Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Computer doing strange things after software install


  • This topic is locked This topic is locked
2 replies to this topic

#1 Guest_MartyBr_*

Guest_MartyBr_*

  • Guests
  • OFFLINE
  •  

Posted 12 January 2009 - 01:16 AM

Hey folks. Any help with this would be greatly appreciated. After I installed software on my laptop I got all sorts of Trend Micro A/V alerts. Webpages were not showing images, I was getting all sorts of pop ups as well. I was able to get rid of those problems by using Windows Defender but I am unable to launch Spybot Search & Destroy (even after reinstalling) which leads me to believe that something is still there.

Thanks in advance for your help!

Here are my logs:


DDS (Ver_09-01-07.01) - NTFSx86
Run by Marty at 0:08:15.23 on 12/01/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3067.2261 [GMT -6:00]

AV: Trend Micro Client-Server Security Agent AntiVirus *On-access scanning enabled* (Updated)
AV: Trend Micro Client-Server Security Agent AntiVirus *On-access scanning disabled* (Outdated)
FW: Trend Micro Client-Server Security Agent Firewall *disabled*
FW: Trend Micro Client-Server Security Agent Firewall *disabled*

============== Running Processes ===============

C:\WINDOWS\system32\TAMSvr.exe
C:\WINDOWS\system32\FpLogonServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\TOSHIBA\Controls\VolumeIndicator.exe
C:\Program Files\TrueSuite Access Manager\FpNotifier.exe
C:\Program Files\TrueSuite Access Manager\usbnotify.exe
C:\Program Files\TrueSuite Access Manager\PwdBank.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
C:\WINDOWS\system32\TODDSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\TEMP\NP76CA.EXE
C:\Spybot\TeaTimer.exe
C:\Hijack this\HiJackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Marty\Local Settings\Temporary Internet Files\Content.IE5\IJ1OKJ90\dds[1].scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.tsn.ca/
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\spybot\SDHelper.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [SpybotSD TeaTimer] c:\spybot\TeaTimer.exe
mRun: [SmoothView] c:\program files\toshiba\toshiba zooming utility\SmoothView.exe
mRun: [Toshiba Hotkey Utility] "c:\program files\toshiba\windows utilities\Hotkey.exe" /lang en
mRun: [DDWMon] c:\program files\toshiba\toshiba direct disc writer\\ddwmon.exe
mRun: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start
mRun: [Toshiba Controls Utility] "c:\program files\toshiba\controls\VolumeIndicator.exe"
mRun: [FingerPrintNotifer] "c:\program files\truesuite access manager\FpNotifier.exe"
mRun: [UsbMonitor] "c:\program files\truesuite access manager\usbnotify.exe"
mRun: [PwdBank] "c:\program files\truesuite access manager\PwdBank.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"
mRun: [OfficeScanNT Monitor] "c:\program files\trend micro\client server security agent\pccntmon.exe" -HideWindow
mRun: [IntelZeroConfig] "c:\program files\intel\wifi\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\common files\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [BlackBerryAutoUpdate] c:\program files\common files\research in motion\auto update\RIMAutoUpdate.exe /background
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
mRun: [DAEMON Tools-1033] "c:\program files\d-tools\daemon.exe" -lang 1033
mRun: [NvSvc] c:\windows\system32\nvsvc32.exe
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
uPolicies-explorer: NoFolderOptions = 1 (0x1)
uPolicies-system: DisableRegistryTools = 1 (0x1)
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_06\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\spybot\SDHelper.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

