Jump to content


Photo
- - - - -

BHO/virus problem?


  • This topic is locked This topic is locked
7 replies to this topic

#1 ScottyChaos

ScottyChaos

    New Member

  • Members
  • Pip
  • 27 posts
  • Gender:Male

Posted 15 June 2011 - 11:20 AM

I was playing a round of Starcraft: Brood-war when suddenly I got an error stating:

The instruction at 0x0047b0d1 referenced memory at 0x00000000. The memory could not be read.


I looked it up and some people say it might be due to BHO's/Viruses. Can someone help? Thank you.

"I have no regrets in my life. I think that everything happens to you for a reason. The hard times that you go through build character, making you a much stronger person. -Rita Mero


#2 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 17 June 2011 - 02:07 AM

Hi and welcome to Malwarebytes.

What version of Windows are you running? Probable that you needed to run some compatibility settings to run Brood War so it wouldn't be surprising that there'd be issues.


Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook

#3 ScottyChaos

ScottyChaos

    New Member

  • Members
  • Pip
  • 27 posts
  • Gender:Male

Posted 19 June 2011 - 05:26 AM

Hi and welcome to Malwarebytes.

What version of Windows are you running? Probable that you needed to run some compatibility settings to run Brood War so it wouldn't be surprising that there'd be issues.


Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

I'm running windows 7 professional x32 bit.

On a side note, I'm confused as to trying to update my graphics card drivers. This laptop is custom built by my uncle who works as a computer specialist for Harvard. This would mean that despite the fact that it's a windows 7 OS that I wouldn't be able to run high spec games. Sometimes the only logical thing to do is to update my drivers. Could you also help me with that? I'm almost new to windows 7, so I don't know how to update the mandatory drivers.

"I have no regrets in my life. I think that everything happens to you for a reason. The hard times that you go through build character, making you a much stronger person. -Rita Mero


#4 ScottyChaos

ScottyChaos

    New Member

  • Members
  • Pip
  • 27 posts
  • Gender:Male

Posted 19 June 2011 - 05:38 AM

Hi and welcome to Malwarebytes.

What version of Windows are you running? Probable that you needed to run some compatibility settings to run Brood War so it wouldn't be surprising that there'd be issues.


Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

MBAM Log:
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6894

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

6/19/2011 6:33:30 AM
mbam-log-2011-06-19 (06-33-30).txt

Scan type: Quick scan
Objects scanned: 178798
Time elapsed: 10 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

