Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

spoolsv.exe running amuck 100% cpu


  • This topic is locked This topic is locked
2 replies to this topic

#1 File13

File13

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:32 PM

Posted 31 January 2011 - 11:32 AM

This is a Dell Latitude D810 laptop. I upgraded it to XP Pro service pack 3 from service pack 2. Now all of a sudden, the
CPU utilization went up to 100% and is just running amuck.

I tracked it down to spoolsv.exe.

I disabled the Windows Print Spooler Service and the problem went away.

I looked in c:\windows\system32\spool\printers to verify that there wasn't a bunch of files waiting to be printed.

I then looked into the system32 folder and found 2 copies of the spoolsv.exe file. Tried to remove the broken one and it was immediately replaced without intervention.

I then scanned the laptop with Adaware, S&D, McAfee w/antispyware, and AVI. None of them found the virus.

I then downloaded Combofix.
Please help.
Jim D,


DDS.txt log follows.
------------------------------------------

DDS (Ver_10-12-12.02) - NTFSx86
Run by lfroom at 14:49:02.04 on Fri 01/28/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.395 [GMT -5:00]

AV: McAfee VirusScan Enterprise *Disabled/Updated* {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Apoint\HidFind.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\lfroom\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.aopa.org/
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Connection Wizard,ShellNext = hxxp://mymc.montgomerycollege.edu/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Secure Online Account Numbers Helper: {435eaa86-d32b-484f-869c-53745fcb1642} - c:\program files\discover\soan\DiscoverSOANHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: WsftpBrowserHelper Class: {601ed020-fb6c-11d3-87d8-0050da59922b} - c:\program files\ipswitch\ws_ftp home\wsbho2k0.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\scriptsn.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
TB: Secure Online Account Numbers: {a8c7c2ca-6dfd-4e16-8458-592361564d38} - c:\program files\discover\soan\DiscoverSOANToolbar.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\udaterui.exe" /StartedFromRunKey
mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
uPolicies-explorer: NoSMHelp = 1 (0x1)
uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
mPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
dPolicies-explorer: NoSMHelp = 1 (0x1)
dPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: Web-Based Email Tools - hxxp://email.secureserver.net/Download.CAB
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} - hxxp://web1.shutterfly.com/downloads/Uploader.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\lfroom\applic~1\mozilla\firefox\profiles\mz01zme8.default\
FF - prefs.js: browser.startup.homepage - hxxp://mymc.montgomerycollege.edu/
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\program files\mozilla firefox\components\Scriptff.dll

============= SERVICES / DRIVERS ===============

P2 McShield;McAfee McShield;c:\program files\mcafee\virusscan enterprise\Mcshield.exe [2008-9-29 143088]
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-1-25 340592]
R2 McAfeeEngineService;McAfee Engine Service;c:\program files\mcafee\virusscan enterprise\EngineServer.exe [2008-9-29 19456]
R2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2008-3-14 103744]
R2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\VsTskMgr.exe [2008-9-29 62800]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-1-25 67904]
R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [2006-8-8 87936]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-1-25 90360]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-1-25 42424]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-27 135664]
S2 JEPPDRIVE;Smart Modular JeppDrive USB Driver;c:\windows\system32\drivers\jeppd.sys --> c:\windows\system32\drivers\JeppD.sys [?]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-1-25 64432]
S3 NWUSBCDFIL;Novatel Wireless Installation CD;c:\windows\system32\drivers\NwUsbCdFil.sys [2008-7-7 20480]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2008-5-9 174336]
S3 RDID1057;EDIROL UA-1EX;c:\windows\system32\drivers\Rdwm1057.sys [2008-5-16 140930]
S3 SaiH0BAC;SaiH0BAC;c:\windows\system32\drivers\SaiH0BAC.sys [2011-1-3 135168]