============= SERVICES / DRIVERS ===============

R0 AlfaFF;AlfaFF mini-filter driver;c:\windows\system32\drivers\AlfaFF.sys [2008-12-25 42608]
R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2008-6-3 84992]
R3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDAud.sys [2008-6-3 732160]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2008-6-3 51160]
R3 QIOMem;Generic IO & Memory Access;c:\windows\system32\drivers\QIOMem.sys [2007-5-28 6912]
R4 Authentec memory manager;Authentec memory manager service;c:\windows\system32\TAMSvr.exe [2008-12-25 49152]
R4 FingerprintServer;Fingerprint Server;c:\windows\system32\FpLogonServ.exe [2008-12-25 131072]
R4 OfcPfwSvc;Trend Micro Client/Server Security Agent Personal Firewall;c:\program files\trend micro\client server security agent\OfcPfwSvc.exe [2007-3-29 282704]
R4 tdudf;TOSHIBA UDF File System Driver;c:\windows\system32\drivers\tdudf.sys [2007-3-26 105856]
R4 TmFilter;Trend Micro Filter;c:\program files\trend micro\client server security agent\tmxpflt.sys [2007-9-17 205328]
R4 TmPreFilter;Trend Micro PreFilter;c:\program files\trend micro\client server security agent\tmpreflt.sys [2007-9-17 36368]
R4 trudf;TOSHIBA DVD-RAM UDF File System Driver;c:\windows\system32\drivers\trudf.sys [2007-2-19 134016]
R4 windefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S1 6aea231f;6aea231f;c:\windows\system32\drivers\6aea231f.sys --> c:\windows\system32\drivers\6aea231f.sys [?]

