Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google re director


  • This topic is locked This topic is locked
2 replies to this topic

#1 mjw

mjw

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:24 PM

Posted 24 June 2010 - 06:23 AM

I cannot attach the Gmer log as when I run it I get a BSOD, crash and re-start. The windows error report said I had a hardware device driver conflict so I updated all drives in windows update and then ran Gmer again and same result.

DDS Log


DDS (Ver_10-03-17.01) - NTFSx86
Run by Administrator at 6:53:04.85 on Thu 06/24/2010
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_14
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2551.1781 [GMT -4:00]

AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\TeamViewer\Version5\TeamViewer.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcrobatInfo.exe
C:\Documents and Settings\Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.q1043.com/main.html
uInternet Settings,ProxyOverride = *.local
BHO: {ae7cd045-e861-484f-8273-0445ee161910} - Adobe PDF Conversion Toolbar Helper
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} -
EB: {182ec0be-5110-49c8-a062-beb1d02a220b} - Adobe PDF
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mExplorerRun: [RTHDBPL] c:\documents and settings\administrator\application data\systemproc\lsass.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
Trusted Zone: afternic.com\www
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: vzTCPConfig - hxxp://www2.verizon.net/help/dsl_settings/include/vzTCPConfig.CAB
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {2DAD3559-2923-4935-AD49-B673D2539944} - hxxps://www-307.ibm.com/pc/support/access/aslibmain/content/AcpIR.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.2.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1235785529570
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1187989686110
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\mq20opbo.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=en
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\mq20opbo.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\mq20opbo.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\winnt_x86-msvc\components\ipc.dll
FF - plugin: c:\progra~1\palmone\packag~1\NPInstal.dll
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\google\google updater\2.4.1970.7372\npCIDetect14.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Firefox security: No Registry Reference - c:\program files\mozilla firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 10);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-6-6 64288]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2009-2-28 164048]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-2-28 19024]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-11 40384]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2009-9-22 233472]
R2 io.sys;IO.DLL Driver;c:\windows\system32\drivers\io.sys [2010-6-22 5152]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-2-4 1352832]
R2 TeamViewer5;TeamViewer 5;c:\program files\teamviewer\version5\TeamViewer_Service.exe [2010-5-21 173352]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-11 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-11 40384]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2009-9-22 36608]
R3 Mach3;Mach3 Pulseing Service;c:\windows\system32\drivers\Mach3.sys [2007-5-9 108448]
S2 SUNLITE;SIUDI OUT;c:\windows\system32\drivers\siudi.sys [2009-3-7 17680]
S3 csaudio;USB2.0 Audio Device Driver;c:\windows\system32\drivers\csaud.sys [2009-10-18 11008]
S3 GAB20Scan;USB 2.0 Still Image;c:\windows\system32\drivers\GABscan.sys [2009-10-18 5604]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\google\google desktop search\GoogleDesktop.exe [2010-1-5 30192]
S3 LLUSBFLT;LLUSBFLT;c:\windows\system32\drivers\llusbflt.sys [2005-3-28 4736]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 PLUsbbc2;High-Speed USB Bridge Cable Driver;c:\windows\system32\drivers\usbbc2.sys [2005-3-28 8960]
S3 Siudi;Intelligent Usb Dmx Interface Driver;c:\windows\system32\drivers\siudi5.sys [2010-5-3 34304]
S4 DCamUSB20GAB;Digivue Grabber;c:\windows\system32\drivers\gmini20.sys --> c:\windows\system32\drivers\GMini20.sys [?]

