Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can Someone Tell Me If I'm Infected At All?


  • This topic is locked This topic is locked
3 replies to this topic

#1 Tupaclypse

Tupaclypse

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 26 May 2008 - 03:50 AM

My system seems a bit off, can someone please tell me if I'm infected? Thank you!

Here's my Kaspersky Log:

KASPERSKY ONLINE SCANNER REPORT
Monday, May 26, 2008 1:44:12 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 26/05/2008
Kaspersky Anti-Virus database records: 800639


Scan Settings
Scan using the following antivirus database extended
Scan Archives false
Scan Mail Bases false

Scan Target Critical Areas
C:\WINDOWS
C:\DOCUME~1\KNOWLE~1\LOCALS~1\Temp\

Scan Statistics
Total number of scanned objects 21942
Number of viruses found 0
Number of infected objects 0
Number of suspicious objects 0
Duration of the scan process 00:12:29

Infected Object Name Virus Name Last Action
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache\{1E95F02C-E50C-4F05-B48B-96155B90DA55}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

C:\WINDOWS\{00000007-00000000-00000000-00001102-00000008-20011102}.CDF Object is locked skipped

C:\DOCUME~1\KNOWLE~1\LOCALS~1\Temp\Adobelm_Cleanup.0001.dir.0000\~efe2.tmp Object is locked skipped

C:\DOCUME~1\KNOWLE~1\LOCALS~1\Temp\Adobelm_Cleanup.0001.dir.0003\~efe2.tmp Object is locked skipped

C:\DOCUME~1\KNOWLE~1\LOCALS~1\Temp\Photoshop Temp309531 Object is locked skipped

Scan process completed.




And Here's the DSS Log:

Deckard's System Scanner v20071014.68
Run by Knowledge on 2008-05-26 00:27:37
Computer is in Normal Mode.
--------------------------------------------------------------------------------

System Drive C: has 6.44 GiB (less than 15%) free.


-- HijackThis (run as Knowledge.exe) -------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:28:43 AM, on 5/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Creative\Sound Blaster Audigy 2\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\Sound Blaster Audigy 2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\Sound Blaster Audigy 2\PCMCIA Sound Blaster Utility\CTSBUtl.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Creative\Sound Blaster Audigy 2\PCMCIA Sound Blaster Utility\CTAPR.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\HiDownload\hidownload.exe
C:\Documents and Settings\Knowledge\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\KNOWLE~1.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [PartSeal] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster Audigy 2\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Audigy 2\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTPCMCIASBUtility] C:\Program Files\Creative\Sound Blaster Audigy 2\PCMCIA Sound Blaster Utility\CTSBUtl.exe
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe /autorun
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O8 - Extra context menu item: Download All Files by HiDownload - C:\Program Files\HiDownload\HDGetAll.htm
O8 - Extra context menu item: Download by HiDownload - C:\Program Files\HiDownload\HDGet.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\Program Files\HiDownload\hidownload.exe (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - http://upload.facebook.com/controls/Facebo...toUploader3.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase9563.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1189585112296
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/in...l/installer.exe
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cab
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

