Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

XPsp3 Random I.E. script errors and random audio playing.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

XPsp3 Random I.E. script errors and random audio playing.

Unread postby J003223 » April 26th, 2011, 3:48 pm

Getting random script errors on the desktop without IE running.
Unrelated (I think) I'm get random audio clips at random times regardless if any programs are running. I was watching the task mgr when one such clip played however, didn't see any additional processes start or stop.

DDS:
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by AMD DUO at 15:37:05.53 on Tue 04/26/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.210 [GMT -4:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\AMD DUO\My Documents\J003223\Apps\DDS\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = <local>
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/ ... ontrol.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} - hxxp://download.microsoft.com/download/ ... ontrol.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupda ... 1166289359
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microso ... 9369520265
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shoc ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: AtiExtEvent - Ati2evxx.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\amdduo~1\applic~1\mozilla\firefox\profiles\9cic1jpr.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\documents and settings\all users\application data\realarcade\npraclient.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPcol400.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Noia 2.0 (eXtreme): {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e} - %profile%\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
FF - Ext: Noia 2.0 eXtreme OPT: noia2_option@kk.noia - %profile%\extensions\noia2_option@kk.noia
FF - Ext: YouTube to MP3: youtube2mp3@mondayx.de - %profile%\extensions\youtube2mp3@mondayx.de
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 d346bus;d346bus;c:\windows\system32\drivers\d346bus.sys [2011-4-7 156800]
R0 d346prt;d346prt;c:\windows\system32\drivers\d346prt.sys [2011-4-7 5248]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-4-26 64512]
R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [2010-5-30 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [2010-5-30 52224]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2010-5-30 13696]
R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [2011-4-26 21464]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2011-4-26 98392]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-4-22 2146496]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2011-4-24 632792]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2011-4-26 69976]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-4-22 15232]
S4 vsdatant;vsdatant;a --> a [?]
.
=============== Created Last 30 ================
.
2011-04-26 19:04:16 -------- d-----w- c:\program files\Trend Micro
2011-04-26 05:26:14 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-04-26 04:02:45 69976 ----a-w- c:\windows\system32\drivers\sbapifs.sys
2011-04-26 04:02:42 21464 ----a-w- c:\windows\system32\drivers\sbaphd.sys
2011-04-26 04:02:21 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-04-26 04:02:18 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-04-26 03:57:30 -------- d-----w- c:\docume~1\amdduo~1\locals~1\applic~1\Sunbelt Software
2011-04-26 03:53:42 -------- dc-h--w- c:\docume~1\alluse~1\applic~1\{E8A61B3F-DF97-45EA-A2EE-88E262649179}
2011-04-26 03:52:52 -------- d-----w- c:\program files\Lavasoft
2011-04-26 03:06:16 -------- d-----w- c:\program files\Quick Web Player
2011-04-25 03:46:18 -------- d-----w- c:\docume~1\amdduo~1\applic~1\ElevatedDiagnostics
2011-04-24 21:46:13 -------- d-----w- c:\docume~1\amdduo~1\applic~1\Registry Mechanic
2011-04-24 21:39:27 37336 ----a-w- c:\windows\system32\CleanMFT32.exe
2011-04-24 21:39:27 212992 ----a-w- c:\windows\system32\UniBoxVB12.ocx
2011-04-24 21:39:27 1101824 ----a-w- c:\windows\system32\UniBox210.ocx
2011-04-24 21:39:26 880640 ----a-w- c:\windows\system32\UniBox10.ocx
2011-04-24 21:39:26 658432 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2011-04-24 21:39:21 -------- d-----w- c:\program files\common files\PC Tools
2011-04-24 20:55:53 -------- d-----w- c:\program files\WiseFixer
2011-04-18 07:35:10 -------- d-----w- c:\windows\Big City Adventure San Francisco
2011-04-18 07:35:09 -------- d-----w- c:\program files\Big City Adventure San Francisco
2011-04-18 07:33:44 -------- d-----w- c:\program files\Big City Adventure - Sydney Australia
2011-04-17 04:50:05 -------- d-----w- c:\docume~1\amdduo~1\applic~1\Gestalt Games
2011-04-12 04:22:34 -------- d-----w- c:\program files\Sid Meier's Civilization V
2011-04-10 08:11:28 -------- d-----w- c:\docume~1\alluse~1\applic~1\Gogii
2011-04-10 05:27:32 -------- d-----w- c:\docume~1\amdduo~1\locals~1\applic~1\JollyBear
2011-04-10 05:27:32 -------- d-----w- c:\docume~1\alluse~1\applic~1\JollyBear
2011-04-10 04:52:52 -------- d-----w- c:\docume~1\amdduo~1\locals~1\applic~1\My Games
2011-04-08 02:21:32 -------- d-----w- c:\docume~1\amdduo~1\locals~1\applic~1\ATI
2011-04-08 01:39:05 -------- d-----w- c:\windows\system32\XPSViewer
2011-04-08 01:38:38 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-04-08 01:38:14 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-04-08 01:38:14 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-04-08 01:38:14 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-04-08 01:38:14 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-04-08 01:38:14 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-04-08 01:38:14 117760 ------w- c:\windows\system32\prntvpt.dll
2011-04-08 01:38:13 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-04-08 01:38:13 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-04-08 01:29:12 -------- d-----w- C:\ATI
2011-04-08 00:59:31 -------- d-----w- c:\program files\Amnesia - The Dark Descent
2011-04-08 00:28:34 -------- d-----w- c:\docume~1\amdduo~1\locals~1\applic~1\Symantec
2011-04-08 00:26:26 1060864 ----a-w- c:\windows\system32\MFC71.DLL
2011-04-08 00:26:08 -------- d-----w- c:\program files\common files\Symantec Shared
2011-04-08 00:26:08 -------- d-----w- c:\docume~1\alluse~1\applic~1\Symantec
2011-04-07 21:38:26 5248 ----a-w- c:\windows\system32\drivers\d346prt.sys
2011-04-07 21:38:26 156800 ----a-w- c:\windows\system32\drivers\d346bus.sys
2011-04-07 21:38:04 -------- d-----w- c:\windows\Downloaded Installations
2011-04-07 00:12:15 -------- d-----w- c:\docume~1\amdduo~1\applic~1\GameInvest
2011-04-05 05:53:31 -------- d-----w- c:\docume~1\amdduo~1\applic~1\Top Evidence
.
==================== Find3M ====================
.
2011-03-23 22:37:33 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-03-23 22:37:33 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:37:06 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:06:29 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:06:29 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:06:29 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41:59 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 12:32:12 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33:55 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33:55 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2006-02-28 12:00:00 73728 --sha-w- c:\windows\registeredpackages\{dd90d410-1823-43eb-9a16-a2331bf08799}$backup$\system\wmplayer.exe
.
============= FINISH: 15:39:44.84 ===============
You do not have the required permissions to view the files attached to this post.
J003223
Active Member
 