=============== Created Last 30 ================

2010-06-24 01:06:27 0 d-----w- c:\docume~1\alluse~1\applic~1\McAfee Security Scan
2010-06-24 01:06:20 0 d-----w- c:\program files\McAfee Security Scan
2010-06-23 14:13:02 0 d-s---w- C:\ComboFix
2010-06-23 13:59:14 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2010-06-23 13:59:14 75264 ----a-w- c:\windows\system32\unacev2.dll
2010-06-23 13:59:14 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2010-06-23 13:59:14 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2010-06-23 13:59:14 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2010-06-23 13:59:12 0 d-----w- c:\program files\Trojan Remover
2010-06-23 13:59:12 0 d-----w- c:\docume~1\alluse~1\applic~1\Simply Super Software
2010-06-23 13:59:12 0 d-----w- c:\docume~1\admini~1\applic~1\Simply Super Software
2010-06-23 13:25:11 0 d-----w- c:\docume~1\admini~1\applic~1\SafeReturner
2010-06-23 13:25:06 0 d-----w- c:\program files\Safe Returner
2010-06-23 11:39:13 0 d-----w- c:\program files\Spyware Doctor
2010-06-23 11:39:13 0 d-----w- c:\program files\common files\PC Tools
2010-06-23 11:19:06 0 d-----w- c:\docume~1\alluse~1\applic~1\FrontLine Registry Cleaner
2010-06-23 11:19:00 0 d-----w- c:\program files\Frontline Registry Cleaner
2010-06-23 11:07:30 0 d-sha-r- C:\cmdcons
2010-06-23 11:04:45 98816 ----a-w- c:\windows\sed.exe
2010-06-23 11:04:45 77312 ----a-w- c:\windows\MBR.exe
2010-06-23 11:04:45 256512 ----a-w- c:\windows\PEV.exe
2010-06-23 11:04:45 161792 ----a-w- c:\windows\SWREG.exe
2010-06-23 02:55:11 171 ----a-w- c:\windows\parport.ini
2010-06-23 02:43:51 5152 ----a-w- c:\windows\system32\drivers\io.sys
2010-06-23 02:18:03 105 ----a-w- c:\windows\Mach3.INI
2010-06-23 02:03:23 2052 ----a-w- c:\windows\keygrab.tmp
2010-06-23 00:10:48 0 d-----w- c:\program files\Cut2D Trial
2010-06-22 14:26:42 0 d-sh--w- c:\docume~1\admini~1\applic~1\SystemProc
2010-06-21 20:43:16 0 d-----w- c:\program files\iPod
2010-06-21 20:43:10 0 d-----w- c:\program files\iTunes
2010-06-21 20:31:46 0 d-----w- c:\program files\Bonjour
2010-06-13 00:19:48 0 d-----w- c:\program files\TrueSwitch
2010-06-11 13:17:37 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2010-06-11 13:17:37 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2010-06-11 13:17:34 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2010-06-11 13:17:25 0 d-----w- c:\windows\Logs
2010-06-11 13:17:23 0 d-----w- c:\docume~1\alluse~1\applic~1\PassMark
2010-06-11 13:17:22 0 d-----w- c:\program files\PerformanceTest
2010-06-11 10:23:14 0 d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software
2010-06-10 23:38:55 0 d-----w- c:\docume~1\admini~1\applic~1\TeamViewer
2010-06-10 23:38:44 0 d-----w- c:\program files\TeamViewer
2010-06-09 13:02:59 0 d-----w- c:\program files\NeatReceipts
2010-06-09 13:02:59 0 d-----w- C:\NeatReceipts
2010-06-07 13:33:45 0 d-----w- c:\docume~1\alluse~1\applic~1\Chaos Software
2010-06-07 13:33:45 0 d-----w- c:\docume~1\admini~1\applic~1\Chaos Software
2010-06-07 13:33:25 0 d-----w- c:\program files\common files\Chaos Software
2010-06-07 13:33:25 0 d-----w- c:\program files\Chaos Software
2010-06-05 22:16:51 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2010-06-05 22:16:51 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2010-05-25 20:45:12 0 d-----w- c:\docume~1\admini~1\applic~1\Cogniview
2010-05-25 20:44:15 0 d-----w- c:\docume~1\alluse~1\applic~1\Cogniview
2010-05-25 20:44:06 0 d-----w- c:\program files\Cogniview

==================== Find3M ====================

2010-06-06 15:01:29 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-05-18 20:35:16 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 20:35:16 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-05-04 17:20:39 832512 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 17:20:34 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-05-04 17:20:32 17408 ------w- c:\windows\system32\corpol.dll
2010-05-02 05:22:50 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-28 15:03:04 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-04-20 05:30:08 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-20 00:47:44 3062048 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-04-14 00:08:49 202608 ---ha-w- c:\windows\system32\mlfcache.dat
2010-03-31 04:16:34 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-03-31 04:10:40 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2007-10-05 00:00:50 114688 ----a-w- c:\program files\common files\RxRasterServices_2.04_6.drx
2010-03-17 00:16:10 608 --sha-w- c:\windows\system32\winzvprt5.sys

============= FINISH: 6:53:37.79 ===============


Attached Files



BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:24 AM

Posted 29 June 2010 - 03:30 AM

Hi mjw,

Welcome to Malware Removal (VTSMR) forum. I am going to assist you with your problem.

Please refrain from making any changes to your system (scanning or running other tools, updating Windows, installing applications, removing files, etc.) from now on as it might interfere with our fixes. In case of making changes I shall assume my assistance is not needed any more.

If the issue is not resolved please update me on the current condition of your computer.

#3 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:24 AM

Posted 04 July 2010 - 05:54 AM

This thread will now be closed due to lack of activity.

If you should have a new issue, please start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users