--
End of file - 8353 bytes

-- Files created between 2008-04-26 and 2008-05-26 -----------------------------

2008-05-25 23:52:57 0 d-------- C:\Documents and Settings\Knowledge\Application Data\ESET
2008-05-25 23:51:07 0 d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-05-25 17:33:57 0 d-------- C:\Program Files\AVG
2008-05-25 17:33:57 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-25 17:04:36 0 d-------- C:\Program Files\VstPlSkins
2008-05-25 17:04:36 0 d-------- C:\Program Files\VstPlLicenses
2008-05-25 16:55:51 0 d-------- C:\Program Files\Common Files\reFX
2008-05-24 15:39:04 0 d-------- C:\Documents and Settings\Knowledge\Application Data\Songbird1
2008-05-24 15:39:04 0 d-------- C:\Documents and Settings\Knowledge\Application Data\Mozilla
2008-05-24 15:38:19 0 d-------- C:\Documents and Settings\All Users\Application Data\SongbirdVLC
2008-05-23 08:23:46 0 d-------- C:\Documents and Settings\Knowledge\Application Data\Motive
2008-05-23 08:20:58 0 d-------- C:\WINDOWS\Motive
2008-05-23 08:20:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Motive
2008-05-23 07:38:45 171280 --a------ C:\WINDOWS\system32\jit.dll <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-23 07:38:45 139536 --a------ C:\WINDOWS\system32\javaee.dll <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-23 07:38:45 313856 --a------ C:\WINDOWS\system32\dx3j.dll <Not Verified; Microsoft Corporation; Microsoft® DirectX for Java>
2008-05-23 07:38:45 46352 --a------ C:\WINDOWS\setdebug.exe <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-23 07:38:45 6550 --a------ C:\WINDOWS\jautoexp.dat
2008-05-23 07:38:39 113 --a------ C:\WINDOWS\system32\zonedon.reg
2008-05-23 07:38:39 113 --a------ C:\WINDOWS\system32\zonedoff.reg
2008-05-23 07:38:39 171792 --a------ C:\WINDOWS\system32\wjview.exe <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-23 07:38:39 286992 --a------ C:\WINDOWS\system32\vmhelper.dll <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-23 07:38:39 21264 --a------ C:\WINDOWS\system32\msjdbc10.dll <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-23 07:38:39 947472 --a------ C:\WINDOWS\system32\msjava.dll <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-23 07:38:39 154384 --a------ C:\WINDOWS\system32\msawt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-23 07:38:39 172304 --a------ C:\WINDOWS\system32\jview.exe <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-23 07:38:38 15120 --a------ C:\WINDOWS\system32\jdbgmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-23 07:38:38 404752 --a------ C:\WINDOWS\system32\javart.dll <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-23 07:38:38 63248 --a------ C:\WINDOWS\system32\javaprxy.dll <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-23 07:38:38 187152 --a------ C:\WINDOWS\system32\javacypt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-23 07:38:37 49424 --a------ C:\WINDOWS\system32\clspack.exe <Not Verified; Microsoft Corporation; Microsoft® Windows ® Operating System>
2008-05-23 04:29:04 0 d-------- C:\Program Files\QuickTime
2008-05-23 02:15:44 0 dr-h----- C:\Documents and Settings\Knowledge\Recent
2008-05-20 13:45:33 0 d-------- C:\Documents and Settings\Knowledge\Application Data\CasinoOnNet
2008-05-14 10:32:04 0 d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-05-14 04:27:04 0 d-------- C:\Program Files\Way Out Ware
2008-05-14 04:17:05 0 d-------- C:\Program Files\Common Files\Native Instruments
2008-05-14 04:10:33 0 d-------- C:\Documents and Settings\Knowledge\Application Data\KORG
2008-05-14 04:08:13 0 d-------- C:\Program Files\Common Files\KORG
2008-05-14 04:08:12 0 d-------- C:\Program Files\KORG Legacy
2008-05-14 04:08:12 0 d-------- C:\Documents and Settings\All Users\Application Data\KORG
2008-05-14 04:03:35 0 d-------- C:\Documents and Settings\Knowledge\Application Data\Antares
2008-05-14 04:03:34 0 d-------- C:\Program Files\Antares Audio Technologies
2008-05-14 03:27:25 0 d-------- C:\Program Files\Antares
2008-05-12 18:50:16 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-05-12 18:50:16 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-05-12 18:50:08 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-05-12 18:50:08 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-12 18:50:08 831488 --a------ C:\WINDOWS\system32\divx_xx0a.dll
2008-05-12 18:50:08 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-12 18:50:06 682496 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-12 18:49:02 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2008-05-09 08:35:35 0 d-------- C:\Program Files\Quick Screen Capture
2008-05-08 21:42:30 9961472 --a------ C:\Documents and Settings\Knowledge\ntuser.dat
2008-05-08 21:38:19 0 d-------- C:\Program Files\Windows Live Safety Center
2008-05-07 06:26:03 69359 --a------ C:\WINDOWS\hpoins05.dat
2008-05-07 06:26:02 19696 --------- C:\WINDOWS\hpomdl05.dat
2008-05-02 07:46:14 368 --a------ C:\drmHeader.bin
2008-04-29 16:11:22 0 d-------- C:\WINDOWS\system32\Adobe