Posts: 5
Joined: April 26th, 2011, 3:32 pm
Advertisement
Register to Remove

UPDATE:XPsp3 Random I.E. script errors and random audio play

Unread postby J003223 » April 26th, 2011, 10:16 pm

I have removed AAW repaired the errored install of Malwarebytes. Taken some of the suggested actions from the prog. Installed CClean and MyDefrag. I'm still having the same issues as reported in the previous post. The new DDS and info is reported below. Please and thank you for your assistance in this matter.

DDS:
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by AMD DUO at 22:07:50.43 on Tue 04/26/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.688 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\AMD DUO\My Documents\J003223\Apps\DDS\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = <local>
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/ ... ontrol.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} - hxxp://download.microsoft.com/download/ ... ontrol.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupda ... 1166289359
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microso ... 9369520265
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shoc ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: AtiExtEvent - Ati2evxx.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\amdduo~1\applic~1\mozilla\firefox\profiles\9cic1jpr.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\documents and settings\all users\application data\realarcade\npraclient.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPcol400.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Noia 2.0 (eXtreme): {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e} - %profile%\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
FF - Ext: Noia 2.0 eXtreme OPT: noia2_option@kk.noia - %profile%\extensions\noia2_option@kk.noia
FF - Ext: YouTube to MP3: youtube2mp3@mondayx.de - %profile%\extensions\youtube2mp3@mondayx.de
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 d346bus;d346bus;c:\windows\system32\drivers\d346bus.sys [2011-4-7 156800]
R0 d346prt;d346prt;c:\windows\system32\drivers\d346prt.sys [2011-4-7 5248]
R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [2010-5-30 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [2010-5-30 52224]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2010-5-30 13696]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2011-4-26 98392]
S4 vsdatant;vsdatant;a --> a [?]
.
=============== Created Last 30 ================
.
2011-04-26 22:35:02 475648 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.scr
2011-04-26 22:35:02 1061888 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.exe
2011-04-26 22:35:02 -------- d-----w- c:\program files\MyDefrag v4.3.1
2011-04-26 22:32:28 -------- d-----w- c:\program files\CCleaner
2011-04-26 21:00:32 4 ---ha-w- C:\aaw7boot.cmd
2011-04-26 19:04:16 -------- d-----w- c:\program files\Trend Micro
2011-04-26 04:02:18 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-04-26 03:57:30 -------- d-----w- c:\docume~1\amdduo~1\locals~1\applic~1\Sunbelt Software
2011-04-26 03:06:16 -------- d-----w- c:\program files\Quick Web Player
2011-04-25 03:46:18 -------- d-----w- c:\docume~1\amdduo~1\applic~1\ElevatedDiagnostics
2011-04-24 21:46:13 -------- d-----w- c:\docume~1\amdduo~1\applic~1\Registry Mechanic
2011-04-24 20:55:53 -------- d-----w- c:\program files\WiseFixer
2011-04-18 07:35:10 -------- d-----w- c:\windows\Big City Adventure San Francisco
2011-04-18 07:35:09 -------- d-----w- c:\program files\Big City Adventure San Francisco
2011-04-18 07:33:44 -------- d-----w- c:\program files\Big City Adventure - Sydney Australia
2011-04-17 04:50:05 -------- d-----w- c:\docume~1\amdduo~1\applic~1\Gestalt Games
2011-04-10 08:11:28 -------- d-----w- c:\docume~1\alluse~1\applic~1\Gogii
2011-04-10 05:27:32 -------- d-----w- c:\docume~1\amdduo~1\locals~1\applic~1\JollyBear
2011-04-10 05:27:32 -------- d-----w- c:\docume~1\alluse~1\applic~1\JollyBear
2011-04-10 04:52:52 -------- d-----w- c:\docume~1\amdduo~1\locals~1\applic~1\My Games
2011-04-08 02:21:32 -------- d-----w- c:\docume~1\amdduo~1\locals~1\applic~1\ATI
