Inactive Trojan Virus when trying to install printer drivers

[Inactive] Trojan Virus when trying to install printer drivers

Hey,

Everytime I try to install printer drivers, dr.web deletes some of the .dll files saying they are infected with trojan.click1.63825.

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7937

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

13/10/2011 11:53:12 AM
mbam-log-2011-10-13 (11-53-12).txt

Scan type: Full scan (C:\|)
Objects scanned: 301382
Time elapsed: 1 hour(s), 2 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-10-13 14:23:29
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 FUJITSU_MHW2160BH rev.0000001C
Running: gmer.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\uwkcrpob.sys


---- System - GMER 1.0.15 ----

SSDT dwprot.sys (Dr.Web Protection for Windows/Doctor Web, Ltd.) ZwAllocateVirtualMemory [0xF73352C4]
SSDT dwprot.sys (Dr.Web Protection for Windows/Doctor Web, Ltd.) ZwCreateThread [0xF73368F6]
SSDT dwprot.sys (Dr.Web Protection for Windows/Doctor Web, Ltd.) ZwFreeVirtualMemory [0xF7335550]
SSDT dwprot.sys (Dr.Web Protection for Windows/Doctor Web, Ltd.) ZwOpenSection [0xF73350E2]
SSDT dwprot.sys (Dr.Web Protection for Windows/Doctor Web, Ltd.) ZwQueueApcThread [0xF73369FE]
SSDT dwprot.sys (Dr.Web Protection for Windows/Doctor Web, Ltd.) ZwSetContextThread [0xF7336A4A]
SSDT dwprot.sys (Dr.Web Protection for Windows/Doctor Web, Ltd.) ZwSystemDebugControl [0xF7334FF8]
SSDT dwprot.sys (Dr.Web Protection for Windows/Doctor Web, Ltd.) ZwWriteVirtualMemory [0xF7335660]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe[544] USER32.dll!AlignRects 7E412A78 4 Bytes [F6, 0E, 3B, 00]
.text C:\WINDOWS\system32\SearchIndexer.exe[1616] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)
.text C:\Program Files\DrWeb\SpIDerAgent.exe[2320] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}
.text C:\Program Files\DrWeb\SpIDerAgent.exe[2320] USER32.dll!AlignRects 7E412A78 4 Bytes [F6, 0E, 36, 00]
.text C:\Program Files\DrWeb\spiderml.exe[2736] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes JMP 004537B0 C:\Program Files\DrWeb\spiderml.exe (SpIDer Mail ® for Windows Workstation /Doctor Web, Ltd.)
.text C:\Program Files\DrWeb\spiderml.exe[2736] USER32.dll!AlignRects 7E412A78 4 Bytes [F6, 0E, 3A, 00]
.text C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe[2748] USER32.dll!AlignRects 7E412A78 4 Bytes [F6, 0E, 3B, 00]

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs spiderg3.sys (Dr.Web File System Monitor/Doctor Web, Ltd.)
AttachedDevice \Driver\Tcpip \Device\Ip dwprot.sys (Dr.Web Protection for Windows/Doctor Web, Ltd.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp dwprot.sys (Dr.Web Protection for Windows/Doctor Web, Ltd.)
AttachedDevice \Driver\Tcpip \Device\Udp dwprot.sys (Dr.Web Protection for Windows/Doctor Web, Ltd.)
AttachedDevice \Driver\Tcpip \Device\RawIp dwprot.sys (Dr.Web Protection for Windows/Doctor Web, Ltd.)

---- EOF - GMER 1.0.15 ----

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-10-13 14:24:49
-----------------------------
14:24:49.921 OS Version: Windows 5.1.2600 Service Pack 3
14:24:49.921 Number of processors: 2 586 0xE0C
14:24:49.921 ComputerName: SEANIX-7AF8ED0C UserName: Owner
14:24:51.343 Initialize success
14:35:46.781 AVAST engine defs: 11101301
14:36:40.500 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
14:36:40.500 Disk 0 Vendor: FUJITSU_MHW2160BH 0000001C Size: 152627MB BusType: 3
14:36:42.609 Disk 0 MBR read successfully
14:36:42.609 Disk 0 MBR scan
14:36:42.718 Disk 0 Windows VISTA default MBR code
14:36:42.750 Disk 0 scanning sectors +312578048
14:36:43.281 Disk 0 scanning C:\WINDOWS\system32\drivers
14:38:07.312 Service scanning
14:38:08.937 Modules scanning
14:39:14.515 Disk 0 trace - called modules:
14:39:14.593 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
14:39:14.593 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f0bab8]
14:39:14.593 3 CLASSPNP.SYS[f75b8fd7] -> nt!IofCallDriver -> \Device\0000006d[0x86f609e8]
14:39:14.593 5 ACPI.sys[f741f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86f60d98]
14:39:16.484 AVAST engine scan C:\WINDOWS
14:41:33.843 AVAST engine scan C:\WINDOWS\system32
14:53:06.296 AVAST engine scan C:\WINDOWS\system32\drivers
14:55:19.437 AVAST engine scan C:\Documents and Settings\Owner
15:07:41.218 AVAST engine scan C:\Documents and Settings\All Users
15:09:57.296 Scan finished successfully
15:11:59.234 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\Desktop\MBR.dat "
15:11:59.281 The log file has been saved successfully to "C:\Documents and Settings\Owner\Desktop\aswMBR101311.txt "

