Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirect again!


  • This topic is locked This topic is locked
3 replies to this topic

#1 derider

derider

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 02 June 2010 - 08:09 AM

I have seen other threads about this topic. My google toolbar will redirect sometimes, and if I just go to google it doesn't do it. Only on the tool bar search. This problem came up after I had the Anti Virus live which I deleted with RKill and Malwarebytes, but then my chrome quit working and this redirect thing started. I have seen other threads like I said and wonder if I should follow those directions or if someone can help me from the start?

Thanks in advance,

Derider

Maybe this will help get some things started.


DDS (Ver_10-03-17.01) - NTFSx86
Run by Owner at 13:23:53.37 on Wed 06/02/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1526.641 [GMT -5:00]


============== Running Processes ===============

C:WINDOWSsystem32svchost -k DcomLaunch
svchost.exe
C:WINDOWSSystem32svchost.exe -k netsvcs
svchost.exe
C:Program FilesAVGAVG9avgchsvx.exe
C:Program FilesAVGAVG9avgrsx.exe
svchost.exe
C:Program FilesAVGAVG9avgcsrvx.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32taskswitch.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:WINDOWSRTHDCPL.EXE
svchost.exe
C:Program FilesJavajre6binjusched.exe
C:PROGRA~1AVGAVG9avgtray.exe
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:Program FilesACTAct for WindowsAct.Outlook.Service.exe
C:Program FilesiTunesiTunesHelper.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesACTAct for WindowsAct.Scheduler.exe
C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
C:Program FilesAVGAVG9avgwdsvc.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesJavajre6binjqs.exe
C:Program FilesAVGAVG9avgnsx.exe
C:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLBinnsqlservr.exe
C:DOCUME~1OwnerLOCALS~1TempRtkBtMnt.exe
C:Program FilesSprintPantechSprint Mobile Broadband (Pantech)PWIUtilityService.exe
C:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe
C:Program FilesMicrosoft SQL Server90Sharedsqlwriter.exe
C:Program FilesUPHCleanuphclean.exe
C:Program FilesAVGAVG9avgemc.exe
C:Program FilesAVGAVG9avgcsrvx.exe
C:Program FilesiPodbiniPodService.exe
C:WINDOWSsystem32wuauclt.exe
C:Program FilesSprintPantechSprint Mobile Broadband (Pantech)CMPWI.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Documents and SettingsOwnerDesktopdds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:program filesavgavg9toolbarIEToolbar.dll
mWinlogon: SfcDisable=-99 (0xffffff9d)
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:program filescommon filesadobeacrobatactivexAcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:program filesavgavg9avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:program filesmicrosoft officeoffice12GrooveShellExtensions.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:program filesavgavg9toolbarIEToolbar.dll
BHO: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile: {d5233fcd-d258-4903-89b8-fb1568e7413d} - mscoree.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:program filesjavajre6binjp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:program filesjavajre6libdeployjqsiejqs_plugin.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:program filesavgavg9toolbarIEToolbar.dll
uRun: [ctfmon.exe] c:windowssystem32ctfmon.exe
mRun: [IMJPMIG8.1] "c:windowsimeimjp8_1IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [CoolSwitch] c:windowssystem32taskswitch.exe
mRun: [SynTPEnh] c:program filessynapticssyntpSynTPEnh.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SkyTel] SkyTel.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [AzMixerSel] c:program filesrealtekinstallshieldAzMixerSel.exe
mRun: [SunJavaUpdateSched] "c:program filesjavajre6binjusched.exe"
mRun: [AVG9_TRAY] c:progra~1avgavg9avgtray.exe
mRun: [GrooveMonitor] "c:program filesmicrosoft officeoffice12GrooveMonitor.exe"
mRun: [Act.Outlook.Service] "c:program filesactact for windowsAct.Outlook.Service.exe"
mRun: [iTunesHelper] "c:program filesitunesiTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:program filesadobereader 9.0readerReader_sl.exe"
dRun: [CTFMON.EXE] c:windowssystem32CTFMON.EXE
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
mPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-explorer: MaxRecentDocs = 18 (0x12)
mPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
mPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)
mPolicies-explorer: MemCheckBoxInRunDlg = 1 (0x1)
mPolicies-system: EnableLUA = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:windowssystem32GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:progra~1micros~2office12EXCEL.EXE/3000
IE: Google Sidewiki... - c:program filesgooglegoogle toolbarcomponentGoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:progra~1micros~2office12ONBttnIE.dll
IE: {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:progra~1micros~2office12REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: {07156228-6ABC-4291-ACA3-E1CDD00EF16E} = 68.28.154.92 68.28.146.92
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:program filesavgavg9toolbarIEToolbar.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:program filesmicrosoft officeoffice12GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:program filesavgavg9avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:windowssystem32WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:program filesmicrosoft officeoffice12GrooveShellExtensions.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:windowssystem32driversavgldx86.sys [2010-3-23 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:windowssystem32driversavgmfx86.sys [2010-3-23 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:windowssystem32driversavgtdix.sys [2010-3-23 242896]
R2 ACT! Scheduler;ACT! Scheduler;c:program filesactact for windowsAct.Scheduler.exe [2009-2-24 81920]
R2 avg9emc;AVG Free E-mail Scanner;c:program filesavgavg9avgemc.exe [2010-3-23 916760]
R2 avg9wd;AVG Free WatchDog;c:program filesavgavg9avgwdsvc.exe [2010-3-23 308064]
R2 MSSQL$ACT7;SQL Server (ACT7);c:program filesmicrosoft sql servermssql.1mssqlbinnsqlservr.exe [2009-5-27 29262680]
S2 gupdate;Google Update Service (gupdate);c:program filesgoogleupdateGoogleUpdate.exe [2010-5-13 135664]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:program filesavgavg9toolbarToolbarBroker.exe [2010-5-27 430152]