=============== Created Last 30 ================

2009-01-11 23:54 <DIR> --d----- C:\backup3
2009-01-11 23:49 <DIR> --d----- C:\backup2
2009-01-11 23:42 <DIR> --d----- C:\Spybot
2009-01-11 23:32 268 a---h--- C:\sqmdata03.sqm
2009-01-11 23:32 244 a---h--- C:\sqmnoopt03.sqm
2009-01-11 23:26 <DIR> --d----- C:\Hijack this
2009-01-11 22:47 <DIR> --d----- C:\Remove Spyware
2009-01-11 22:41 268 a---h--- C:\sqmdata02.sqm
2009-01-11 22:41 244 a---h--- C:\sqmnoopt02.sqm
2009-01-11 22:34 <DIR> --d----- C:\Backup
2009-01-11 22:21 268 a---h--- C:\sqmdata01.sqm
2009-01-11 22:21 244 a---h--- C:\sqmnoopt01.sqm
2009-01-11 22:00 268 a---h--- C:\sqmdata00.sqm
2009-01-11 22:00 244 a---h--- C:\sqmnoopt00.sqm
2009-01-11 21:54 <DIR> --d----- c:\docume~1\marty\applic~1\ABIG
2009-01-11 21:42 <DIR> --d----- c:\windows\pss
2009-01-11 12:27 2,297,552 a------- c:\windows\system32\d3dx9_26.dll
2009-01-11 12:25 <DIR> --d-h--- c:\windows\msdownld.tmp
2009-01-11 12:25 <DIR> --d----- c:\windows\Logs
2009-01-11 12:23 <DIR> --d----- c:\documents and settings\marty\.housecall6.6
2009-01-11 11:43 135,168 a------- c:\windows\azubiyovoxanetix.dll
2009-01-11 11:32 55,808 a------- c:\windows\system32\nvsvc32.exe
2009-01-11 11:31 40,448 a------- c:\windows\Cpipej.dll
2009-01-11 11:31 40,448 a------- C:\bxoanvp.exe
2009-01-11 11:31 38,630 a------- C:\yruuem.exe
2009-01-11 11:31 2 a------- C:\1951149608
2009-01-11 11:31 64,512 a------- C:\epcbth.exe
2009-01-11 11:30 15,000 a------- c:\windows\system32\rwhbfb873unjdfdg.dll
2009-01-11 11:30 <DIR> --d----- c:\program files\BiP media
2009-01-11 11:30 36 a------- c:\windows\Tiny_Run.ini
2009-01-10 14:24 0 a------- c:\windows\tosOBEX.INI
2009-01-10 12:08 5,632 a------- c:\windows\system32\ptpusb.dll
2009-01-10 12:08 15,104 ac------ c:\windows\system32\dllcache\usbscan.sys
2009-01-10 12:08 159,232 a------- c:\windows\system32\ptpusd.dll
2009-01-10 12:08 15,104 a------- c:\windows\system32\drivers\usbscan.sys
2009-01-07 23:08 43,520 a------- c:\windows\system32\CmdLineExt03.dll
2009-01-07 23:06 <DIR> --d----- c:\program files\Atari
2009-01-07 21:19 <DIR> --d----- c:\program files\WarZone
2009-01-07 21:18 <DIR> --d----- c:\program files\Microprose
2009-01-07 19:15 <DIR> --d----- C:\Axis.And.Allies-RELOADED
2009-01-07 18:55 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-01-07 18:55 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-01-07 18:42 2,688 a------- C:\Pixie.p10
2009-01-02 21:17 <DIR> --d----- c:\docume~1\alluse~1\applic~1\JollyBear
2009-01-02 21:17 <DIR> --d----- c:\program files\PopCap Games
2009-01-02 20:36 <DIR> --d----- c:\program files\Concentration
2009-01-02 20:35 <DIR> --d----- c:\program files\ReflexiveArcade
2009-01-02 20:17 142,631 a------- C:\Classic Concentration.zip
2009-01-02 20:16 1,258,638 a------- C:\DOSBox0.72-win32-installer.exe
2009-01-01 22:09 0 a------- c:\windows\ToDisc.INI
2009-01-01 21:14 107,888 a------- c:\windows\system32\CmdLineExt.dll
2009-01-01 21:13 <DIR> --d----- c:\program files\Hasbro
2008-12-31 15:34 <DIR> --d----- C:\Incomplete
2008-12-31 15:33 <DIR> --d----- c:\docume~1\marty\applic~1\LimeWire
2008-12-31 15:33 <DIR> --d----- c:\program files\LimeWire
2008-12-31 15:16 <DIR> --d----- c:\program files\DivX
2008-12-30 22:05 <DIR> --d----- c:\program files\mIRC
2008-12-30 22:05 <DIR> --d----- c:\docume~1\marty\applic~1\mIRC
2008-12-30 21:56 <DIR> --d----- c:\docume~1\marty\applic~1\iWin
2008-12-28 23:47 <DIR> --d----- c:\docume~1\marty\applic~1\Research In Motion
2008-12-28 20:15 <DIR> --d----- c:\program files\iWin.com
2008-12-28 20:13 <DIR> --d----- c:\docume~1\alluse~1\applic~1\iWin Games
2008-12-28 19:48 <DIR> --d----- c:\documents and settings\marty\Contacts
2008-12-28 19:46 <DIR> -cdsh--- c:\program files\common files\WindowsLiveInstaller
2008-12-28 03:14 <DIR> --d----- c:\docume~1\marty\applic~1\Hoyle FaceCreator
2008-12-28 00:02 <DIR> --d----- C:\Applications
