Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

auto scrolling windows and lists. Notepad autostarts


  • This topic is locked This topic is locked
2 replies to this topic

#1 David_1

David_1

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:19 PM

Posted 10 December 2010 - 04:57 PM

For school my wife had to download and open Word, Excel and PDF documents from a school website and co-students and research topics on the web. Even though I have Norton Internet Security 2011 installed on this computer, about a month into the term, Word documents began to autoscroll while she was reading her book in front of the computer (without touching the mouse or keyboard). Focus would auto switch between 2 open Word docs without touching the mouse or keyboard. Once she left the computer running and when she came back there were 7 open notepad documents that were blank but when she went to close them it said there was a large amount of info in the clipboard. Unfortunately she didn't know to paste and save the clipboard to see what the contents were. In preparing this posting and trying to read the .txt log files, Notepad kept autoscrolling to the right so I could not read the contents of the file. And when I grab the scroll bar and force it back to the left Notepad would rip it back to the right before I could read anything! Also when trying to work in any dialog window like a "Save As" window, if the mouse passed over any pull-down list (file type, etc.), it would autoscroll and select each option from top to bottom until it stopped on the last item in the list. It was like the mouse was auto-clicking on every entry in the list. While trying to perform a backup using Acronis, the Save As dialog window has a list with things that can be appended onto the file name and when I hovered over this list without ever clicking on it, the list visually autoscrolled through every option and as it displayed the option in the list field it added the option into the filename field. Here is what it added "@time@@user@@machine@@task@@exec@". Once it did that I could never select any item in the list because it would automatically scroll back down to the bottom of the list again! Your help would be GREATLY APPRECIATED!!

DDS (Ver_10-12-05.01) - NTFSx86
Run by Darlene at 15:22:32.71 on Fri 12/10/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.3318.1986 [GMT -5:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\Security\Current\Framework\WRConsumerService.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\STacSV.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\aestsrv.exe
C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\STMicroelectronics\AccelerometerP11\InstallFilterService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Webroot\Security\current\plugins\antimalware\AEI.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Webroot\Security\current\plugins\antimalware\SSU.EXE
C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\mswinext.exe
C:\Program Files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Webroot\Security\Current\Framework\WRTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\David\BleepingComputer\dds.scr
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\18.1.0.37\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\18.1.0.37\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\mif5ba~1\office14\URLREDIR.DLL
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\6.3.2348.0\npwinext.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\18.1.0.37\coIEPlg.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: @c:\program files\msn toolbar\platform\6.3.2348.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\6.3.2348.0\npwinext.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
mRun: [Apoint] "c:\program files\delltpad\Apoint.exe"
mRun: [SysTrayApp] "c:\program files\idt\wdm\sttray.exe"
mRun: [nwiz] "nwiz.exe" /installquiet
mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NVHotkey] "rundll32.exe" c:\windows\system32\nvHotkey.dll,Start
mRun: [IAStorIcon] "c:\program files\intel\intel® rapid storage technology\IAStorIcon.exe"
mRun: [DellControlPoint] "c:\program files\dell\dell controlpoint\Dell.ControlPoint.exe"
mRun: [WavXMgr] "c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe"
mRun: [USCService] "c:\program files\dell\dell controlpoint\security manager\BcmDeviceAndTaskStatusService.exe"
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [Dell Webcam Central] "c:\program files\dell webcam\dell webcam central\WebcamDell2.exe" /mode2
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [<NO NAME>]
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"
mRun: [hpqSRMon] "c:\program files\hp\digital imaging\bin\hpqSRMon.exe"
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [MyGarminAgent] "c:\program files\garmin\mygarminagent\MyGarminAgent.exe"
mRun: [Bing Bar] "c:\program files\msn toolbar\platform\6.3.2348.0\mswinext.exe"
mRun: [SAOB Monitor] "c:\program files\acronis\onlinebackupstandalone\TrueImageMonitor.exe"
mRun: [TrueImageMonitor.exe] "c:\program files\acronis\trueimagehome\TrueImageMonitor.exe"
mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe"
mRun: [WebrootTrayApp] "c:\program files\webroot\security\current\framework\WRTray.exe"
StartupFolder: c:\users\darlene\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\tdmnot~1.lnk - c:\program files\wave systems corp\trusted drive manager\TdmNotify.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: gsu.edu\grad.robinson
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
LSA: Authentication Packages = msv1_0 wvauth

