Windows Vista Task Manager/Windows Update X_X

Microsoft Windows vista home premium w/s...
February 28, 2010 at 01:38:25
Specs: Windows Vista
Whenever I try to open the task manager, the little green graph box shows up on the bottom right. I click on it to try to "unhide" the task manager, but nothing happens. The methods I use do not seem to be the problem, though.

Windows Update doesn't seem to be functioning as well. When I try to manually click on the Windows Update icon, the consequent window that pops up immediately freezes, even when I use the control panel to access Windows Update. However, it does open when the scheduled time for an update comes, and then I can use the window. But soon enough, it becomes apparent that nothing is really happening as it keeps on saying that it's preparing and whatnot.

Another added frustration is that I can't seem to log off from my computer. Whether it's when I'm shutting down my computer or just plain logging off, the little circle keeps on going like there's no tomorrow.

This is getting quite frustrating, and I began to notice that application responses were slightly decreasing everytime I had to forcefully shut down my computer. I've run virus scans and all sorts of scans, but I can't pinpoint a specific source to the problem.

Any help would be greatly appreciated.


See More: Windows Vista Task Manager/Windows Update X_X

Report •

#1
February 28, 2010 at 08:07:05

This scan will help determine if it is some type of malware which it appears to have the symptoms of.

Download DDS and save it to your desktop.
DDS.scr


Disable any script blocker if your Anti-Virus/Anti-Malware has it.
Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr to run the tool.
When done, the DDS.txt will open.
Click Yes at the next prompt for Optional Scan.

When done, DDS will open two (2) logs:
1. DDS.txt
2. Attach.txt

Save both reports to your desktop then post them please.


Report •

#2
February 28, 2010 at 18:51:57
Here it is; I hope this helps.

DDS (Ver_09-12-01.01) - NTFSx86
Run by 김효수 at 11:47:56.50 on 2010-03-01
Internet Explorer: 8.0.6001.18882
Microsoft® Windows Vista™ Home Premium K 6.0.6001.1.949.82.1042.18.3069.1927 [GMT 9:00]