=============== Created Last 30 ================

2011-01-28 19:08:47 -------- d-sha-r- C:\cmdcons
2011-01-28 19:03:08 98816 ----a-w- c:\windows\sed.exe
2011-01-28 19:03:08 89088 ----a-w- c:\windows\MBR.exe
2011-01-28 19:03:08 256512 ----a-w- c:\windows\PEV.exe
2011-01-28 19:03:08 161792 ----a-w- c:\windows\SWREG.exe
2011-01-25 20:24:44 -------- d-----w- c:\docume~1\lfroom\applic~1\AVG10
2011-01-25 20:22:19 -------- d--h--w- c:\docume~1\alluse~1\applic~1\Common Files
2011-01-25 20:19:33 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVG10
2011-01-25 20:18:37 -------- d-----w- c:\program files\AVG.old
2011-01-25 20:16:06 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData
2011-01-25 14:26:41 22576 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll
2011-01-25 14:26:40 64432 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2011-01-25 14:26:40 42424 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2011-01-25 14:26:39 74648 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2011-01-25 14:26:38 90360 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-01-25 14:26:38 62704 ----a-w- c:\windows\system32\drivers\mfetdik.sys
2011-01-25 14:26:37 67904 ----a-w- c:\windows\system32\mfevtps.exe
2011-01-25 14:26:37 340592 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2011-01-25 14:24:56 -------- d-----w- c:\program files\McAfee
2011-01-25 14:24:56 -------- d-----w- c:\program files\common files\McAfee
2011-01-25 08:23:40 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2011-01-25 08:23:40 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-01-25 08:23:28 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-01-25 08:22:02 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-01-25 08:20:09 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-01-24 14:52:00 -------- d-----w- c:\windows\system32\bits
2011-01-24 14:29:33 0 ----atw- c:\windows\006930_.tmp
2011-01-24 03:02:02 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-01-24 03:02:02 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2011-01-24 02:22:00 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-01-24 02:11:27 -------- d-----w- c:\docume~1\lfroom\locals~1\applic~1\Sunbelt Software
2011-01-24 01:07:17 -------- d-sh--w- c:\documents and settings\lfroom\IECompatCache
2011-01-24 01:03:17 -------- d-sh--w- c:\documents and settings\lfroom\PrivacIE
2011-01-23 14:38:14 -------- d-sh--w- c:\documents and settings\lfroom\IETldCache
2011-01-23 14:34:54 -------- d-----w- c:\windows\ie8updates
2011-01-23 14:33:41 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-01-23 14:33:38 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-01-23 14:33:37 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-01-23 14:31:21 -------- dc-h--w- c:\windows\ie8
2011-01-22 19:09:50 75776 -c----w- c:\windows\system32\dllcache\strmfilt.dll
2011-01-22 19:09:47 25088 -c----w- c:\windows\system32\dllcache\httpapi.dll
2011-01-22 19:09:44 265728 -c----w- c:\windows\system32\dllcache\http.sys
2011-01-22 18:57:49 -------- d-----w- C:\0d42ea71178d5cb09dc4f20ff1ae
2011-01-22 04:37:05 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2011-01-21 23:27:57 30208 ------w- c:\windows\system32\napipsec.dll
2011-01-21 23:26:59 81920 ------w- c:\windows\system32\ieencode.dll
2011-01-21 22:21:00 80896 -c----w- c:\windows\system32\dllcache\tlntsess.exe
2011-01-21 22:20:59 76288 -c----w- c:\windows\system32\dllcache\telnet.exe
2011-01-21 22:20:54 79872 -c----w- c:\windows\system32\dllcache\raschap.dll
2011-01-21 22:20:54 149504 -c----w- c:\windows\system32\dllcache\rastls.dll
2011-01-21 22:20:49 1435648 -c----w- c:\windows\system32\dllcache\query.dll
2011-01-21 22:20:36 33280 -c----w- c:\windows\system32\dllcache\csrsrv.dll
2011-01-21 22:20:32 474112 -c----w- c:\windows\system32\dllcache\shlwapi.dll
2011-01-21 22:20:26 132096 -c----w- c:\windows\system32\dllcache\wkssvc.dll
2011-01-21 22:20:21 100864 -c----w- c:\windows\system32\dllcache\6to4svc.dll
2011-01-21 22:20:06 345600 -c----w- c:\windows\system32\dllcache\localspl.dll
2011-01-21 22:20:01 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll
2011-01-21 22:19:51 58880 -c----w- c:\windows\system32\dllcache\msasn1.dll
2011-01-21 22:19:26 270336 -c----w- c:\windows\system32\dllcache\oakley.dll
2011-01-21 22:19:22 8704 -c----w- c:\windows\system32\dllcache\tsbyuv.dll