2008-12-28 00:00 <DIR> --d----- C:\CyberLink PowerDVD Ultra v8.0.2021.50+Keys-HeartBug
2008-12-27 23:54 <DIR> --d----- c:\docume~1\marty\applic~1\Hoyle
2008-12-27 23:52 3,786,760 a------- c:\windows\system32\D3DX9_37.dll
2008-12-27 23:49 <DIR> --d----- c:\program files\Encore
2008-12-27 23:45 155,136 a------- c:\windows\system32\drivers\d347bus.sys
2008-12-27 23:45 5,248 a------- c:\windows\system32\drivers\d347prt.sys
2008-12-27 23:45 <DIR> --d----- c:\program files\D-Tools
2008-12-27 23:45 <DIR> --d----- c:\windows\Downloaded Installations
2008-12-27 16:34 <DIR> --d----- c:\program files\Roxio
2008-12-27 16:34 <DIR> --d----- c:\program files\common files\Sonic Shared
2008-12-27 16:31 26,496 a----r-- c:\windows\system32\drivers\RimSerial.sys
2008-12-27 16:31 <DIR> --d----- c:\program files\Research In Motion
2008-12-27 16:31 <DIR> --d----- c:\program files\common files\Research In Motion
2008-12-27 16:12 <DIR> --d----- C:\Hoyle.Card.Games.2009-SKIDROW
2008-12-27 16:09 <DIR> --d----- c:\program files\uTorrent
2008-12-27 16:09 <DIR> --d----- c:\docume~1\marty\applic~1\uTorrent
2008-12-27 13:55 <DIR> --d----- c:\docume~1\marty\applic~1\Intel
2008-12-27 13:54 <DIR> --d----- c:\program files\common files\Intel
2008-12-27 13:51 <DIR> --d----- C:\drivers
2008-12-27 00:58 <DIR> --d----- C:\mp3
2008-12-26 23:30 <DIR> --d----- C:\NHL.09-RELOADED
2008-12-26 13:25 <DIR> --d-h--- C:\files
2008-12-26 11:07 <DIR> --d----- c:\program files\Microsoft CAPICOM 2.1.0.2
2008-12-26 10:55 138,384 a------- c:\windows\system32\drivers\tmcomm.sys
2008-12-26 10:55 <DIR> --d----- c:\program files\Trend Micro
2008-12-26 10:54 <DIR> --d----- C:\Temp
2008-12-26 10:37 <DIR> --d----- c:\program files\common files\Adobe Systems Shared
2008-12-26 10:33 268,648 a------- c:\windows\system32\mucltui.dll
2008-12-26 10:33 27,496 a------- c:\windows\system32\mucltui.dll.mui
2008-12-25 10:43 30,512 a------- c:\windows\system32\mdimon.dll
2008-12-25 10:39 <DIR> --d----- C:\IDE
2008-12-25 10:39 <DIR> --d----- c:\program files\Microsoft Visual Studio 8
2008-12-25 10:39 <DIR> --d----- c:\windows\SHELLNEW
2008-12-25 10:16 <DIR> --d----- c:\program files\Windows Desktop Search
2008-12-25 10:12 <DIR> --d----- c:\program files\Windows Media Connect 2
2008-12-25 10:12 876 a------- c:\windows\$_hpcst$.hpc
2008-12-25 10:12 <DIR> --d----- c:\windows\system32\LogFiles
2008-12-25 10:09 247,326 -c------ c:\windows\system32\dllcache\strmdll.dll
2008-12-25 10:09 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys
2008-12-25 10:08 1,106,944 -c------ c:\windows\system32\dllcache\msxml3.dll
2008-12-25 10:08 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll
2008-12-25 10:08 333,824 -c------ c:\windows\system32\dllcache\srv.sys
2008-12-25 10:08 2,189,184 -c------ c:\windows\system32\dllcache\ntoskrnl.exe
2008-12-25 10:08 2,145,280 -c------ c:\windows\system32\dllcache\ntkrnlmp.exe
2008-12-25 10:08 2,066,048 -c------ c:\windows\system32\dllcache\ntkrnlpa.exe
2008-12-25 10:08 2,023,936 -c------ c:\windows\system32\dllcache\ntkrpamp.exe
2008-12-25 10:08 138,496 -c------ c:\windows\system32\dllcache\afd.sys
2008-12-25 10:08 1,846,400 -c------ c:\windows\system32\dllcache\win32k.sys
2008-12-25 10:07 331,776 -c------ c:\windows\system32\dllcache\msadce.dll
2008-12-25 10:07 691,712 -c------ c:\windows\system32\dllcache\inetcomm.dll
2008-12-25 10:07 272,128 -c------ c:\windows\system32\dllcache\bthport.sys
2008-12-25 10:07 272,128 -------- c:\windows\system32\drivers\bthport.sys
2008-12-25 10:07 203,136 -c------ c:\windows\system32\dllcache\rmcast.sys
2008-12-25 10:03 <DIR> --d----- c:\windows\system32\PreInstall
2008-12-25 10:03 <DIR> --d-h--- c:\windows\$hf_mig$
2008-12-25 10:01 <DIR> --dsh--- c:\documents and settings\marty\UserData
2008-12-25 09:56 <DIR> --d----- c:\windows\system32\SoftwareDistribution
2008-12-25 08:56 <DIR> --d----- c:\windows\system32\appmgmt