AV: V3 Internet Security *On-access scanning enabled* (Updated) {D881C1F7-6566-4C80-82F8-BA5258DDD50E}
SP: V3 Internet Security *enabled* (Updated) {A76B6124-79C3-4F6E-965C-81E87FAAA5FC}
FW: V3 Internet Security *enabled* {6CBF11B7-327F-4AB6-BBD3-AE8650A9D64C}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\AhnLab\ACA\ACAAS.exe
C:\Program Files\AhnLab\V3IS2007\MSProxy.ahn
C:\Program Files\Common Files\AhnLab\ACA\ACAEGMgr.exe
C:\Program Files\Common Files\AhnLab\ACA\ACAIS.exe
C:\Program Files\AhnLab\Smart Update Utility\AhnSDsv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\rundll32.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Naver\NaverCommon\NaverAdminAPISvc.exe
C:\Windows\system32\NetClient40\ncagent.exe
C:\Windows\system32\npkcmsvc.exe
C:\Windows\system32\NetClient40\ncclient.exe
C:\Program Files\AhnLab\APC2\Policy Agent\pasvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\NetClient40\rc\NrDeskHlp.exe
C:\Program Files\AhnLab\Smart Update Utility\AhnSD.exe
C:\Program Files\Common Files\AhnLab\ACA\ACASP.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\lg_swupdate\GiljabiStart.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\LG Software\LG Magnifier\MagnifyingGlass.exe
C:\Program Files\LG Software\BatteryMiser\BatteryMiser5.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroDist.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\PROGRA~1\AhnLab\SMARTU~1\Update\AutoUp.exe
C:\PROGRA~1\AhnLab\SMARTU~1\Update\AutoUp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\ESTsoft\ALYac\AYWscUpdater.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
D:\My Documents\Desktop\dds.scr
C:\Windows\system32\conime.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://kr.yahoo.com/ilc92
BHO: Adobe PDF Reader 링크 도우미: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: 곰TV 길잡이: {375a6ab2-feec-445d-b853-2139fb561f80} - c:\progra~1\gretech\gomtvh~1\ghelper.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: msvcprt4.msvcprt4d: {faebe5f2-5e2e-11d8-a251-00d0591c1c61} - c:\windows\system32\MSvcprt4.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [NetClient RC Helper] c:\windows\system32\netclient40\rc\NrDeskHlp.exe
mRun: [PaTray] "c:\program files\ahnlab\apc2\policy agent\patray.exe"
mRun: [AHNSD] "c:\program files\ahnlab\smart update utility\AhnSD.exe"
mRun: [AhnLab Session Process] "c:\progra~1\common~1\ahnlab\aca\ACASP.exe"
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [IaNvSrv] c:\program files\intel\intel matrix storage manager\orom\ianvsrv\IaNvSrv.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [LG Intelligent Update] "c:\program files\lg_swupdate\giljabistart.exe" Gilautouc
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [LG Magnifier] %ProgramFiles%\LG Software\LG Magnifier\MagnifyingGlass.exe
mRun: [KeybdUtility] c:\program files\lg software\on screen display\HotKey.exe
mRun: [BatteryMiser 5] c:\program files\lg software\batterymiser\BatteryMiser5.exe
mRun: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [HncUpdate] c:\windows\system32\HncUpdate.exe /A
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Korean IME Migration] c:\progra~1\common~1\micros~1\ime12\imekr\IMKRMIG.EXE /UNINSTALL
mRun: [imekrmig7.0] "c:\program files\common files\microsoft shared\ime\imkr7\IMEKRMIG.EXE"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ALYac] "c:\program files\estsoft\alyac\AYUpdate.exe" /run
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1042-0000-7760-000000000003}\_SC_Acrobat.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 8.0\acrobat\AdobeCollabSync.exe
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Adobe PDF로 변환 - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Microsoft Excel로 내보내기(&X) - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: 기존 PDF에 추가 - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: 링크 대상을 Adobe PDF로 변환 - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: 링크 대상을 기존 PDF로 변환 - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: 선택 영역을 Adobe PDF로 변환 - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: 선택 영역을 기존 PDF로 변환 - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: 선택한 링크를 Adobe PDF로 변환 - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: 선택한 링크를 기존 PDF로 변환 - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: {013BCEA5-8309-448b-8604-85F23D7861A5} - {375A6AB2-FEEC-445D-B853-2139FB561F80} - c:\progra~1\gretech\gomtvh~1\ghelper.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {063F7D71-5E0B-48F2-87D5-F63C5917947E} - hxxp://platform.nexon.com/activex/ahnlab/aosmgr.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {C1143E84-B2B1-473B-9F20-E62DD754FCAF}
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {E9FD51D0-DC39-4f93-A67D-CC2F3A8B3B91} - hxxp://sis.snu.ac.kr/hsnotifyapp.cab
TCP: {1F0287AC-0009-47E8-9D3A-69DFD81D8731} = 203.229.135.1,172.16.54.10
SEH: BatteryMiser PSAP Class: {26f5978f-6493-4ee3-b114-c0c3accf9d4d} - c:\windows\system32\bmpsap.dll