DDS.txt
.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_25
Run by Scott at 6:27:46 on 2011-06-19
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.1526.334 [GMT -4:00]
.
AV: BitDefender Antivirus *Enabled/Updated* {50909708-FF80-02AF-F814-B28405891E92}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spy Sweeper *Enabled/Updated* {E840FC75-2A0B-9A7C-D915-4D1380A5C223}
SP: BitDefender Antispyware *Enabled/Updated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}
FW: BitDefender Firewall *Disabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\AEADISRV.EXE
C:\Windows\System32\svchost.exe -k Akamai
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\Dwm.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Lenovo\TrackPoint\tp4serv.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Webroot\WebrootSecurity\SSU.EXE
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Internet Explorer\IELowutil.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Webroot\Washer\WasherSvc.exe
C:\Program Files\Webroot\Washer\wwDisp.exe
C:\Windows\explorer.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
mStart Page = about:blank
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: FCToolbarURLSearchHook Class: {edc8d02a-7ae5-1094-ddc0-16d2381944d0} - c:\program files\socialribbons lp 1\Helper.dll
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: SocialRibbons LP 1: {2f3d5040-d8e1-f5b4-150e-f532a5f23615} - c:\program files\socialribbons lp 1\Toolbar.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: DCA BHO: {b49699fc-1665-4414-a1cb-c4a2a4a13eec} - c:\program files\common files\freecause\dca\dca-bho.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2011\IEToolbar.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [Window Washer] "c:\program files\webroot\washer\wwDisp.exe"
mRun: [SoundMAXPnP] "c:\program files\analog devices\core\smax4pnp.exe"
mRun: [TrackPointSrv] "c:\program files\lenovo\trackpoint\tp4serv.exe"
mRun: [IgfxTray] "c:\windows\system32\igfxtray.exe"
mRun: [HotKeysCmds] "c:\windows\system32\hkcmd.exe"
mRun: [Persistence] "c:\windows\system32\igfxpers.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [AppleSyncNotifier] "c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2011\ieshow.exe"
mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2011\bdagent.exe"
mRun: [<NO NAME>]
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [Philips Device Listener] "c:\program files\philips\philips songbird resources\autolauncher\PhilipsDeviceListener.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SpySweeper] "c:\program files\webroot\webrootsecurity\SpySweeperUI.exe" /startintray
StartupFolder: c:\users\scott\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{2000B891-AF8C-4482-A380-0B41B83C9990} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{2000B891-AF8C-4482-A380-0B41B83C9990}\2456C6B696E6F574F505C65737F5D494D4F4F5343314437373 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{2000B891-AF8C-4482-A380-0B41B83C9990}\2596368616274637D27657563747 : DhcpNameServer = 68.87.71.230 68.87.73.246
TCP: Interfaces\{2000B891-AF8C-4482-A380-0B41B83C9990}\E656477656162723 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{F76C1E9C-2A72-4EF1-AEB1-4242824414B3} : DhcpNameServer = 192.168.1.1
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxdev.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\scott\appdata\roaming\mozilla\firefox\profiles\gjx9373r.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2956045&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Search the Web
FF - prefs.js: browser.startup.homepage - google.com
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\couponalert_2pei\installr\1.bin\NP2pEISb.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\users\scott\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\windows\system32\wat\npWatWeb.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(general.useragent.extra.brc,
.
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-5-14 16184]
R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys [2011-3-22 29832]
R1 bdfwfpf;bdfwfpf;c:\program files\common files\bitdefender\bitdefender firewall\bdfwfpf.sys [2010-7-15 88656]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-7-13 20992]
R3 BDFM;BDFM;c:\windows\system32\drivers\bdfm.sys [2010-5-13 152528]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-4-14 45736]
R3 NETwLv32; Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETwLv32.sys [2010-8-29 6637056]
R3 Tp4Track;PS/2 TrackPoint Driver;c:\windows\system32\drivers\tp4track.sys [2009-11-24 23152]
R4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-4-1 39984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-3-23 7408]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S4 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2010-6-28 633424]
S4 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2010-6-28 970320]
.
=============== Created Last 30 ================
.
2011-06-19 10:15:15 -------- d-----w- c:\program files\common files\Webroot Shared
2011-06-19 10:15:07 194888 ----a-w- c:\windows\Unwash6.exe
2011-06-16 20:19:08 -------- d-----w- c:\program files\Stunlock Studios
2011-06-16 20:16:12 -------- d-----w- c:\program files\Microsoft XNA
2011-06-14 19:21:17 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-06-14 19:21:16 141104 ----a-w- c:\program files\internet explorer\sqmapi.dll
2011-06-14 19:21:14 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-06-14 18:35:46 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-14 18:35:46 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-14 18:35:45 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-14 18:35:38 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-14 18:35:36 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-14 18:35:04 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-14 18:34:55 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-06-14 18:34:50 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-14 18:34:41 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-14 18:34:39 96256 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-14 18:34:38 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-14 17:06:33 -------- d-----w- c:\program files\common files\FreeCause
2011-06-14 17:06:24 -------- d-----w- c:\program files\SocialRibbons LP 1
2011-06-14 03:25:19 -------- d-----w- c:\users\scott\appdata\roaming\Philips
2011-06-14 03:16:54 -------- d-----w- c:\users\scott\appdata\roaming\Philips-Songbird
2011-06-14 03:16:54 -------- d-----w- c:\users\scott\appdata\local\Philips-Songbird
2011-06-14 03:16:01 -------- d-----w- c:\programdata\{F0489EF2-D393-4114-85BA-A94D71D89543}
2011-06-14 03:15:34 -------- d-----w- c:\program files\Philips
2011-06-13 20:21:05 -------- d-----w- c:\users\scott\appdata\roaming\AVS4YOU
2011-06-13 20:16:10 -------- d-----w- c:\program files\common files\AVSMedia
2011-06-13 20:16:04 24576 ----a-w- c:\windows\system32\msxml3a.dll
2011-06-13 20:16:04 1700352 ----a-w- c:\windows\system32\GdiPlus.dll
2011-06-13 20:16:03 -------- d-----w- c:\programdata\AVS4YOU
2011-06-13 20:16:03 -------- d-----w- c:\program files\AVS4YOU
2011-06-13 19:38:12 -------- d-----w- c:\users\scott\appdata\roaming\Tomato
2011-06-13 19:37:48 -------- d-----w- c:\program files\common files\Tomato
2011-06-13 18:47:15 -------- d-----w- c:\program files\ConvertHelper
2011-06-13 18:46:15 -------- d-----w- c:\users\scott\dwhelper
2011-06-13 12:22:15 -------- d-----w- c:\program files\Picaroon
2011-06-09 14:00:57 -------- d-----w- c:\windows\CheckSur
2011-06-08 01:03:15 -------- d-----w- c:\program files\Starcraft
2011-06-06 16:55:30 183696 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2011-06-06 16:55:30 183696 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2011-06-04 07:09:54 -------- d-----w- c:\program files\Bing Bar Installer
2011-06-04 07:09:49 -------- d-----w- c:\programdata\HP Photo Creations
2011-06-04 07:09:49 -------- d-----w- c:\program files\HP Photo Creations
2011-06-04 07:09:42 -------- d-----w- c:\program files\Coupons
2011-06-04 07:09:14 -------- d-----w- c:\users\scott\appdata\roaming\HpUpdate
2011-06-04 07:07:16 -------- d-----w- c:\program files\HP
2011-06-04 07:06:37 -------- d-----w- c:\users\scott\appdata\local\HP
2011-06-03 03:51:52 -------- d-----w- c:\program files\Warcraft III Reign of Chaos & The Frozen Throne
2011-06-01 13:48:06 -------- d-----w- c:\program files\Free Fire Screensaver
2011-06-01 13:47:51 -------- d-----w- c:\users\scott\appdata\roaming\Laconic Software
2011-05-31 19:02:22 -------- d-----w- c:\users\scott\appdata\roaming\SUPERAntiSpyware.com
2011-05-31 18:55:50 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-05-29 20:24:01 -------- d-----w- c:\program files\CouponAlert_2pEI
2011-05-28 12:21:32 374272 ----a-w- c:\windows\system32\mss32.dll
2011-05-28 12:20:25 488960 ----a-r- c:\program files\microsoft games\age of mythology\GRANNY.DLL
2011-05-28 12:17:48 82000 ----a-w- c:\windows\system32\rockalldll.dll
2011-05-28 11:58:53 -------- d-----w- c:\program files\Microsoft Games
2011-05-25 14:19:41 -------- d-----w- c:\programdata\Media Center Programs
2011-05-25 11:20:16 0 ----a-w- c:\windows\system32\_r_a_p_.tmp
2011-05-25 11:19:22 212992 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ILog.dll
2011-05-24 10:43:27 -------- d-----w- c:\programdata\bdch
2011-05-22 17:00:24 -------- d-----w- c:\program files\MSXML 4.0
2011-05-22 13:01:23 -------- d-----w- c:\users\scott\Warcraft III 1.21b ROC Installer enUS
2011-05-22 12:36:04 -------- d-----w- c:\users\scott\appdata\local\Diagnostics
2011-05-22 12:17:52 -------- d-----w- c:\users\scott\appdata\local\Gas Powered Games
