Tech Support Forum banner
Status
Not open for further replies.

Problem running Google CHrome and Lavasoft Ad-Aware

2K views 2 replies 2 participants last post by  amateur 
#1 ·
Hi, my sis computer has problem running Google Chrome and Lavasoft Ad-Aware. I am not able to run GMER Rootkit Scanner. Below are the run from DDS.



DDS (Ver_10-12-12.02) - NTFSx86
Run by VAIO at 19:24:37.60 on 12/25/2010 Sat
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Professional 5.1.2600.3.936.86.1033.18.2046.98 [GMT 8:00]
AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\JWPEN.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\WINDOWS\system32\HWKeyPlus.exe
C:\WINDOWS\system32\HWTabTray.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\TP-LINK\TWCU\COMMON\RegistryWriter.exe
C:\Program Files\PPStream\ppsap.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Documents and Settings\VAIO\Local Settings\Application Data\Imation\IFM\Imation Flash Detect.exe
C:\Program Files\Netcore\Netcore 11bg Wireless LAN USB Utility\RtWLan.exe
C:\Program Files\PPStream\PPStream.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\MsiExec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\VAIO\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = about:blank
uSearch Page =
uWindow Title = Windows Internet Explorer provided by Yahoo!
uDefault_Page_URL = hxxp://sg.yahoo.com/?fr=fp-yie8
uSearch Bar =
mStart Page = hxxp://www.yuppla.com/
uInternet Settings,ProxyServer = 220.255.4.9:8080
uInternet Settings,ProxyOverride = *.local;<local>
uSearchAssistant =
mSearchAssistant =
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: SearchSettings Class: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\search settings\SearchSettings.dll
uURLSearchHooks: IsoBuster Toolbar: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - c:\program files\isobuster\tbIso2.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IsoBuster Toolbar: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - c:\program files\isobuster\tbIso2.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: SearchSettings Class: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\search settings\SearchSettings.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
TB: IsoBuster Toolbar: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - c:\program files\isobuster\tbIso2.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {DAB35D68-1CDC-4375-8333-D7BBCEE3C0A0} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMBgMonitor.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe
uRun: [AnyDVD] c:\program files\slysoft\anydvd\AnyDVDtray.exe
uRun: [PPS Accelerator] c:\program files\ppstream\ppsap.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0_(Windows;_U;_Windows_NT_5.1;_en-US)_AppleWebKit/532.0_(KHTML,_like_Gecko)_Chrome/3.0.195.27_Safari/532.0" -"[URL="http://social.kewlbox.com/facebook/gameFile/gameContainer.aspx?appID=23&fb_sig_in_iframe=1&fb_sig_iframe_key=fad6f4e614a212e80c67249a666d2b09&fb_sig_locale=en_US&fb_sig_in_new_facebook=1&fb_sig_time=1257688057.3831&fb_sig_added=1&fb_sig_profile_update_time=1251440646&fb_sig_expires=1257692400&fb_sig_user=704623100&fb_sig_session_key=2.y4D5cnC8z1am_fcbmxAQhw__.3600.1257692400-704623100&fb_sig_ss=w2HseDJ5Zw6dltXM_bAlUQ__&fb_sig_ext_perms=status_update%2Cphoto_upload%2Cvideo_upload%2Ccreate_note%2Cshare_item%2Cauto_publish_short_feed%2Cpublish_stream%2Cauto_publish_recent_activity&fb_sig_api_key=fce76d57b23d47a52ebb3cec2b877cf4&fb_sig_app_id=18978884422&fb_sig=9bccada9be3e81b682021d3509205c53"][url]http://social.kewlbox.com/facebook/gameFile/gameContainer.aspx?appID=23&fb_sig_in_iframe=1&fb_sig_iframe_key=fad6f4e614a212e80c67249a666d2b09&fb_sig_locale=en_US&fb_sig_in_new_facebook=1&fb_sig_time=1257688057.3831&fb_sig_added=1&fb_sig_profile_update_time=1251440646&fb_sig_expires=1257692400&fb_sig_user=704623100&fb_sig_session_key=2.y4D5cnC8z1am_fcbmxAQhw__.3600.1257692400-704623100&fb_sig_ss=w2HseDJ5Zw6dltXM_bAlUQ__&fb_sig_ext_perms=status_update%2Cphoto_upload%2Cvideo_upload%2Ccreate_note%2Cshare_item%2Cauto_publish_short_feed%2Cpublish_stream%2Cauto_publish_recent_activity&fb_sig_api_key=fce76d57b23d47a52ebb3cec2b877cf4&fb_sig_app_id=18978884422&fb_sig=9bccada9be3e81b682021d3509205c53[/URL][/URL]"
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [ISBMgr.exe] c:\program files\sony\isb utility\ISBMgr.exe
mRun: [SonyPowerCfg] "c:\program files\sony\vaio power management\SPMgr.exe"
mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Hanvon Key Pus] c:\windows\system32\HWKeyPlus.exe
mRun: [Hanvon Tablet Tray Service] c:\windows\system32\HWTabTray.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [VAIO Update 3] "c:\program files\sony\vaio update 3\VAIOUpdt.exe" /Stationary
mRun: [SearchSettings] c:\program files\search settings\SearchSettings.exe
mRun: [dvd43] c:\program files\dvd43\dvd43_tray.exe
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
StartupFolder: c:\docume~1\vaio\startm~1\programs\startup\pps.lnk - c:\program files\ppstream\PPStream.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\imatio~1.lnk - c:\documents and settings\vaio\local settings\application data\imation\ifm\Imation Flash Detect.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netcor~1.lnk - c:\program files\netcore\netcore 11bg wireless lan usb utility\RtWLan.exe
IE: &Search - ?p=ZRman000
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
Trusted Zone: pps.tv
Trusted Zone: ppstream.com
Trusted Zone: webscache.com
DPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase1140.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1209050251812
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1209050610843
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: {0497839D-5403-436A-8294-BF7D9D723F53} = 165.21.83.88,165.21.100.88
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 nwprovau
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
Hosts: 74.208.105.171 gs.apple.com
============= SERVICES / DRIVERS ===============
R?2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-9-10 611664]
R0 hypen;Hy Pen;c:\windows\system32\drivers\HYPEN.sys [2009-2-9 10548]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-7-24 28544]
R0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\drivers\shpf.sys [2008-4-25 9216]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-6-29 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-6-29 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-6-29 108552]
R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2010-1-8 380928]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-6-29 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-6-29 297752]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2010-12-21 38144]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2008-12-29 233472]
R2 HWSuperPowerTablet;HWSuperPowerTablet;c:\windows\system32\jwpen.exe [2009-2-9 221184]
R2 RalinkRegistryWriter;Ralink Registry Writer;c:\program files\tp-link\twcu\common\RegistryWriter.exe [2010-10-17 69632]
R3 5U870UVC;Sony Visual Communication Camera VGP-VCC7;c:\windows\system32\drivers\5U870UVCx86.sys [2008-4-25 70144]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2008-12-29 36512]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2008-4-24 41216]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2010-8-28 28672]
R3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\drivers\SonyPI.sys [2007-11-21 71961]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2008-4-24 812544]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-11-30 136176]
S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [2010-3-10 24216]
S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [2009-12-9 133632]
S3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2009-12-9 79360]
S3 rt2870;TP-LINK Wireless Adapter;c:\windows\system32\drivers\rt2870.sys [2010-10-18 829792]
S3 RTL8187B;Netcore Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8187B.sys [2010-3-31 275968]
=============== Created Last 30 ================
2010-12-25 10:04:08 -------- dc-h--w- c:\docume~1\alluse~1\applic~1\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
2010-12-25 08:37:09 -------- d-----w- c:\docume~1\vaio\applic~1\Malwarebytes
2010-12-25 08:36:59 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-25 08:36:59 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-12-25 08:36:55 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-25 08:36:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-25 08:17:13 -------- d-----w- c:\windows\DED53B0BB67C4244AE6AD6FD3C28D1EF.TMP
2010-12-25 07:04:25 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-12-25 07:04:25 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-12-25 05:49:00 388096 ----a-r- c:\docume~1\vaio\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2010-12-25 05:48:56 -------- d-----w- c:\program files\Trend Micro
2010-12-24 11:18:52 -------- d-----w- c:\program files\PPSGame
2010-12-24 11:18:34 -------- d-----w- c:\program files\PPStream
2010-12-24 11:18:33 -------- d-----w- c:\docume~1\vaio\applic~1\PPStream
2010-12-21 03:49:35 275968 ------r- c:\windows\system\rtl8187B.sys
2010-12-21 03:49:35 -------- d-----w- c:\windows\OPTIONS
2010-12-21 03:49:27 38144 ----a-w- c:\windows\system32\drivers\EAPPkt.sys
2010-12-21 03:49:27 -------- d-----w- c:\windows\system32\Netcore 11bg Wireless LAN USB Driver and Utility
2010-12-21 03:49:26 -------- d-----w- c:\program files\Netcore
2010-12-16 02:41:16 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-16 02:40:41 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2010-12-11 05:13:10 83249512 ----a-w- c:\program files\common files\windows live\.cache\wlc195.tmp
2010-12-07 01:43:05 -------- d-----w- c:\program files\common files\Tencent
2010-12-06 11:30:57 -------- d-----w- c:\docume~1\vaio\locals~1\applic~1\ConduitEngine
2010-12-06 11:30:55 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2010-12-06 11:30:55 -------- d-----w- c:\program files\ConduitEngine
2010-11-30 06:09:17 -------- d-----w- c:\program files\VideoLAN
2010-11-30 06:07:03 11776 ----a-w- c:\program files\mozilla firefox\plugins\nprjplug.dll
2010-11-30 06:06:54 -------- d-----w- c:\program files\common files\xing shared
2010-11-30 06:06:35 151776 ----a-w- c:\program files\mozilla firefox\plugins\nppl3260.dll
2010-11-30 06:06:30 100352 ----a-w- c:\program files\mozilla firefox\plugins\nprpjplug.dll
2010-11-29 05:41:28 -------- d-----w- c:\program files\SigmaTel
==================== Find3M ====================
2010-11-30 06:06:18 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-18 03:12:12 376832 ----a-w- c:\windows\system32\AegisI5Installer.exe
============= FINISH: 19:25:48.64 ===============
 

Attachments

See less See more
#2 ·
Hello and welcome to TSF.

I am not able to run GMER Rootkit Scanner.
What happens when you try to run GMER?

We really would like to see a GMER log before proceeding. Let's try this special version of gmer. Delete the present copy of GMER from your desktop.

Download GMER Rootkit Scanner from herehttp://www.gmer.net/download.phphttp://www.gmer.net/download.php to your desktop.
  • Double click the exe file. If asked to allow gmer.sys driver to load, please consent .
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.


    Click the image to enlarge it
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)
  • Then click the Scan button & wait for it to finish.
  • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop, and post it in reply.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries


If you still have trouble, try running the scan in Safe Mode.

Restart your computer and boot into Safe Mode by tapping the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work. Login on your usual account. Make sure to close any open browsers.

---------------------------------

If you still have difficullty, run the scan with ONLY the Sections and C drive boxes ticked.


Click the image to enlarge it
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top