=============== Created Last 30 ================

2010-06-02 17:54:39 0 ----a-w- c:documents and settingsownerdefogger_reenable
2010-06-01 19:24:07 1032 ----a-w- c:windowssystem32driverskgpcpy.cfg
2010-06-01 19:19:32 262144 ----a-w- c:windowssystem32default_user_class.dat
2010-06-01 19:17:45 16384 ---ha-w- C:SZKGFS.dat
2010-06-01 19:15:26 0 d-----w- c:docume~1alluse~1applic~1SITEguard
2010-06-01 19:14:15 0 d-----w- c:program filescommon filesiS3
2010-06-01 19:14:15 0 d-----w- c:docume~1alluse~1applic~1STOPzilla!
2010-06-01 18:14:39 0 d-----w- c:program filesewido anti-malware
2010-06-01 12:15:58 0 d-----w- c:docume~1ownerapplic~1AVG9
2010-05-27 16:54:10 0 d-----w- c:docume~1alluse~1applic~1AVG Security Toolbar
2010-05-27 13:26:18 401720 ----a-w- c:program filesHijackThis.exe
2010-05-14 20:38:56 0 d-----w- c:program filesDyno2003
2010-05-14 20:38:22 0 d-----w- c:program filesDrag2003
2010-05-14 20:36:36 0 d-----w- c:program filesNew Folder
2010-05-14 19:09:10 0 d-----w- c:windowssystem32appmgmt
2010-05-14 14:33:15 0 d-----w- c:docume~1alluse~1applic~1Alwil Software
2010-05-14 13:18:57 38224 ----a-w- c:windowssystem32driversmbamswissarmy.sys
2010-05-14 13:18:55 20952 ----a-w- c:windowssystem32driversmbam.sys
2010-05-14 13:18:55 0 d-----w- c:program filesMalwarebytes' Anti-Malware
2010-05-12 22:16:24 175 ----a-w- c:windowssystem32MRT.INI
2010-05-12 13:06:35 691712 ------w- c:windowssystem32dllcacheinetcomm.dll
2010-05-12 13:06:34 1315328 ------w- c:windowssystem32dllcachemsoe.dll
2010-05-10 16:41:53 0 d-----w- c:docume~1ownerapplic~1Malwarebytes
2010-05-10 16:36:57 0 d-----w- c:docume~1alluse~1applic~1Malwarebytes

==================== Find3M ====================

2010-06-02 18:07:15 952 --sha-w- c:docume~1alluse~1applic~1KGyGaAvL.sys
2010-06-01 12:22:06 242896 ----a-w- c:windowssystem32driversavgtdix.sys
2010-05-27 13:27:17 9582 ----a-w- c:program fileshijackthis.log
2010-03-29 14:26:58 88 --sh--r- c:docume~1alluse~1applic~1DFE3219D07.sys
2010-03-29 13:13:58 36352 ----a-w- c:windowssystem32pxfhwmcp.dll
2010-03-24 02:30:56 12464 ----a-w- c:windowssystem32avgrsstx.dll
2010-03-24 01:36:17 21640 ----a-w- c:windowssystem32emptyregdb.dat
2010-03-22 18:38:00 3600384 ----a-w- c:windowssystem32GPhotos.scr
2010-03-10 06:15:52 420352 ----a-w- c:windowssystem32vbscript.dll
2010-03-10 06:15:52 420352 ------w- c:windowssystem32dllcachevbscript.dll

============= FINISH: 13:25:07.37 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: DeviceHarddiskVolume1
Install Date: 3/23/2010 8:40:13 PM
System Uptime: 6/2/2010 1:03:55 PM (0 hours ago)

