Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with annoying Popups


  • This topic is locked This topic is locked
2 replies to this topic

#1 Dolphan

Dolphan

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 01 December 2008 - 05:11 AM

Hi everyone:

Every time I open Internet Explorer 7 (IE7) :thumbsup: some other advertising pages comes from diferent places.
Can anyone tell me if my PC is infected with any virus or spyware?

This is a Windows XP Pro PC

Thanks a lot

Regards
Dolphan




Logfile of random's system information tool 1.04 (written by random/random)
Run by Dolphan at 2008-12-01 04:44:46
Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (4%) free of 114 GB
Total RAM: 1536 MB (73% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\McDefragTask.job
C:\WINDOWS\tasks\McQcTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB9FFB4B-9680-4256-8178-5ECDB2C19B23}]
Browser protection - C:\PROGRA~1\SPYNOM~1\SNMIEG~1.DLL [2007-12-02 205776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2007-12-13 1185120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-11-01 582992]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-01-20 185896]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-02-07 71216]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-02-07 54832]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]
"C-Media Mixer"=Mixer.exe /startup []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"SNM"=C:\Program Files\SpyNoMore\SNM.exe [2008-11-26 1064400]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2007-12-22 221568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NexusServer]
C:\Program Files\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe [2007-03-26 389120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RAM Idle Professional]
C:\Program Files\RAM Idle\RAM_XP.exe [2003-05-03 131584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SansaDispatch]
C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe [2007-10-22 75584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SNM]
C:\Program Files\SpyNoMore\SNM.exe [2008-11-26 1064400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Window Washer]
C:\Program Files\Webroot\Washer\wwDisp.exe [2005-04-20 894464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AVG Anti-Spyware Guard"=2

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
ExifLauncher2.lnk - C:\Program Files\FinePixViewer\QuickDCF2.exe
Wireless Configuration Utility HW.14.lnk - C:\Program Files\TRENDnet\TEW-424UB\WlanCU.exe

C:\Documents and Settings\EdSalinas\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="nnhxff.dll hpctxe.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2007-04-19 294912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\All Users\Documents\PROGRAMAS\ANTISPYWARE\P.Malwarebytes_1.28__downarchive\P.Malwarebytes_1.28__downarchive\Malwarebytes_Portable_1.28_MultiLang\App\Malwarebytes\mbam.exe"="C:\Documents and Settings\All Users\Documents\PROGRAMAS\ANTISPYWARE\P.Malwarebytes_1.28__downarchive\P.Malwarebytes_1.28__downarchive\Malwarebytes_Portable_1.28_MultiLang\App\Malwarebytes\mbam.exe:*:Enabled:Malwarebytes"