-- Find3M Report ---------------------------------------------------------------

2008-05-26 00:22:02 0 d-------- C:\Program Files\HiDownload
2008-05-25 18:15:01 0 d-------- C:\Program Files\eMule
2008-05-25 17:22:08 0 d-------- C:\Program Files\Trend Micro
2008-05-25 17:11:30 8 --a------ C:\Program Files\VstPlData.ndb
2008-05-25 16:55:51 0 d-------- C:\Program Files\Common Files
2008-05-25 16:55:49 0 d-------- C:\Program Files\VstPlugins
2008-05-25 08:53:12 0 d-------- C:\Program Files\Absolute Poker
2008-05-24 20:32:32 0 d-------- C:\Documents and Settings\Knowledge\Application Data\Adobe
2008-05-23 11:32:19 0 d-------- C:\Program Files\Winamp
2008-05-23 11:32:10 0 d-------- C:\Program Files\No1 DVD Ripper
2008-05-23 11:32:08 0 d-------- C:\Program Files\Native Instruments
2008-05-23 11:32:08 0 d-------- C:\Program Files\MixVibesDVS
2008-05-23 11:32:04 0 d-------- C:\Program Files\jv16 PowerTools
2008-05-23 11:32:02 0 d-------- C:\Program Files\Java
2008-05-23 11:32:01 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-05-23 11:32:00 0 d-------- C:\Program Files\Foxit Software
2008-05-23 11:31:56 0 d-------- C:\Program Files\DivX
2008-05-23 11:31:51 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-05-23 11:31:40 0 d-------- C:\Program Files\Ahead
2008-05-14 10:32:32 0 d-------- C:\Program Files\AIM6
2008-05-14 07:12:46 0 d-------- C:\Program Files\Ableton
2008-05-14 02:09:39 0 d-------- C:\Documents and Settings\Knowledge\Application Data\Ableton
2008-05-12 18:53:16 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-05-08 20:55:44 0 d-------- C:\Program Files\CCleaner
2008-05-07 05:28:53 0 d-------- C:\Documents and Settings\Knowledge\Application Data\Image Zone Express
2008-04-20 18:21:08 0 d-------- C:\Program Files\Musicnotes
2008-04-17 02:31:19 0 d-------- C:\Documents and Settings\Knowledge\Application Data\Move Networks
2008-04-15 19:53:30 0 d-------- C:\Program Files\Netflix
2008-04-10 22:10:35 0 d-------- C:\Program Files\iTunes
2008-04-10 22:10:20 0 d-------- C:\Program Files\iPod
2008-04-03 21:44:49 0 d-------- C:\Documents and Settings\Knowledge\Application Data\Real
2008-04-03 01:13:18 0 d-------- C:\Program Files\Common Files\xing shared
2008-04-03 01:13:02 0 d-------- C:\Program Files\Common Files\Real
2008-02-26 11:54:50 180224 --a------ C:\WINDOWS\system32\PolyOptionsDialog.dll <Not Verified; Admiral Quality; Poly-Ana.dll VSTi and Poly-AnaFX.dll VSTfx>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [05/27/2005 12:24 PM]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [11/17/2004 08:47 PM]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [05/20/2005 06:06 PM]
"VAIO Recovery"="C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe" [04/19/2003 09:08 PM]
"SonyPowerCfg"="C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" [10/19/2005 11:07 PM]
"ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [02/20/2004 03:12 PM]
"PartSeal"="C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe" [04/19/2003 09:08 PM]
"CTDVDDET"="C:\Program Files\Creative\Sound Blaster Audigy 2\DVDAudio\CTDVDDET.EXE" [06/18/2003 01:00 AM]
"CTSysVol"="C:\Program Files\Creative\Sound Blaster Audigy 2\Surround Mixer\CTSysVol.exe" [09/15/2005 09:47 AM]
"CTPCMCIASBUtility"="C:\Program Files\Creative\Sound Blaster Audigy 2\PCMCIA Sound Blaster Utility\CTSBUtl.exe" [09/05/2005 11:24 AM]
"AudioDrvEmulator"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [06/16/2005 06:25 PM]
"VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" [10/11/2005 10:36 PM]
"Samsung PanelMgr"="C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe" [08/15/2007 10:41 PM]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [03/01/2008 04:54 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 05:00 AM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"AllowMultipleTSSessions"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 05/20/2005 06:42 PM 73728 C:\WINDOWS\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
C:\Program Files\Cyberlink\Shared Files\brs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
"C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"RichVideo"=2 (0x2)
"Pml Driver HPZ12"=2 (0x2)
"iPod Service"=3 (0x3)


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"



-- End of Deckard's System Scanner: finished at 2008-05-26 00:29:39 ------------

BC AdBot (Login to Remove)

 


#2 silver

silver

  • Members
  • 480 posts
  • OFFLINE
  •  
  • Location:GMT+7
  • Local time:10:51 AM

Posted 25 June 2008 - 05:49 AM

Hi Tupaclypse,

I'm sorry it's taken so long for you to get a response, if you still need help please do as follows:

Make new reports with DSS:
  • Make sure DSS.exe is on your Desktop
  • Press the Start->Run, copy/paste the following command into the box and press OK:

    "%userprofile%\desktop\dss.exe" /config

  • A configuration box will appear, make sure all boxes are checked and press Scan!
Once complete, please post the new DSS main.txt and extra.txt reports.
Teacher at Malware Removal University | ASAP & UNITE Member

#3 silver

silver

  • Members
  • 480 posts
  • OFFLINE
  •  
  • Location:GMT+7
  • Local time:10:51 AM

Posted 27 June 2008 - 09:38 PM

Do you still need help with your machine?

If the instructions are unclear or something isn't working, please let me know before proceeding.
Teacher at Malware Removal University | ASAP & UNITE Member

#4 silver

silver

  • Members
  • 480 posts
  • OFFLINE
  •  
  • Location:GMT+7
  • Local time:10:51 AM

Posted 01 July 2008 - 02:07 AM

Due to lack of response, this thread will now be closed.

If you are the topic starter and would like this topic reopened, please PM a staff member with a link to this thread and we will reopen it for you. Anyone else who needs assistance should begin a new topic.
Teacher at Malware Removal University | ASAP & UNITE Member




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users