============= SERVICES / DRIVERS ===============

R0 iaNvStor;Intel(R) Turbo Memory Technology NAND Controller;c:\windows\system32\drivers\iaNvStor.sys [2008-11-3 210432]
R1 AMonLWLH;Ahnlab Light Weight Filter;c:\windows\system32\drivers\AMonLWLH.sys [2008-11-3 32768]
R1 AMonTDLH;AMonTDLH;c:\windows\system32\drivers\AMonTDLH.sys [2008-11-3 87616]
R1 nrdrvnt3;nrdrvnt3;c:\windows\system32\drivers\nrdrvnt3.sys [2008-11-3 8632]
R2 AhnLab Application Service;AhnLab Application Service;c:\program files\common files\ahnlab\aca\ACAAS.exe [2008-11-3 34984]
R2 AhnLab Guarantee Service;AhnLab Guarantee Service;c:\program files\common files\ahnlab\aca\ACAEGMgr.exe [2008-11-3 50864]
R2 AhnLab Information Service;AhnLab Information Service;c:\program files\common files\ahnlab\aca\ACAIS.exe [2008-11-3 34984]
R2 AhnLab Task Scheduler;AhnLab Task Scheduler;c:\program files\ahnlab\smart update utility\AhnSDsv.exe [2008-11-3 174824]
R2 Naver Updater;Naver Updater;c:\program files\naver\navercommon\NaverAdminAPISvc.exe [2007-10-11 111288]
R2 NCClient Agent;NCClient Agent;c:\windows\system32\netclient40\ncagent.exe [2003-12-6 32768]
R2 paSvc;Policy Agent Service V3.0;c:\program files\ahnlab\apc2\policy agent\PaSvc.exe [2008-11-3 296520]
R3 CdmDrvNt;CdmDrvNt;c:\windows\system32\drivers\CdmDrvNT.sys [2008-11-3 19640]
R3 ISIPSEnt;ISIPSEnt;c:\program files\ahnlab\v3is2007\ISIPSENt.sys [2008-11-3 139720]
R3 npkakl;npkakl;c:\windows\system32\npkakl.sys [2009-8-18 28960]
R3 NSECUV;DoctorSoft Network Secu;c:\windows\system32\drivers\NSECUV.SYS [2008-11-3 18944]
R3 VRVD302;VRVD302;c:\windows\system32\drivers\VRVD302.sys [2008-11-30 11296]
S2 AhnLab Clean Service;AhnLab Clean Service;c:\program files\ahnlab\v3is2007\V3ClnSrv.exe [2008-11-3 183472]
S2 Policy Agent PD Service;Policy Agent PD Service;c:\program files\ahnlab\apc2\policy agent\PaPd.exe [2008-11-3 63048]
S3 AhnFlt2k;AhnFlt2k;c:\windows\system32\drivers\AhnFlt2k.sys [2008-11-3 52928]
S3 AhnRec2k;AhnRec2k;c:\windows\system32\drivers\AhnRec2k.sys [2008-11-3 20416]
S3 AhnRghNt;AhnRghNt;c:\windows\system32\drivers\AhnRghNt.sys [2008-11-3 52800]
S3 AhnSZE;AhnSZE;c:\windows\system32\drivers\AhnSZE.sys [2008-11-3 1328344]
S3 ArfMonNt;ArfMonNt;c:\program files\ahnlab\v3is2007\ArfMonNt.sys [2008-11-3 118464]
S3 ASZFltNt;ASZFltNt;c:\progra~1\ahnlab\v3is2007\ASZFltNt.sys [2008-11-3 126816]
S3 ATamptNt_V3IS2007;ATamptNt_V3IS2007;c:\progra~1\ahnlab\v3is2007\ATamptNt.sys [2010-1-28 109920]
S3 ISFWEnt;ISFWEnt;c:\program files\ahnlab\v3is2007\ISFWENt.sys [2008-11-3 143712]
S3 ISPIBEnt;ISPIBEnt;c:\program files\ahnlab\v3is2007\ISPIBENt.sys [2008-11-3 128360]
S3 ISPrxEnt;ISPrxEnt;c:\program files\ahnlab\v3is2007\ISPrxENT.sys [2008-11-3 77096]
S3 ISTrkEnt;ISTrkEnt;c:\program files\ahnlab\v3is2007\ISTrkENt.sys [2008-11-3 90888]
S3 MfFWEnt;MfFWEnt;c:\program files\ahnlab\asp\myfirewall 4.0\mffwent.sys [2010-2-27 101336]
S3 MfIPSEnt;MfIPSEnt;c:\program files\ahnlab\asp\myfirewall 4.0\mfipsent.sys [2010-2-27 121504]
S3 Mkd2Bthf;Mkd2Bthf;c:\windows\system32\drivers\Mkd2BthF.sys [2010-2-27 81016]
S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [2010-2-27 141176]
S3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2010-2-27 86136]
S3 NCGUARD;DoctorSoft NCGuard;c:\windows\system32\drivers\NCGUARD.SYS [2008-11-3 18021]
S3 NCPMon40;NetClient Process detector;c:\windows\system32\netclient40\ncpmon40.sys [2003-11-11 3714]
S3 NSavFlt;NSavFlt;c:\windows\system32\drivers\NSavFlt.sys [2008-11-6 59136]
S3 scskusbf;USB SCSK Filter Driver Service;c:\windows\system32\drivers\scskusbf.sys [2009-9-9 18184]
S3 scskusbs;USB SCSK Driver Service;c:\windows\system32\drivers\scskusbs.sys [2009-9-9 175872]
S3 TfFRegNt;TfFRegNt;c:\program files\ahnlab\v3is2007\tffregnt.sys [2010-1-28 54976]
S3 TfProcNt;TfProcNt;c:\program files\ahnlab\v3is2007\ahawkent.sys [2010-1-28 28992]
S3 v3engine;v3engine;c:\windows\system32\drivers\v3engine.sys [2008-11-3 1717080]
S3 V3Flt2K;V3Flt2K;c:\progra~1\ahnlab\v3is2007\V3Flt2K.sys [2008-11-3 161248]
S3 V3IFt2K;V3IFt2K;c:\progra~1\ahnlab\v3is2007\V3IFt2K.sys [2008-11-3 77504]