2011-05-22 04:58:22 -------- d-----w- c:\users\scott\appdata\local\Fallout3
2011-05-21 16:07:03 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-21 15:20:57 -------- d-----w- c:\users\scott\appdata\roaming\Lionhead Studios
2011-05-21 11:54:14 -------- d-----w- c:\program files\SystemRequirementsLab
2011-05-21 11:38:20 -------- d-----w- c:\users\scott\appdata\local\splash damage
2011-05-21 11:38:18 -------- d-----w- c:\users\scott\appdata\local\SKIDROW
2011-05-21 05:32:01 -------- d-----w- c:\program files\MSSOAP
2011-05-21 05:32:01 -------- d-----w- c:\program files\common files\MSSoap
2011-05-21 05:31:38 1563024 ----a-w- c:\windows\WRSetup.dll
2011-05-21 05:31:38 -------- d-----w- c:\users\scott\appdata\roaming\Webroot
2011-05-21 05:31:38 -------- d-----w- c:\programdata\Webroot
2011-05-21 05:31:37 -------- d-----w- c:\program files\Webroot
2011-05-21 00:31:08 -------- d-----w- c:\programdata\Nexon
2011-05-21 00:10:58 -------- d-----w- c:\programdata\NexonUS
.
==================== Find3M ====================
.
2011-05-29 13:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 13:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-21 16:06:56 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-14 17:47:26 111960 ----a-w- c:\windows\dxsdkuninst.exe
2011-05-14 14:52:11 94208 ----a-w- c:\windows\rtpmsi32.dll
2011-05-14 14:25:49 685816 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-05-14 11:21:52 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-05-14 11:21:50 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-05-14 11:21:50 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-05-14 11:21:50 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-05-14 11:21:47 801792 ----a-w- c:\windows\system32\FntCache.dll
2011-05-14 11:21:45 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-05-14 11:21:45 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-05-14 11:21:44 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2011-05-14 11:21:44 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2011-05-14 11:21:43 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-05-14 11:21:43 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-05-14 11:21:43 107520 ----a-w- c:\windows\system32\cdd.dll
2011-05-14 11:21:42 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-05-14 09:33:07 58169 ----a-w- c:\programdata\bdinstall.bin
2011-04-09 22:55:44 15453336 ----a-w- c:\windows\system32\xlive.dll
2011-04-09 22:55:42 13642904 ----a-w- c:\windows\system32\xlivefnt.dll
2011-04-09 17:17:46 17280 ----a-w- c:\windows\system32\roboot.exe
2011-04-09 06:13:06 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-09 06:13:06 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 05:56:38 123904 ----a-w- c:\windows\system32\poqexec.exe
2011-04-06 20:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 20:20:16 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2011-04-06 20:20:16 197920 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 20:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-02 12:03:16 2 --shatr- c:\windows\winstart.bat
2011-03-22 14:14:22 29832 ----a-w- c:\windows\system32\drivers\ssfs0bbc.sys
2011-03-22 14:14:22 23176 ----a-w- c:\windows\system32\drivers\sshrmd.sys
2011-03-22 14:14:22 176776 ----a-w- c:\windows\system32\drivers\ssidrv.sys
2010-07-08 14:37:14 101544 ----a-w- c:\program files\common files\LinkInstaller.exe
.
============= FINISH: 6:36:42.30 ===============

"I have no regrets in my life. I think that everything happens to you for a reason. The hard times that you go through build character, making you a much stronger person. -Rita Mero


#5 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 21 June 2011 - 11:18 PM

Hi,

What graphics card are you using?
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook

#6 ScottyChaos

ScottyChaos

    New Member

  • Members
  • Pip
  • 27 posts
  • Gender:Male

Posted 24 June 2011 - 10:55 AM

Hi,

What graphics card are you using?

Mobile IntelĀ® 945 Express Chipset Family w/ 256MB memory.

"I have no regrets in my life. I think that everything happens to you for a reason. The hard times that you go through build character, making you a much stronger person. -Rita Mero


#7 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 27 June 2011 - 01:35 PM

Uninstall your driver and grab the latest version from here:

http://downloadcente... &DownloadType=
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook

#8 screen317

screen317

    MBAM Sentinel

  • Moderators
  • PipPipPipPipPipPip
  • 19,486 posts
  • Gender:Male
  • Location:New Haven, CT

Posted 04 August 2011 - 04:44 PM

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!
Chris Fistonich
Research Team

Posted Image

Follow us: Twitter, Become a fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users