======List of files/folders created in the last 1 months======

2008-11-29 18:01:56 ----D---- C:\Documents and Settings\EdSalinas\Application Data\WinRAR
2008-11-29 17:19:45 ----D---- C:\WINDOWS\ERUNT
2008-11-29 17:17:28 ----A---- C:\WINDOWS\ntbtlog.txt
2008-11-28 14:42:22 ----D---- C:\SDFix
2008-11-28 14:36:48 ----A---- C:\WINDOWS\system32\MPFServiceFailureCount.txt
2008-11-28 00:54:29 ----D---- C:\rsit
2008-11-28 00:54:29 ----D---- C:\Program Files\trend micro
2008-11-23 03:11:50 ----SHD---- C:\RECYCLER
2008-11-22 05:11:48 ----A---- C:\ComboFix.txt
2008-11-21 20:33:51 ----A---- C:\WINDOWS\zip.exe
2008-11-21 20:33:51 ----A---- C:\WINDOWS\VFIND.exe
2008-11-21 20:33:51 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-11-21 20:33:51 ----A---- C:\WINDOWS\SWSC.exe
2008-11-21 20:33:51 ----A---- C:\WINDOWS\SWREG.exe
2008-11-21 20:33:51 ----A---- C:\WINDOWS\sed.exe
2008-11-21 20:33:51 ----A---- C:\WINDOWS\NIRCMD.exe
2008-11-21 20:33:51 ----A---- C:\WINDOWS\grep.exe
2008-11-21 20:33:51 ----A---- C:\WINDOWS\fdsv.exe
2008-11-21 02:53:45 ----D---- C:\WINDOWS\system32\dPI19
2008-11-21 02:22:17 ----D---- C:\WINDOWS\system32\ID2
2008-11-21 02:22:14 ----D---- C:\WINDOWS\system32\mp
2008-11-21 02:22:10 ----D---- C:\WINDOWS\system32\dim
2008-11-16 06:26:53 ----D---- C:\Program Files\YouTube Downloader
2008-11-14 11:01:51 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-14 11:01:37 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-14 11:01:28 ----A---- C:\WINDOWS\imsins.BAK
2008-11-14 11:01:20 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-14 11:00:46 ----SHD---- C:\Config.Msi
2008-11-14 03:59:55 ----A---- C:\Boot.bak
2008-11-14 03:59:41 ----RASHD---- C:\cmdcons
2008-11-14 03:56:53 ----D---- C:\WINDOWS\ERDNT
2008-11-14 03:56:53 ----D---- C:\Qoobox
2008-11-13 05:27:28 ----D---- C:\Program Files\MSECACHE
2008-11-12 10:26:56 ----D---- C:\Program Files\Hair Pro 7.0
2008-11-12 08:59:50 ----A---- C:\WINDOWS\OEWABLog.txt
2008-11-12 03:56:14 ----D---- C:\Program Files\djDecks
2008-11-12 03:55:38 ----D---- C:\Program Files\SoftJock
2008-11-12 03:55:21 ----D---- C:\Program Files\MixVibesPro5
2008-11-12 01:12:31 ----A---- C:\WINDOWS\system32\37ec8604-.txt
2008-11-12 00:15:27 ----D---- C:\WINDOWS\system32\QI19
2008-11-11 02:57:32 ----D---- C:\Documents and Settings\EdSalinas\Application Data\Malwarebytes
2008-11-11 02:57:32 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-11-10 22:57:31 ----D---- C:\Program Files\SpyNoMore
2008-11-10 22:57:18 ----D---- C:\Program Files\Common Files\Download Manager
2008-11-10 18:49:16 ----A---- C:\WINDOWS\anoxilyra.exe
2008-11-10 18:49:16 ----A---- C:\WINDOWS\aguzoc.bat
2008-11-10 18:49:16 ----A---- C:\Documents and Settings\All Users\Application Data\ifuvigi.vbs
2008-11-10 17:55:49 ----D---- C:\Program Files\Enigma Software Group
2008-11-10 17:34:13 ----A---- C:\WINDOWS\yhaqiz.com
2008-11-10 17:34:13 ----A---- C:\Program Files\Common Files\ybuwymevug.dll
2008-11-10 17:34:13 ----A---- C:\Program Files\Common Files\losuzugyk.bat
2008-11-10 17:34:13 ----A---- C:\Documents and Settings\EdSalinas\Application Data\hajili.exe
2008-11-10 17:34:13 ----A---- C:\Documents and Settings\EdSalinas\Application Data\cyci.bat
2008-11-10 03:47:02 ----D---- C:\WINDOWS\system32\sX3i19
2008-11-07 03:33:13 ----D---- C:\Program Files\ElcomSoft
2008-11-06 05:41:54 ----A---- C:\WINDOWS\AIMPR.INI
2008-11-04 22:26:48 ----A---- C:\WINDOWS\system32\ptpusb.dll
2008-11-04 22:26:38 ----A---- C:\WINDOWS\system32\ptpusd.dll
2008-11-04 22:08:41 ----D---- C:\Documents and Settings\EdSalinas\Application Data\FUJIFILM
2008-11-04 22:07:14 ----A---- C:\WINDOWS\system32\FFTIFF16.dll
2008-11-04 22:07:14 ----A---- C:\WINDOWS\system32\FFRafShellEx.dll
2008-11-04 22:07:14 ----A---- C:\WINDOWS\system32\FFRAFLIB.DLL
2008-11-04 22:07:12 ----D---- C:\Program Files\FinePixViewer
2008-11-02 03:22:13 ----D---- C:\Program Files\SBaGen