=============== Created Last 30 ================

2010-02-28 09:14:48 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-28 09:14:43 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-28 09:14:43 0 d-----w- c:\programdata\Malwarebytes
2010-02-28 09:14:42 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-28 01:40:16 0 d-----w- c:\program files\BitTorrent
2010-02-27 08:44:04 86136 ----a-w- c:\windows\system32\drivers\Mkd2Nadr.sys
2010-02-27 08:44:04 81016 ----a-w- c:\windows\system32\drivers\Mkd2BthF.sys
2010-02-27 08:44:04 141176 ----a-w- c:\windows\system32\drivers\Mkd2kfNT.sys
2010-02-25 07:12:41 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-02-25 07:12:38 411136 ----a-w- c:\windows\system32\drivers\http.sys
2010-02-25 07:12:38 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-02-24 12:53:55 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-24 12:53:29 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-24 12:53:28 511488 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-24 12:53:28 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-24 12:53:27 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-24 12:53:27 472064 ----a-w- c:\windows\system32\secproc.dll
2010-02-24 12:53:27 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-24 12:53:25 329216 ----a-w- c:\windows\system32\msdrm.dll
2010-02-24 12:53:25 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-24 12:53:25 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-24 12:52:51 1314816 ----a-w- c:\windows\system32\quartz.dll
2010-02-24 12:52:50 82944 ----a-w- c:\windows\system32\mciavi32.dll
2010-02-24 12:52:50 65024 ----a-w- c:\windows\system32\avicap32.dll
2010-02-24 12:52:50 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-02-24 12:52:50 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-02-24 12:52:50 22528 ----a-w- c:\windows\system32\msyuv.dll
2010-02-24 12:52:50 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-02-24 12:52:50 123904 ----a-w- c:\windows\system32\msvfw32.dll
2010-02-24 12:52:50 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2010-02-24 12:52:49 91136 ----a-w- c:\windows\system32\avifil32.dll
2010-02-24 12:52:46 897624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-02-24 12:52:42 378368 ----a-w- c:\windows\system32\winhttp.dll
2010-02-24 12:47:15 3597896 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-24 12:47:13 3546184 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-24 12:47:08 714240 ----a-w- c:\windows\system32\timedate.cpl
2010-02-24 12:46:35 2035712 ----a-w- c:\windows\system32\win32k.sys
2010-02-24 12:46:32 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-02-24 12:46:29 61440 ----a-w- c:\windows\system32\msasn1.dll
2010-02-24 12:46:26 281600 ----a-w- c:\windows\system32\raschap.dll
2010-02-24 12:46:26 244224 ----a-w- c:\windows\system32\rastls.dll
2010-02-24 12:46:22 351232 ----a-w- c:\windows\system32\WSDApi.dll
2010-02-24 12:46:17 1399296 ----a-w- c:\windows\system32\msxml6.dll
2010-02-24 12:46:17 1257472 ----a-w- c:\windows\system32\msxml3.dll
2010-02-24 08:41:50 0 d-----w- c:\program files\BandiMPEG1
2010-02-24 08:40:14 428544 ----a-w- c:\windows\system32\EncDec.dll
2010-02-24 08:40:13 217088 ----a-w- c:\windows\system32\psisrndr.ax
2010-02-24 08:40:08 293376 ----a-w- c:\windows\system32\psisdecd.dll
2010-02-24 08:40:08 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2010-02-24 08:40:07 80896 ----a-w- c:\windows\system32\MSNP.ax
2010-02-24 08:21:35 0 d-----w- C:\Nexon
2010-02-24 08:11:26 258352 ----a-w- c:\windows\system32\unicows.dll
2010-02-24 08:11:25 389120 ----a-w- c:\windows\system32\actskn43.ocx
2010-02-24 08:10:15 0 d-----w- c:\programdata\ESTsoft
2010-02-24 08:10:14 0 d-----w- c:\program files\ESTsoft
2010-02-24 08:09:49 0 d-----w- c:\programdata\Nexon
2010-02-21 11:09:44 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2010-02-21 11:06:24 310784 ----a-w- c:\windows\system32\unregmp2.exe
2010-02-21 11:06:20 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-02-21 11:04:16 0 d-----w- c:\programdata\Sun
2010-02-21 11:03:19 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-21 10:54:39 0 d-----w- c:\program files\common files\Blizzard Entertainment
2010-02-21 10:50:10 0 d-----w- c:\programdata\Blizzard