2011-04-08 01:39:05 -------- d-----w- c:\windows\system32\XPSViewer
2011-04-08 01:38:38 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-04-08 01:38:14 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-04-08 01:38:14 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-04-08 01:38:14 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-04-08 01:38:14 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-04-08 01:38:14 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-04-08 01:38:14 117760 ------w- c:\windows\system32\prntvpt.dll
2011-04-08 01:38:13 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-04-08 01:38:13 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-04-08 01:29:12 -------- d-----w- C:\ATI
2011-04-08 00:59:31 -------- d-----w- c:\program files\Amnesia - The Dark Descent
2011-04-08 00:28:34 -------- d-----w- c:\docume~1\amdduo~1\locals~1\applic~1\Symantec
2011-04-08 00:26:26 1060864 ----a-w- c:\windows\system32\MFC71.DLL
2011-04-08 00:26:08 -------- d-----w- c:\program files\common files\Symantec Shared
2011-04-08 00:26:08 -------- d-----w- c:\docume~1\alluse~1\applic~1\Symantec
2011-04-07 21:38:26 5248 ----a-w- c:\windows\system32\drivers\d346prt.sys
2011-04-07 21:38:26 156800 ----a-w- c:\windows\system32\drivers\d346bus.sys
2011-04-07 21:38:04 -------- d-----w- c:\windows\Downloaded Installations
2011-04-07 00:12:15 -------- d-----w- c:\docume~1\amdduo~1\applic~1\GameInvest
2011-04-05 05:53:31 -------- d-----w- c:\docume~1\amdduo~1\applic~1\Top Evidence
.
==================== Find3M ====================
.
2011-03-23 22:37:33 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-03-23 22:37:33 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:37:06 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:06:29 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:06:29 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:06:29 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41:59 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 12:32:12 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33:55 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33:55 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2006-02-28 12:00:00 73728 --sha-w- c:\windows\registeredpackages\{dd90d410-1823-43eb-9a16-a2331bf08799}$backup$\system\wmplayer.exe
.
============= FINISH: 22:08:19.57 ===============
You do not have the required permissions to view the files attached to this post.
Last edited by J003223 on April 26th, 2011, 10:37 pm, edited 1 time in total.
J003223
Active Member
 
Posts: 5
Joined: April 26th, 2011, 3:32 pm

Re: XPsp3 Random I.E. script errors and random audio playing

Unread postby J003223 » April 26th, 2011, 10:29 pm

I have stoped working on this issue until the Admin / Moderator has reviewed the latest config info. I await your reply. Thank you. ~J
J003223
Active Member
 
Posts: 5
Joined: April 26th, 2011, 3:32 pm

Re: XPsp3 Random I.E. script errors and random audio playing

Unread postby NonSuch » April 27th, 2011, 3:49 am

Please familiarize yourself with the forum rules: >Forum Posting Rules - Please Read<

We're sorry, but it is necessary to close your topic because you have replied to it prior to receiving a response from a helper.

Due to adding on to your topic with additional posts it is highly unlikely that you would have received a response. Our helpers are looking for topics with zero responses. When you post replies to your own topic, it no longer has zero responses, and so it appears that you have received help when in fact, you have not.

If you still require help, please open a new thread in the Malware Removal forum and wait for assistance. Please do not run additional programs and/or post additional logs. Just your DDS log to start with is adequate. Your helper will ask for additional logs as needed. DO NOT reply to your own topic until you have received a response from a helper. Be patient. There are others who have been waiting longer than you, so do not expect an immediate reply.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27300
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 50 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware