A little prob...received an infected e-mail from myself.

[jgvernonco]

No sense in panicking...no other problems, but this machine hasn't been looked at, soooo.


DDS (Version 1.0) - NTFSx86
Run by John at 15:31:13.20 on Tue 11/11/2008
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3070.1308 [GMT -7:00]

=============== Created Last 30 ================

2008-11-11 14:35 250 a------- c:\windows\gmer.ini
2008-10-28 23:54 147,456 a------- c:\windows\system32\Faultrep.dll
2008-10-28 23:54 125,952 a------- c:\windows\system32\wersvc.dll
2008-10-28 23:54 443,392 a------- c:\windows\system32\win32spl.dll
2008-10-27 19:52 428,544 a------- c:\windows\system32\EncDec.dll
2008-10-27 19:52 217,088 a------- c:\windows\system32\psisrndr.ax
2008-10-27 19:52 293,376 a------- c:\windows\system32\psisdecd.dll
2008-10-27 19:52 177,664 a------- c:\windows\system32\mpg2splt.ax
2008-10-27 19:52 80,896 a------- c:\windows\system32\MSNP.ax
2008-10-15 07:39 468,992 a------- c:\windows\system32\newdev.dll
2008-10-15 07:39 74,752 a------- c:\windows\system32\newdev.exe
2008-10-15 07:38 2,032,640 a------- c:\windows\system32\win32k.sys
2008-10-15 07:38 288,768 a------- c:\windows\system32\drivers\srv.sys
2008-10-15 07:38 3,601,464 a------- c:\windows\system32\ntkrnlpa.exe
2008-10-15 07:38 3,549,240 a------- c:\windows\system32\ntoskrnl.exe
2008-10-15 07:38 827,392 a------- c:\windows\system32\wininet.dll
2008-10-15 07:38 1,383,424 a------- c:\windows\system32\mshtml.tlb

================== Find3M ==================

2008-11-11 13:59 <DIR> --d----- c:\program files\spybot - search & destroy
2008-11-02 19:02 <DIR> --d----- c:\users\john\appdata\roaming\ZoomBrowser EX
2008-11-02 18:57 <DIR> --d----- c:\progra~2\ZoomBrowser
2008-10-25 08:24 <DIR> --d----- c:\program files\SpywareBlaster
2008-09-18 19:23 44,544 a------- c:\windows\system32\agremove.exe
2008-08-29 04:16 10,520 a------- c:\windows\system32\avgrsstx.dll
2008-08-29 04:15 <DIR> --d----- c:\progra~2\avg8
2008-08-14 03:03 2,560 a------- c:\windows\_MSRSTRT.EXE
2008-08-14 02:46 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
2008-05-18 08:26 <DIR> --d----- c:\progra~2\WEBREG
2008-05-15 14:05 <DIR> --d----- c:\users\john\appdata\roaming\Ulead Systems
2008-05-15 13:59 <DIR> --d----- c:\users\john\appdata\roaming\WinBatch
2008-05-15 13:49 <DIR> --d----- c:\progra~2\Napster
2008-05-14 18:54 <DIR> --d----- c:\users\john\appdata\roaming\MySpace
2008-05-14 18:20 <DIR> --d----- c:\users\john\appdata\roaming\Intel
2008-05-14 17:54 <DIR> --d----- c:\progra~2\CheckPoint
2008-05-14 17:35 <DIR> --d----- c:\progra~2\Symantec
2008-05-14 15:13 <DIR> --d----- c:\progra~2\ATI
2008-04-19 18:50 <DIR> --d----- c:\progra~2\Roaming
2008-04-19 18:50 <DIR> --d----- c:\progra~2\Intel
2008-04-19 18:24 <DIR> --d----- c:\progra~2\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
2008-02-20 16:03 <DIR> --d----- c:\progra~2\eSellerate
2008-02-20 16:03 <DIR> --ds---- c:\progra~2\Memeo
2008-02-20 15:48 <DIR> --d----- c:\progra~2\WildTangent

============== Psuedo HJT Report ===============

uDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: {053F9267-DC04-4294-A72C-58F732D338C0} - c:\program files\hp\smart web printing\hpswp_framework.dll
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg8\avgssie.dll
BHO: {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
BHO: {A057A204-BACC-4D26-9990-79A187E2698E} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: {2E5E800E-6AC0-411E-940A-369530A35E43} - c:\windows\system32\TwcToolbarIe7.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [MySpaceIM] c:\program files\myspace\im\MySpaceIM.exe
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\NPSWF32_FlashUtil.exe -p
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [PCMAgent] "c:\program files\cyberlink\powercinema for toshiba\PCMAgent.exe"
mRun: [CLMLServer] "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\CLMLSvc.exe"
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [WinAmpAgent] "c:\program files\winamp\winampa.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
dRun: [MySpaceIM] c:\program files\myspace\im\MySpaceIM.exe
dRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
StartupFolder: c:\users\john\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\users\john\appdata\roaming\micros~1\windows\startm~1\programs\startup\trillian.lnk - c:\program files\trillian\trillian.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {2E5E800E-6AC0-411E-940A-369530A35E43} - {A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EB}
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
AppInit_DLLs: avgrsstx.dll

============= SERVICES / DRIVERS ==============

R3 atikmdag;atikmdag;c:\windows\system32\drivers\atikmdag.sys
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys
R3 AvgWfpX;AVG Free8 Firewall Driver x86;c:\windows\system32\drivers\avgwfpx.sys
R3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDART.sys
S4 ErrDev;Microsoft Hardware Error Device Driver;c:\windows\system32\drivers\errdev.sys
S4 MegaSR;MegaSR;c:\windows\system32\drivers\megasr.sys
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys
R3 QIOMem;Generic IO & Memory Access;c:\windows\system32\drivers\QIOMem.sys
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe
S3 GameConsoleService;GameConsoleService;c:\program files\toshiba games\toshiba game console\GameConsoleService.exe
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe

============= FINISH: 15:31:35.15 ===============


With attachments...I hope I got it right for ya.

[jgvernonco]

Just an update...

This morning I woke up to a "white screen", which, after a little fiddling, caused me to hard boot.

Vista took over and, after analysis, recommended a system restore, which I approved. The system then rebooted normally.

Perhaps, all is well.

[sUBs]

Quote:

11/4/2008 3:41:08 PM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

How many of such errors do you have JG?
If there's a lot, you should get the guys from the XP section to look into it.

[jgvernonco]

Hi, Subs,

This is the first that I have been aware of any errors.

No error messages, at all, until this little event.

Right now, I have no symptoms, at all.

BTW, I received a plethora of Windows updates while I was sleeping last night. No problems there, either.

Thanks!

[sUBs]

Since you're not experiencing any outward malware symptoms, should we consider this as resolved?

[jgvernonco]

Let's do that.

Many thanks!