2011-01-21 22:19:22 84992 -c----w- c:\windows\system32\dllcache\avifil32.dll
2011-01-21 22:19:22 11264 -c----w- c:\windows\system32\dllcache\msrle32.dll
2011-01-21 22:19:21 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll
2011-01-21 22:19:12 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2011-01-21 22:19:09 65536 -c----w- c:\windows\system32\dllcache\asycfilt.dll
2011-01-21 22:17:13 343040 -c----w- c:\windows\system32\dllcache\mspaint.exe
2011-01-21 22:16:27 204800 -c----w- c:\windows\system32\dllcache\mswebdvd.dll
2011-01-21 22:16:08 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-01-21 22:13:53 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2011-01-21 22:12:31 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2011-01-21 22:12:31 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2011-01-21 22:04:29 92928 -c----w- c:\windows\system32\dllcache\ksecdd.sys
2011-01-21 22:04:29 54272 -c----w- c:\windows\system32\dllcache\wdigest.dll
2011-01-21 22:04:29 136192 -c----w- c:\windows\system32\dllcache\msv1_0.dll
2011-01-21 22:04:28 301568 -c----w- c:\windows\system32\dllcache\kerberos.dll
2011-01-21 22:02:54 177664 -c----w- c:\windows\system32\dllcache\wintrust.dll
2011-01-21 22:01:52 86016 -c----w- c:\windows\system32\dllcache\cabview.dll
2011-01-21 20:52:43 -------- d-----w- c:\windows\system32\DRM
2011-01-21 19:35:25 -------- d-----w- c:\docume~1\lfroom\applic~1\Windows Search
2011-01-21 19:23:51 -------- d-----w- c:\docume~1\lfroom\locals~1\applic~1\Identities
2011-01-21 19:23:49 -------- d-----w- c:\docume~1\lfroom\applic~1\Windows Desktop Search
2011-01-21 19:23:11 -------- d-----w- c:\program files\Windows Desktop Search
2011-01-21 19:10:27 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2011-01-21 18:41:56 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
2011-01-21 18:41:56 32656 ----a-w- c:\windows\system32\msonpmon.dll
2011-01-21 18:32:43 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-01-21 18:31:30 -------- d-----w- c:\docume~1\lfroom\locals~1\applic~1\Microsoft Help
2011-01-14 01:56:38 -------- d-----w- c:\program files\iPod
2011-01-14 01:56:26 -------- d-----w- c:\program files\iTunes
2011-01-03 23:17:22 -------- d-----w- c:\docume~1\alluse~1\applic~1\Saitek
2011-01-03 23:14:06 8704 ----a-r- c:\windows\system32\SaiC0BAC_0C.dll
2011-01-03 23:14:06 839680 ----a-r- c:\windows\system32\SaiC0BAC.Dll
2011-01-03 23:14:06 8192 ----a-r- c:\windows\system32\SaiC0BAC_10.dll
2011-01-03 23:14:06 8192 ----a-r- c:\windows\system32\SaiC0BAC_0A.dll
2011-01-03 23:14:06 8192 ----a-r- c:\windows\system32\SaiC0BAC_07.dll
2011-01-03 23:14:06 7680 ----a-r- c:\windows\system32\SaiC0BAC_09.dll
2011-01-03 23:14:06 7168 ----a-r- c:\windows\system32\SaiC0BAC_0402.dll
2011-01-03 23:14:06 5632 ----a-r- c:\windows\system32\SaiC0BAC_11.dll
2011-01-03 23:14:06 135168 ----a-r- c:\windows\system32\drivers\SaiH0BAC.sys

==================== Find3M ====================

2010-11-29 22:38:30 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 22:38:30 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-24 17:34:26 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-11-24 17:34:26 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec

============= FINISH: 14:49:40.34 ===============

------------------------------------------

Attached Files



BC AdBot (Login to Remove)

 


#2 File13

File13
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:32 PM

Posted 03 February 2011 - 11:20 AM

Hi All,

I have found the problem. It was a corrupted printer driver/queue.

Once I deleted all the printer queues and deleted the printer drivers, the problem went away.

I downloaded new drivers from HP and created new print queues.

I do not know whether the files associated with the queues or drivers were infected or not. I ran 3 different virus and 4 different antispyware programs against the computer and none reported finding a virus, trojan, or spyware.

If the problem comes back, I guess that would indicate that it wasn't just corruption of the files. However, until or unless that happens, I'm guessing it wasn't infected.

I do appreciate any and every one who looked at these logs.
Jim D,

#3 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:32 PM

Posted 03 February 2011 - 04:29 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users