============= SERVICES / DRIVERS ===============

R0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\drivers\stdfltn.sys [2010-8-7 17072]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1201000.025\SymDS.sys [2010-9-2 339504]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1201000.025\SymEFA.sys [2010-9-2 666672]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\drivers\tdrpm273.sys [2010-11-12 752128]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\bashdefs\20101123.003\BHDrvx86.sys [2010-11-22 691248]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\ipsdefs\20101208.002\IDSvix86.sys [2010-12-9 353912]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1201000.025\Ironx86.sys [2010-9-2 134704]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\nis\1201000.025\symnets.sys [2010-9-2 294448]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\AEstSrv.exe [2010-8-7 81920]
R2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\common files\acronis\cdp\afcdpsrv.exe [2010-11-18 3975088]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostControlService.exe [2010-3-24 812448]
R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostStorageService.exe [2010-3-24 27040]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\intel\intel® rapid storage technology\IAStorDataMgrSvc.exe [2010-8-7 13336]
R2 InstallFilterService;FF Install Filter Service;c:\program files\stmicroelectronics\accelerometerp11\InstallFilterService.exe [2010-8-7 60928]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\18.1.0.37\ccSvcHst.exe [2010-9-2 126904]
R2 risdpcie;risdpcie;c:\windows\system32\drivers\risdpe86.sys [2010-8-7 59904]
R2 ssfmonm;ssfmonm;c:\windows\system32\drivers\ssfmonm.sys [2010-12-3 45072]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine;c:\program files\webroot\security\current\plugins\antimalware\AEI.exe [2010-12-3 3889232]
R2 WRConsumerService;Webroot Client Service;c:\program files\webroot\security\current\framework\WRConsumerService.exe [2010-12-3 3181888]
R3 Acceler;Accelerometer Service;c:\windows\system32\drivers\Accelern.sys [2010-8-7 42672]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [2010-11-18 163232]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-8-7 274472]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-8-7 33320]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [2010-8-7 144576]
R3 cvusbdrv;Dell ControlVault;c:\windows\system32\drivers\cvusbdrv.sys [2010-8-7 33832]
R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k6232.sys [2010-8-7 214696]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-8-14 102448]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-8-7 125696]
R3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2009-9-15 6114816]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-8-7 68200]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\drivers\CtAudDrv.sys [2010-8-7 134144]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 rimspci;rimspci;c:\windows\system32\drivers\rimspe86.sys [2010-8-7 48640]
S3 rixdpcie;rixdpcie;c:\windows\system32\drivers\rixdpe86.sys [2010-8-7 38912]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-14 1343400]

=============== Created Last 30 ================

2010-12-04 02:41:28 45072 ----a-w- c:\windows\system32\drivers\ssfmonm.sys
2010-12-04 02:41:28 24496 ----a-w- c:\windows\system32\drivers\sshrmd.sys
2010-12-04 02:41:28 182056 ----a-w- c:\windows\system32\drivers\ssidrv.sys
2010-12-04 02:37:54 -------- dc-h--w- c:\progra~2\{72C0EA6E-A584-4163-B09A-8DED0FDE3BF4}
2010-12-04 02:37:21 -------- d-----w- c:\program files\Webroot
2010-12-04 02:15:45 -------- d-----w- c:\progra~2\Webroot
2010-12-04 01:02:50 -------- d-----w- c:\users\darlene\appdata\local\PackageAware
2010-11-24 14:08:24 7680 ----a-w- c:\program files\internet explorer\iecompat.dll
2010-11-18 23:59:37 163232 ----a-w- c:\windows\system32\drivers\afcdp.sys
2010-11-18 23:59:32 600928 ----a-w- c:\windows\system32\drivers\timntr.sys
2010-11-12 06:57:45 752128 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2010-11-12 06:57:36 170464 ----a-w- c:\windows\system32\drivers\snapman.sys
2010-11-12 03:52:15 -------- d-----w- c:\program files\Western Digital
2010-11-12 03:35:16 -------- d-----w- C:\Logs
2010-11-12 03:34:35 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-11-12 03:34:35 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2010-11-12 03:34:13 -------- d-----w- c:\windows\system32\drivers\nbrtwizard\0301000.00B
2010-11-12 03:34:13 -------- d-----w- c:\windows\system32\drivers\NBRTWizard
2010-11-12 03:34:12 -------- d-----w- c:\program files\Norton Bootable Recovery Tool Wizard

==================== Find3M ====================

2010-09-23 04:47:28 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-09-23 04:32:56 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-21 18:03:14 208768 ----a-w- c:\windows\system32\LIVESSP.DLL
2010-09-15 08:50:37 472808 ----a-w- c:\windows\system32\deployJava1.dll

============= FINISH: 15:32:10.44 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:19 AM

Posted 19 December 2010 - 04:42 AM

Hello and welcome to Bleeping Computer :welcome:

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log




Elle
Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#3 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:19 PM

Posted 27 December 2010 - 04:37 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users