:\program files\nos

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
  • Return to OTM, right click in the "Paste Instructions for items to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTM
Note: If an item cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users