==================== Find3M ====================

2010-02-28 10:40:03 404414 ----a-w- c:\programdata\nvModes.dat
2010-02-25 02:14:00 1681496 ----a-w- c:\windows\system32\btscan.exe
2010-02-25 01:28:00 1717080 ----a-w- c:\windows\system32\drivers\v3engine.sys
2010-02-25 01:28:00 1328344 ----a-w- c:\windows\system32\drivers\AhnSZE.sys
2010-02-24 00:16:06 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-21 10:43:14 395106 ----a-w- c:\windows\system32\perfh012.dat
2010-02-21 10:43:13 101026 ----a-w- c:\windows\system32\perfc012.dat
2010-01-02 06:38:20 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32:33 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32:33 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57:00 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-29 05:43:16 51200 ----a-w- c:\windows\inf\infpub.dat
2009-07-29 05:43:15 143360 ----a-w- c:\windows\inf\infstrng.dat
2009-07-11 00:30:08 86016 ----a-w- c:\windows\inf\infstor.dat
2009-01-03 00:25:08 174 --sha-w- c:\program files\desktop.ini
2009-01-03 00:15:45 665600 ----a-w- c:\windows\inf\drvindex.dat
2006-11-07 06:32:00 30674 ----a-w- c:\windows\inf\perflib\0412\perfd.dat
2006-11-07 06:32:00 30674 ----a-w- c:\windows\inf\perflib\0412\perfc.dat
2006-11-07 06:32:00 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-07 06:32:00 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-07 06:32:00 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-07 06:32:00 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-07 06:32:00 155890 ----a-w- c:\windows\inf\perflib\0412\perfi.dat
2006-11-07 06:32:00 155890 ----a-w- c:\windows\inf\perflib\0412\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-08-24 10:16:12 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2009-08-24 10:16:12 32768 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2009-08-24 10:16:12 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat
2009-08-20 03:36:49 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2009-08-20 03:36:49 32768 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2009-08-20 03:36:49 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat
2009-08-20 03:36:49 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat

============= FINISH: 11:48:09.18 ===============

I didn't get the Attach.txt, however.


Report •

#3
February 28, 2010 at 19:22:21
Please download Combofix from internet explorer instead of another browser.

The address at the bottom of this page is a web site that will help you get your antivirus turned off. Remember to turn it back on after the Combofix scan is complete.

Remember..your Ahnlab V3 antivirus, Windows Defender, and and any other real time protection you have must be turned off or disabled before running ComboFix. The clickable link "This Link" in the ComboFix tutorial will help you get them disabled.

Please download ComboFix to the desktop from one of the following links:

ComboFix

Rename the setup file, combofix.exe, before you download it. To do that once the "enter name of file to save to" box appears as the download begins in the filename box rename combofix.exe to to Combo-Fix> click save.
Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop.
If you are using Firefox, make sure that your download settings are as follows:
Tools->Options->Main tab
Set to "Always ask me where to Save the files".

Please do not rename Combofix to other names, but only to the one indicated.
Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
-----------------------------------------------------------
Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Click on This Link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
-----------------------------------------------------------
Close any open browsers.
WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
-----------------------------------------------------------
Double click on Combo-Fix.exe & follow the prompts.
Install the recovery console when asked.
When finished, it will produce a report for you.
Please post the "C:\Combo-Fix.txt" .
Note: Do not mouseclick combo-fix's window while it's running. That may cause it to hang.


Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.

Please do not install any new programs or update anything unless told to do so while we are fixing your problem.

http://www.7tutorials.com/security-...



Report •

Related Solutions

#4
February 28, 2010 at 21:10:34
I've tried to disable the V3 Internet Security to no avail. I used Perfect Uninstaller to try and get rid of it, but even though now it isn't listed as an installed program, Combofix keeps on saying that the antivirus/antispyware is still on and running. I'm quite stuck, and I don't know how to proceed any further other than reinstalling Windows, which I don't necessarily want to.

Report •

#5
March 1, 2010 at 19:53:07
Go ahead and run Combofix, if it were to hang wait 10 minutes then restart the computer.

Report •

Ask Question