2008-12-25 08:56 <DIR> --d----- c:\windows\SxsCaPendDel
2008-12-25 08:51 0 a------- c:\windows\ativpsrm.bin
2008-12-25 08:50 0 a--shr-- c:\windows\system32\drivers\TOSHIBA_Satellite Pro P300_S3A6656D502_PSPCDC-00P00C.MRK
2008-12-25 08:50 204,800 a------- c:\windows\system32\IVIresizeW7.dll
2008-12-25 08:50 200,704 a------- c:\windows\system32\IVIresizeA6.dll
2008-12-25 08:50 192,512 a------- c:\windows\system32\IVIresizeP6.dll
2008-12-25 08:50 192,512 a------- c:\windows\system32\IVIresizeM6.dll
2008-12-25 08:50 188,416 a------- c:\windows\system32\IVIresizePX.dll
2008-12-25 08:50 20,480 a------- c:\windows\system32\IVIresize.dll
2008-12-25 08:50 <DIR> --d----- c:\program files\InterVideo
2008-12-25 08:48 <DIR> --d----- c:\program files\ATI Technologies
2008-12-25 08:48 491,520 a------- c:\windows\system32\cselect.exe
2008-12-25 08:48 128,113 a------- c:\windows\system32\csellang.ini
2008-12-25 08:48 106,496 a------- c:\windows\system32\tosmreg.exe
2008-12-25 08:48 45,056 a------- c:\windows\system32\csellang.dll
2008-12-25 08:48 9,484 a------- c:\windows\system32\tosmreg.ini
2008-12-25 08:48 7,671 a------- c:\windows\system32\cseltbl.ini
2008-12-25 08:47 146,944 a------- c:\windows\system32\drivers\atswpdrv.sys
2008-12-25 08:47 <DIR> --d----- C:\AuthLog
2008-12-25 08:47 338,416 a------- c:\windows\system32\DrvCrypt.dll
2008-12-25 08:47 49,152 a------- c:\windows\system32\TAMSvr.exe
2008-12-25 08:47 42,608 a------- c:\windows\system32\drivers\AlfaFF.sys
2008-12-25 08:47 802,816 a------- c:\windows\system32\TAM_GINA.dll
2008-12-25 08:47 176,128 a------- c:\windows\system32\FpWinlogonNp.dll
2008-12-25 08:47 131,072 a------- c:\windows\system32\FpLogonServ.exe
2008-12-25 08:47 24,048 a------- c:\windows\system32\AlfaFF.dll
2008-12-25 08:47 <DIR> --d----- c:\program files\TrueSuite Access Manager
2008-12-25 08:47 57,344 a------- c:\windows\system32\authTpm.dll
2008-12-25 08:46 83,072 a------- c:\windows\system32\drivers\wdmaud.sys
2008-12-25 08:46 6,272 a------- c:\windows\system32\drivers\splitter.sys
2008-12-25 08:46 56,576 a------- c:\windows\system32\drivers\swmidi.sys
2008-12-25 08:46 52,864 a------- c:\windows\system32\drivers\DMusic.sys
2008-12-25 08:46 172,416 a------- c:\windows\system32\drivers\kmixer.sys
2008-12-25 08:46 142,592 a------- c:\windows\system32\drivers\aec.sys
2008-12-25 08:46 2,944 a------- c:\windows\system32\drivers\drmkaud.sys
2008-12-25 08:46 60,800 a------- c:\windows\system32\drivers\sysaudio.sys
2008-12-25 08:46 146,048 a------- c:\windows\system32\drivers\portcls.sys
2008-12-25 08:46 <DIR> --d----- c:\program files\CONEXANT
2008-12-25 08:46 60,160 a------- c:\windows\system32\drivers\drmk.sys
2008-12-25 08:45 221,184 a------- c:\windows\system32\wmpns.dll
2008-12-25 08:45 <DIR> --d----- C:\ConnectKOL
2008-12-25 08:45 <DIR> --d----- C:\Connect
2008-12-25 08:45 <DIR> --d----- c:\documents and settings\marty\WINDOWS
2008-12-25 08:45 <DIR> --d----- c:\documents and settings\Marty
2008-12-25 08:45 <DIR> --d----- c:\docume~1\marty\applic~1\TMP
2008-12-25 02:32 3,626,112 a------- c:\windows\system32\drivers\NETw5x32.sys
2008-12-25 02:32 2,756,608 a------- c:\windows\system32\NETw5r32.dll
2008-12-25 02:32 659,456 a------- c:\windows\system32\NETw5c32.dll
2008-12-25 02:32 73,810 a------- c:\windows\system32\RAPI.DLL
2008-12-25 02:32 41,044 a------- c:\windows\system32\CEUTIL.DLL
2008-12-25 02:32 <DIR> --d----- c:\program files\NewSoft
2008-12-25 02:32 371 a------- c:\windows\setup.iss
2008-12-25 02:32 18,432 a------- c:\windows\system32\drivers\UVCFTR_S.SYS
2008-12-25 02:31 <DIR> --d----- c:\program files\Camera Assistant Software for Toshiba
2008-12-25 02:31 <DIR> --d----- c:\program files\Apoint2K
2008-12-25 02:28 8,192 a------- c:\windows\REGLOCS.OLD
2008-12-25 02:27 <DIR> --d----- c:\windows\iehome
2008-12-25 02:27 <DIR> --d----- c:\program files\Datalode