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 28/06/2007 1:41:33 PM
System Uptime: 13/10/2011 10:11:00 AM (5 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | Z84FM
Processor: Intel(R) Core(TM) Duo CPU T2450 @ 2.00GHz | Socket 478M | 1995/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 119.633 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E979-E325-11CE-BFC1-08002BE10318}
Description: Lexmark X6100 Series
Device ID: USBPRINT\LEXMARK_X6100_SERIES\7&2E9E2F78&0&USB001
Manufacturer:
Name: Lexmark X6100 Series
PNP Device ID: USBPRINT\LEXMARK_X6100_SERIES\7&2E9E2F78&0&USB001
Service:
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Bluetooth Personal Area Network
Device ID: BLUETOOTH\0004&0007\0000
Manufacturer: Toshiba
Name: Bluetooth Personal Area Network
PNP Device ID: BLUETOOTH\0004&0007\0000
Service: tosrfnds
.
==== System Restore Points ===================
.
RP1037: 14/07/2011 11:33:39 PM - System Checkpoint
RP1038: 16/07/2011 10:34:20 AM - System Checkpoint
RP1039: 18/07/2011 8:04:57 AM - System Checkpoint
RP1040: 11/08/2011 3:00:27 AM - Software Distribution Service 3.0
RP1041: 23/08/2011 6:55:54 AM - Software Distribution Service 3.0
RP1042: 25/08/2011 3:00:18 AM - Software Distribution Service 3.0
RP1043: 09/09/2011 10:42:12 AM - Software Distribution Service 3.0
RP1044: 15/09/2011 3:00:40 AM - Software Distribution Service 3.0
RP1045: 28/09/2011 4:19:43 PM - Software Distribution Service 3.0
RP1046: 06/10/2011 7:38:49 PM - Restore Operation
RP1047: 06/10/2011 7:49:11 PM - Restore my computer to October 3, 2011
RP1048: 06/10/2011 7:51:04 PM - Restore Operation
RP1049: 07/10/2011 2:40:08 PM - Removed Print to Fax
RP1050: 12/10/2011 10:32:12 AM - ComboFix created restore point
RP1051: 12/10/2011 2:28:20 PM - Printer Driver Lexmark X6100 Series Installed
RP1052: 12/10/2011 2:34:01 PM - Printer Driver Lexmark X6100 Series Installed
RP1053: 12/10/2011 2:37:24 PM - Printer Driver Lexmark X6100 Series Installed
RP1054: 12/10/2011 2:40:47 PM - Software Distribution Service 3.0
RP1055: 12/10/2011 3:26:48 PM - Unsigned printer driver Lexmark X6100 Series installed.
RP1056: 13/10/2011 10:14:14 AM - Unsigned printer driver Lexmark X6100 Series installed.
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Reader 9.4.6
American Greetings® Art & More Store
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATK0100 ACPI UTILITY
Bing Bar
Bluetooth Stack for Windows
Bonjour
BufferChm
Calendar Creator 4.0
CameraDrivers
CreativeProjects
CreativeProjectsTemplates
Critical Update for Windows Media Player 11 (KB959772)
CueTour
Destinations
Director
Dr.Web anti-virus for Windows 6.0 (x86)
DVD Suite
ESET Online Scanner v3
Generic ChkMail
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Hoyle Mahjong Tiles
HP Image Zone 4.5
HP Photosmart Cameras 4.5
HP Product Assistant
HP Update
HPSystemDiagnostics
InstantShare
InstantShareAlert
Intel(R) Graphics Media Accelerator Driver
Interactive User’s Guide
iTunes
Java Auto Updater
Java(TM) 6 Update 2
Java(TM) 6 Update 26
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
JMB36X Raid Configurer
Junk Mail filter update
LightScribe 1.4.124.1
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Malwarebytes' Anti-Malware version 1.51.2.1300
mCore
mDriver
MediaShow 3.0
mHelp
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Web Publishing Wizard 1.52
mIWA
mLogView
mMHouse
MobileMe Control Panel
Motorola SM56 Data Fax Modem
mPfMgr
mPfWiz
mProSafe
MSN
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
mWlsSafe
mXML
mZConfig
Nero 7 Essentials
OGA Notifier 2.0.0048.0
PanoStandAlone
PhotoGallery
PhotoNow! 1.0
Power4 Gear
PowerDirector
PowerDVD
PrintMaster 7.00
QFolder
QuickTime
Realtek High Definition Audio Driver
Safari
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
ShareIns
Shockwave
SkinsHP1
Special Internet Offers
Symantec KB-DocID:2003093015493306
Synaptics Pointing Device Driver
TestDrive Client
The Print Shop 20
The Print Shop Premium Fonts
TrayApp
Unload
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft Windows (KB971513)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Update for Windows Internet Explorer 8 (KB2362765)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
USB2.0 1.3M Web Cam
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Management Framework Core
Windows Media Connect
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
Wireless Console 2
.
==== Event Viewer Messages From Past Week ========
.
12/10/2011 2:45:43 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Search service to connect.
12/10/2011 2:45:43 PM, error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/10/2011 2:45:43 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service WSearch with arguments " " in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
12/10/2011 2:30:31 PM, error: Service Control Manager [7034] - The Windows Image Acquisition (WIA) service terminated unexpectedly. It has done this 1 time(s).
12/10/2011 10:33:22 AM, error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
12/10/2011 10:26:44 AM, error: EventLog [6004] - A driver packet received from the I/O subsystem was invalid. The data is the packet.
07/10/2011 2:39:56 PM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\windows\system32\wiafbdrv.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.0.
07/10/2011 11:19:56 AM, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 001B775F32BD has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
07/10/2011 1:35:20 PM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 4 time(s).
06/10/2011 7:46:39 PM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 3 time(s).
06/10/2011 7:43:37 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
06/10/2011 7:40:34 PM, error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
06/10/2011 7:38:33 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Intel(R) PROSet/Wireless Event Log service to connect.
06/10/2011 7:38:33 PM, error: Service Control Manager [7001] - The Intel(R) PROSet/Wireless Service service depends on the Intel(R) PROSet/Wireless Event Log service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
06/10/2011 7:38:33 PM, error: Service Control Manager [7000] - The Intel(R) PROSet/Wireless Event Log service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
06/10/2011 6:06:30 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
.
==== End Of File ===========================