Motherboard: Acer, Inc. | | Prespa1
Processor: Intel® Celeron® M CPU 420 @ 1.60GHz | U2E1 | 1600/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 75 GiB total, 58.543 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Modem Device on High Definition Audio Bus
Device ID: HDAUDIOFUNC_02&VEN_11C1&DEV_3026&SUBSYS_10250110&REV_10074&37C55033&0&0101
Manufacturer:
Name: Modem Device on High Definition Audio Bus
PNP Device ID: HDAUDIOFUNC_02&VEN_11C1&DEV_3026&SUBSYS_10250110&REV_10074&37C55033&0&0101
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Mass Storage Controller
Device ID: PCIVEN_104C&DEV_803B&SUBSYS_01101025&REV_004&6B16D5B&0&4AF0
Manufacturer:
Name: Mass Storage Controller
PNP Device ID: PCIVEN_104C&DEV_803B&SUBSYS_01101025&REV_004&6B16D5B&0&4AF0
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM Bus Controller
Device ID: PCIVEN_8086&DEV_27DA&SUBSYS_01101025&REV_023&B1BFB68&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCIVEN_8086&DEV_27DA&SUBSYS_01101025&REV_023&B1BFB68&0&FB
Service:

==== System Restore Points ===================

RP1: 3/23/2010 8:42:12 PM - System Checkpoint
RP2: 3/23/2010 8:45:16 PM - Installed Windows KB954550-v5.
RP3: 3/23/2010 8:45:21 PM - Printer Driver Microsoft XPS Document Writer Installed
RP4: 3/23/2010 8:48:57 PM - Installed Java™ 6 Update 13
RP5: 3/23/2010 8:49:22 PM - Installed User Profile Hive Cleanup Service
RP6: 3/23/2010 8:49:30 PM - Installed Alt-Tab Task Switcher Powertoy for Windows XP
RP7: 3/23/2010 8:49:42 PM - Installed Microsoft AppLocale

==== Installed Programs ======================

7-Zip 4.65
ACT! by Sage Premium 2009 (11.0)
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.1
Alt-Tab Task Switcher Powertoy for Windows XP
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG Free 9.0
BitTorrent
Bonjour
Drag2003 v4.05
Dyno2003 v4.05
Foxit Reader
GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)
Google Earth
Google Update Helper
HashCheck Shell Extension (x86-32)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB979306)
Intel® Graphics Media Accelerator Driver
iTunes
Java™ 6 Update 17
K-Lite Mega Codec Pack 4.7.5
Malwarebytes' Anti-Malware
MediaLooks QuickTime Source 1.7.0.6 (DirectShow Filter)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 1.1 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft AppLocale
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (ACT7)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Windows Application Compatibility Database
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
MSXML 6.0 Parser
Open Command Prompt Shell Extension (x86-32)
PANTECH PC Card Software
Picasa 3
QuickTime
QuickTime Alternative 2.8.0
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB978380)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB978382)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB980470)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB969604)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980232)
Sprint Mobile Broadband (Pantech)
Synaptics Pointing Device Driver
Unlocker 1.8.7
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB981715)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Outlook 2007 Junk Email Filter (kb981726)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB955759)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
User Profile Hive Cleanup Service
WebFldrs XP
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Rights Management Client Backwards Compatibility SP2
Windows Rights Management Client with Service Pack 2
WinRAR archiver

==== Event Viewer Messages From Past Week ========

6/1/2010 7:15:23 AM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
6/1/2010 3:12:28 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the szserver service.
5/26/2010 12:35:57 PM, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.

==== End Of File ===========================

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-06-02 14:33:44
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:DOCUME~1OwnerLOCALS~1Tempfgrcypog.sys


---- System - GMER 1.0.15 ----

SSDT ??C:WINDOWSsystem32Driversuphcleanhlp.sys ZwUnloadKey [0xA84D46D0]