==================== Find3M ====================

2008-12-26 11:29 171,184 a------- c:\windows\pchealth\helpctr\config\cache\Professional_32_1033.dat
2008-12-26 11:28 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2008-11-21 15:47 524,288 a------- c:\windows\system32\DivXsm.exe
2008-11-21 15:47 3,596,288 a------- c:\windows\system32\qt-dx331.dll
2008-11-21 15:46 1,044,480 a------- c:\windows\system32\libdivx.dll
2008-11-21 15:46 200,704 a------- c:\windows\system32\ssldivx.dll
2008-11-21 15:44 161,096 a------- c:\windows\system32\DivXCodecVersionChecker.exe
2008-11-21 15:44 12,288 a------- c:\windows\system32\DivXWMPExtType.dll
2008-10-27 10:04 514,384 a------- c:\windows\system32\XAudio2_3.dll
2008-10-27 10:04 235,856 a------- c:\windows\system32\xactengine3_3.dll
2008-10-27 10:04 23,376 a------- c:\windows\system32\X3DAudio1_5.dll
2008-10-27 10:04 70,992 a------- c:\windows\system32\XAPOFX1_2.dll
2008-10-23 06:36 286,720 a------- c:\windows\system32\gdi32.dll
2008-10-23 02:58 25,089,272 a------- c:\windows\system32\TrueAccessCoInst.dll
2008-10-16 14:38 826,368 a------- c:\windows\system32\wininet.dll

============= FINISH: 0:08:32.04 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan

Posted 27 January 2009 - 05:46 PM

Howdy, my name is Hoov, and I will be helping you with your dilemma. I appologize for the delay in getting you help.

Please make sure you watch this thread for responses. If you click the options tab at the top of your first post, you can select to track this thread.

Here is what I am asking you to do during the repair of your computer

*Tell me everything that you have done, if anything, to try and fix this problem.

*Please only use 1 forum to help clear up your problem. Posting on more than 1 and following instructions from more than 1 forum will cause those helping you to pull out thier hair.

*Follow my instructions - If you can't for some reason, or if you don't understand something, please tell me. If you deviate from my instructions, tell me, it may make a difference on where we go. Don't install anything, even other programs that have nothing to do with security or malware, it could cause things to change, and I would never know it.

*Have faith. I will do all I can to get your computer working, and if I can't - someone else here will know something else to try.

*Stick with me to the end. My aim is to fix your problems, and give you the tools and knowledge to keep this from happening again.

Now onto trying to fix your computer.

It has been a while since you posted your log, if you still want help could you please post a new one?

Also Run an online virus scan called Kaspersky from HERE.1. At the main page. Press on "Accept". After reading the contents.
2. At the next window Select Update. Allow the Database to update.
Note: If prompted to run or update your Java, then follow the prompts to do so. Kaspersky requires Java to run.
3. Once the Database has finished, under the Scan icon Select My Computer to start the scan. The scan may take a few minutes to complete.
4. Select Scan Report.
5. If any threats were found they will appear in the report
6. Select "Save error report as"
Then in the file name just type in kaspersky
Under "save as type" select text .txt
Save it to your Desktop.

Copy and post the results of the Kaspersky Online scan. If no threats were found then report that as well.
And Please perform an AVG AS Online Malware Scan
  • When a dialog box appears asking you if you would like to download and install the ewido anti-spyware online scanner.
    Please click Yes to allow the download.
  • Click on Start Scan.
  • If any infections are found, Click on Remove Infections.

Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#3 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:04:08 PM

Posted 03 February 2009 - 10:49 PM

This thread is closed due to inactivity.
If you need this topic reopened, please send me or another moderator a PM. This applies to the thread originator only, all others start a new thread.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users