.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Owner at 15:23:26.98 on 13/10/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.2.1033.18.1015.391 [GMT -5:00]
.
AV: Doctor Web Anti-Virus *Enabled/Updated* {3454C8F1-ECBC-4180-A6F4-04632FBA762B}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\Explorer.EXE
svchost.exe
svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
svchost.exe
C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\DrWeb\SpIDerAgent.exe
C:\Program Files\DrWeb\spiderml.exe
C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
\\WCSERVER\Documents\Service\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.portageonline.com/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll "
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll "
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: Groove Folder Synchronization: {2a541ae1-5bf6-4665-a8a3-cfa9672e4291} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [HControl] c:\windows\atk0100\HControl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Power_Gear] c:\program files\generic\power4 gear\BatteryLife.exe 1
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe "
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe "
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll "
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe "
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SpIDerAgent] "c:\program files\drweb\SpIDerAgent.exe "
mRun: [SpIDerMail] "c:\program files\drweb\spiderml.exe" -autorun
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe "
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe "
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe "
mRun: [Lexmark X6100 Series] "c:\program files\lexmark x6100 series\lxbfbmgr.exe "
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\eventr~1.lnk - c:\program files\mindscape\printmaster\PMREMIND.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
LSP: c:\program files\drweb\drwebsp.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1183135403812
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
============= SERVICES / DRIVERS ===============
.
R0 DwProt;DrWeb Protection;c:\windows\system32\drivers\dwprot.sys [2010-8-30 149272]
R0 SpiderG3;DrWeb file system scanner;c:\windows\system32\drivers\spiderg3.sys [2010-8-30 109560]
R1 SASDIFSV;SASDIFSV;c:\docume~1\owner\locals~1\temp\sas_selfextract\SASDIFSV.SYS [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\docume~1\owner\locals~1\temp\sas_selfextract\SASKUTIL.SYS [2010-5-10 67656]
R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-6-15 249648]
R2 DrWebEngine;Dr.Web Scanning Engine (DrWebEngine);c:\program files\common files\doctor web\scanning engine\dwengine.exe [2010-4-1 1830744]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-10-14 54752]
R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2007-7-27 1251720]
R3 SynMini;USB2.0 1.3M Web Cam;c:\windows\system32\drivers\SynMini.sys [2007-6-18 899712]
R3 SynScan;USB2.0 1.3M Web Cam Still Image;c:\windows\system32\drivers\SynScan.sys [2007-6-18 9216]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-7-7 195336]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2006-2-28 14336]
.
=============== Created Last 30 ================
.
2011-10-12 20:28:42 -------- d-----w- c:\docume~1\owner\applic~1\SUPERAntiSpyware.com
2011-10-12 20:28:42 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2011-10-12 20:04:13 -------- d-----w- c:\windows\system32\Lang
2011-10-12 18:59:47 40960 ----a-w- c:\windows\system32\lxbfvs.dll
2011-10-12 18:59:45 73728 ----a-w- c:\windows\system32\lxbfpwr.dll
2011-10-12 18:59:44 78336 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LXBFPP5C.DLL
2011-10-12 18:58:50 69632 ----a-w- c:\windows\system32\lxbfscin.dll
2011-10-12 18:58:49 57344 ----a-w- c:\windows\system32\lxbfcinf.dll
2011-10-12 18:58:49 49152 ----a-w- c:\windows\system32\lxbfcoin.dll
2011-10-12 18:58:29 -------- d-----w- c:\program files\Lexmark X6100 Series
2011-10-12 18:57:37 -------- d-----w- c:\documents and settings\owner\WINDOWS
2011-10-12 16:02:47 -------- d-----w- c:\program files\ESET
2011-10-12 15:33:49 -------- d-sha-r- C:\cmdcons
2011-10-12 15:32:00 98816 ----a-w- c:\windows\sed.exe
2011-10-12 15:32:00 518144 ----a-w- c:\windows\SWREG.exe
2011-10-12 15:32:00 256000 ----a-w- c:\windows\PEV.exe
2011-10-12 15:32:00 208896 ----a-w- c:\windows\MBR.exe
2011-10-07 16:23:22 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-07 16:23:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-07 00:51:49 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-10-07 00:51:49 -------- d-----w- c:\windows\system32\wbem\Repository
.
==================== Find3M ====================
.
2011-10-12 20:27:07 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 16:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 16:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 16:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48:54 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56:39 385024 ------w- c:\windows\system32\html.iec
.
============= FINISH: 15:25:01.84 ===============