---- Kernel code sections - GMER 1.0.15 ----

.rsrc C:WINDOWSsystem32DRIVERSkbdclass.sys entry point in ".rsrc" section [0xBABE4E14]
? C:WINDOWSsystem32Driversuphcleanhlp.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:Program FilesInternet ExplorerIEXPLORE.EXE[228] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00A4000A
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[228] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00D6000A
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[228] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00A3000C
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[228] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[228] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDAC4 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[228] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E473F C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[228] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4671 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[228] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E46DC C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[228] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4542 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[228] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E45A4 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[228] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E47A2 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[228] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4606 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[264] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00A4000A
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[264] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00D6000A
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[264] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00A3000C
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[264] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[264] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9A75 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[264] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD101 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[264] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDAC4 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[264] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25466E C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[264] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E473F C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[264] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4671 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[264] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E46DC C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[264] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4542 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[264] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E45A4 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[264] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E47A2 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[264] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4606 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[264] ole32.dll!CoCreateInstance 774FF1C4 5 Bytes JMP 3E2EDB20 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[264] ole32.dll!OleLoadFromStream 775297FD 5 Bytes JMP 3E3E4AA7 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[268] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00A4000A
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[268] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00D6000A
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[268] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00A3000C
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[268] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[268] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDAC4 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[268] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E473F C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[268] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4671 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[268] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E46DC C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[268] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4542 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[268] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E45A4 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[268] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E47A2 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[268] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4606 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:WINDOWSsystem32wuauclt.exe[540] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00BB000A
.text C:WINDOWSsystem32wuauclt.exe[540] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00BC000A
.text C:WINDOWSsystem32wuauclt.exe[540] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00BA000C
.text C:WINDOWSSystem32svchost.exe[1024] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 006E000A
.text C:WINDOWSSystem32svchost.exe[1024] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 006F000A
.text C:WINDOWSSystem32svchost.exe[1024] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 006D000C
.text C:WINDOWSSystem32svchost.exe[1024] USER32.dll!GetCursorPos 7E42974E 5 Bytes JMP 0068000A
.text C:WINDOWSSystem32svchost.exe[1024] ole32.dll!CoCreateInstance 774FF1C4 5 Bytes JMP 00D4000A
.text C:WINDOWSExplorer.EXE[1144] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00B8000A
.text C:WINDOWSExplorer.EXE[1144] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00BE000A
.text C:WINDOWSExplorer.EXE[1144] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00B7000C
.text C:WINDOWSExplorer.EXE[2036] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00B8000A
.text C:WINDOWSExplorer.EXE[2036] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00BE000A
.text C:WINDOWSExplorer.EXE[2036] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00B7000C
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[2108] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00A4000A
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[2108] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00D6000A
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[2108] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00A3000C
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[2108] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[2108] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9A75 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[2108] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD101 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[2108] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDAC4 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[2108] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25466E C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[2108] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E473F C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[2108] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4671 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[2108] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E46DC C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[2108] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4542 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[2108] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E45A4 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[2108] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E47A2 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[2108] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4606 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[2108] ole32.dll!CoCreateInstance 774FF1C4 5 Bytes JMP 3E2EDB20 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[2108] ole32.dll!OleLoadFromStream 775297FD 5 Bytes JMP 3E3E4AA7 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesMicrosoft SQL Server90Sharedsqlbrowser.exe[2776] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 0098000A
.text C:Program FilesMicrosoft SQL Server90Sharedsqlbrowser.exe[2776] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 0099000A
.text C:Program FilesMicrosoft SQL Server90Sharedsqlbrowser.exe[2776] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 0097000C
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[3584] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00A4000A
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[3584] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00D6000A
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[3584] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00A3000C
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[3584] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[3584] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9A75 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[3584] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD101 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[3584] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDAC4 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[3584] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E25466E C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[3584] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E473F C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[3584] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4671 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[3584] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E46DC C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[3584] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4542 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[3584] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E45A4 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[3584] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E47A2 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[3584] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4606 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[3584] ole32.dll!CoCreateInstance 774FF1C4 5 Bytes JMP 3E2EDB20 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:Program FilesInternet ExplorerIEXPLORE.EXE[3584] ole32.dll!OleLoadFromStream 775297FD 5 Bytes JMP 3E3E4AA7 C:WINDOWSsystem32IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice DriverTcpip DeviceIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice DriverKbdclass DeviceKeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice DriverKbdclass DeviceKeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice DriverTcpip DeviceTcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice DriverTcpip DeviceUdp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice DriverTcpip DeviceRawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device -> Driveratapi DeviceHarddisk0DR0 898CFEE4

---- Files - GMER 1.0.15 ----

File C:WINDOWSsystem32DRIVERSkbdclass.sys suspicious modification
File C:WINDOWSsystem32driversatapi.sys suspicious modification

---- EOF - GMER 1.0.15 ----

Merged 4 posts. ~ OB

Edited by Orange Blossom, 02 June 2010 - 08:34 PM.
Move to log forum. ~ OB


BC AdBot (Login to Remove)

 


#2 derider

derider
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:43 AM

Posted 03 June 2010 - 07:25 AM

Please help if you can.



#3 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,688 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:11:43 AM

Posted 05 June 2010 - 08:13 PM

Hi derider,

Welcome to BC Virus/Trojan/Spyware/Malware Removal (VTSMR) forum and apologies for the delay.

Please update me on the current condition of your computer if the issue is not resolved.

#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,688 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:11:43 AM

Posted 11 June 2010 - 12:54 PM

This thread will now be closed due to lack of activity.

If you should have a new issue, please start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users