 

0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name: lxbfcomm.dl_
Submission date: 2011-10-13 21:40:11 (UTC)
Current status: queued queued analysing finished


Result: 0/ 43 (0.0%)
VT Community

not reviewed
Safety score: -
Compact Print results Antivirus Version Last Update Result
AhnLab-V3 2011.10.13.00 2011.10.13 -
AntiVir 7.11.15.252 2011.10.13 -
Antiy-AVL 2.0.3.7 2011.10.13 -
Avast 6.0.1289.0 2011.10.13 -
AVG 10.0.0.1190 2011.10.13 -
BitDefender 7.2 2011.10.13 -
ByteHero 1.0.0.1 2011.09.23 -
CAT-QuickHeal 11.00 2011.10.13 -
ClamAV 0.97.0.0 2011.10.13 -
Commtouch 5.3.2.6 2011.10.13 -
Comodo 10440 2011.10.13 -
DrWeb 5.0.2.03300 2011.10.12 -
Emsisoft 5.1.0.11 2011.10.13 -
eSafe 7.0.17.0 2011.10.11 -
eTrust-Vet 36.1.8617 2011.10.13 -
F-Prot 4.6.5.141 2011.10.13 -
F-Secure 9.0.16440.0 2011.10.13 -
Fortinet 4.3.370.0 2011.10.13 -
GData 22 2011.10.13 -
Ikarus T3.1.1.107.0 2011.10.13 -
Jiangmin 13.0.900 2011.10.12 -
K7AntiVirus 9.115.5278 2011.10.13 -
Kaspersky 9.0.0.837 2011.10.13 -
McAfee 5.400.0.1158 2011.10.13 -
McAfee-GW-Edition 2010.1D 2011.10.13 -
Microsoft 1.7702 2011.10.13 -
NOD32 6541 2011.10.13 -
Norman 6.07.11 2011.10.13 -
nProtect 2011-10-13.01 2011.10.13 -
Panda 10.0.3.5 2011.10.13 -
PCTools 8.0.0.5 2011.10.13 -
Prevx 3.0 2011.10.13 -
Rising 23.79.03.02 2011.10.13 -
Sophos 4.70.0 2011.10.13 -
SUPERAntiSpyware 4.40.0.1006 2011.10.13 -
Symantec 20111.2.0.82 2011.10.13 -
TheHacker 6.7.0.1.322 2011.10.13 -
TrendMicro 9.500.0.1008 2011.10.13 -
TrendMicro-HouseCall 9.500.0.1008 2011.10.13 -
VBA32 3.12.16.4 2011.10.13 -
VIPRE 10749 2011.10.13 -
ViRobot 2011.10.13.4717 2011.10.13 -
VirusBuster 14.1.11.0 2011.10.13 -
Additional informationShow all
MD5 : 248312f91aa0070cb93283674b5f5572
SHA1 : 159861221ee4fb2a0b502bfffd76c07791f50f5e
SHA256: f1f71cf13d3907666cf7b0e22cebfa2a410c9475b804f96b52351de44dfd8d3e
ssdeep: 3072:aTKk6A2jsAA7D7NL56DEmdNk7O5pOkkWkRawE19iqrQg/8h0eLEpnHgPg/76hh:aeky4N5
+Ekk7ukWSgiWQgkeKagYDoh
File size : 150954 bytes
First seen: 2011-10-13 21:40:11
Last seen : 2011-10-13 21:40:11
TrID:
Microsoft SZDD compressed (Haruhiko Okumura's LZSS) (100.0%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

packers (F-Prot): MSLZ
ExifTool:
file metadata
Error: Unknown file type
FileSize: 147 kB



VT Community

0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name: instmon.ex_
Submission date: 2011-10-13 21:18:04 (UTC)
Current status: queued queued analysing finished


Result: 0/ 43 (0.0%)
VT Community

not reviewed
Safety score: -
Compact Print results Antivirus Version Last Update Result
AhnLab-V3 2011.10.13.00 2011.10.13 -
AntiVir 7.11.15.252 2011.10.13 -
Antiy-AVL 2.0.3.7 2011.10.13 -
Avast 6.0.1289.0 2011.10.13 -
AVG 10.0.0.1190 2011.10.13 -
BitDefender 7.2 2011.10.13 -
ByteHero 1.0.0.1 2011.09.23 -
CAT-QuickHeal 11.00 2011.10.13 -
ClamAV 0.97.0.0 2011.10.13 -
Commtouch 5.3.2.6 2011.10.13 -
Comodo 10440 2011.10.13 -
DrWeb 5.0.2.03300 2011.10.12 -
Emsisoft 5.1.0.11 2011.10.13 -
eSafe 7.0.17.0 2011.10.11 -
eTrust-Vet 36.1.8617 2011.10.13 -
F-Prot 4.6.5.141 2011.10.13 -
F-Secure 9.0.16440.0 2011.10.13 -
Fortinet 4.3.370.0 2011.10.13 -
GData 22 2011.10.13 -
Ikarus T3.1.1.107.0 2011.10.13 -
Jiangmin 13.0.900 2011.10.12 -
K7AntiVirus 9.115.5278 2011.10.13 -
Kaspersky 9.0.0.837 2011.10.13 -
McAfee 5.400.0.1158 2011.10.13 -
McAfee-GW-Edition 2010.1D 2011.10.13 -
Microsoft 1.7702 2011.10.13 -
NOD32 6541 2011.10.13 -
Norman 6.07.11 2011.10.13 -
nProtect 2011-10-13.01 2011.10.13 -
Panda 10.0.3.5 2011.10.13 -
PCTools 8.0.0.5 2011.10.13 -
Prevx 3.0 2011.10.13 -
Rising 23.79.03.02 2011.10.13 -
Sophos 4.70.0 2011.10.13 -
SUPERAntiSpyware 4.40.0.1006 2011.10.13 -
Symantec 20111.2.0.82 2011.10.13 -
TheHacker 6.7.0.1.322 2011.10.13 -
TrendMicro 9.500.0.1008 2011.10.13 -
TrendMicro-HouseCall 9.500.0.1008 2011.10.13 -
VBA32 3.12.16.4 2011.10.13 -
VIPRE 10749 2011.10.13 -
ViRobot 2011.10.13.4717 2011.10.13 -
VirusBuster 14.1.11.0 2011.10.13 -
Additional informationShow all
MD5 : e95ac38116347300c372818dc206d1c4
SHA1 : 3b80cc02be583e6340771afa316a79c929554b4a
SHA256: 3516e963b56047d5074d2e3a1df1c653b50ea69c064bb39331697bd41d5792b1
ssdeep: 384:7MaS3YfG7cnZbTLwfH57HsRoOliy/Q6b6ThV0ddUj3FRkg9v0SfkFs3fv0SfkFsU:tSx7WZ
bwfH57Qi+QAWP0TuPke38sX387
File size : 20116 bytes
First seen: 2010-09-20 10:15:39
Last seen : 2011-10-13 21:18:04
TrID:
Microsoft SZDD compressed (Haruhiko Okumura's LZSS) (100.0%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

packers (F-Prot): MSLZ
ExifTool:
file metadata
Error: Unknown file type
FileSize: 20 kB



VT Community

0
This file has never been reviewed by any VT Community member. Be the first one to comment on it!
VirusTotal Team

 

I tried that and when I reactivated Dr. Web, it deleted the files with the same error msg.

Wil