======List of files/folders modified in the last 1 months======

2008-12-01 04:17:45 ----D---- C:\WINDOWS\Temp
2008-12-01 03:02:52 ----A---- C:\WINDOWS\RTacDbg.txt
2008-11-30 23:52:14 ----D---- C:\WINDOWS
2008-11-30 23:51:58 ----D---- C:\WINDOWS\Prefetch
2008-11-30 23:47:13 ----D---- C:\WINDOWS\system32
2008-11-30 23:47:10 ----D---- C:\WINDOWS\system32\drivers
2008-11-30 07:53:38 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-30 06:44:52 ----D---- C:\Documents and Settings\EdSalinas\Application Data\Vso
2008-11-30 03:35:32 ----D---- C:\Temp
2008-11-30 02:11:28 ----D---- C:\Documents and Settings
2008-11-29 17:28:34 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-11-29 03:00:29 ----HD---- C:\WINDOWS\inf
2008-11-29 03:00:29 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-29 03:00:18 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-28 00:54:29 ----D---- C:\Program Files
2008-11-26 05:49:17 ----D---- C:\Program Files\NoAdware5.0
2008-11-23 06:52:27 ----D---- C:\Documents and Settings\EdSalinas\Application Data\LimeWire
2008-11-23 03:39:20 ----D---- C:\Documents and Settings\EdSalinas\Application Data\Ashampoo
2008-11-23 03:37:48 ----D---- C:\Program Files\Ashampoo
2008-11-22 05:06:07 ----A---- C:\WINDOWS\system.ini
2008-11-22 05:01:09 ----D---- C:\WINDOWS\system32\config
2008-11-22 04:58:31 ----D---- C:\WINDOWS\AppPatch
2008-11-22 04:58:31 ----D---- C:\Program Files\Common Files
2008-11-22 02:31:17 ----D---- C:\WINDOWS\system32\Restore
2008-11-14 11:01:48 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-14 11:00:51 ----SHD---- C:\WINDOWS\Installer
2008-11-14 11:00:50 ----D---- C:\WINDOWS\WinSxS
2008-11-14 04:11:35 ----SD---- C:\WINDOWS\Tasks
2008-11-14 03:59:55 ----RASH---- C:\boot.ini
2008-11-12 09:41:33 ----A---- C:\WINDOWS\SStylerPro.ini
2008-11-12 05:59:50 ----D---- C:\Program Files\RegVac Registry Cleaner
2008-11-12 05:34:22 ----A---- C:\WINDOWS\win.ini
2008-11-12 05:26:09 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-11-10 18:29:08 ----D---- C:\WINDOWS\pss
2008-11-10 17:44:55 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-10 17:40:46 ----D---- C:\Documents and Settings\EdSalinas\Application Data\Thinstall
2008-11-10 16:58:15 ----D---- C:\WINDOWS\Minidump
2008-11-10 16:58:15 ----D---- C:\WINDOWS\Debug
2008-11-10 04:16:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-07 00:32:11 ----D---- C:\Program Files\eMule
2008-11-06 18:22:17 ----SHD---- C:\System Volume Information
2008-11-04 23:47:30 ----D---- C:\Program Files\Ares Ultra
2008-11-04 22:09:35 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-04 21:40:47 ----D---- C:\WINDOWS\Help
2008-11-03 19:10:25 ----A---- C:\WINDOWS\system32\MRT.exe
2008-11-02 04:58:24 ----A---- C:\WINDOWS\NeroDigital.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 hdaudbuss;hdaudbuss; C:\WINDOWS\System32\drivers\hdaudbuss.sys [2008-11-21 86272]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 mchInjDrv;madCodeHook DLL injection driver; \??\C:\WINDOWS\system32\Drivers\mchInjDrv.sys []
R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2007-11-22 201320]
R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2007-07-13 113952]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-08-19 21035]
R2 CAMTHWDM;WebcamMax, WDM Video Capture; C:\WINDOWS\system32\DRIVERS\CAMTHWDM.sys [2008-03-11 941784]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 musm3gld;musm3gld; \??\C:\WINDOWS\system32\drivers\musm3gld.sys []
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-11-18 377358]
R3 ctljystk;Creative SBLive! Gameport; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-15 34760]
R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager Driver (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2007-11-22 79304]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2007-11-22 35240]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2007-12-02 40488]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-12-03 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2005-11-02 10368]
R3 sfman;Creative SoundFont Manager Driver (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2004-08-03 32768]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 ATE_PROCMON;ATE_PROCMON; C:\WINDOWS\system32\drivers\ATE_PROCMON.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\EDSALI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cwcspud;Crystal SoundFusion™ Driver; C:\WINDOWS\system32\drivers\cwcspud.sys [2001-08-17 111872]
S3 cwcwdm;Crystal SoundFusion™ WDM Driver; C:\WINDOWS\system32\drivers\cwcwdm.sys [2001-08-17 93952]
S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2007-11-22 33832]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 RTL8187B;TRENDnet TEW-424UB 54M USB Dongle; C:\WINDOWS\system32\DRIVERS\RTL8187B.sys [2007-05-04 215040]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SjyPkt;SjyPkt; \??\C:\WINDOWS\System32\Drivers\SjyPkt.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248]
R2 McShield;McAfee Real-time Scanner; C:\Program Files\McAfee\VirusScan\McShield.exe [2007-07-24 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-02-07 173616]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 wwSecSvc;Washer AutoComplete; C:\WINDOWS\system32\wwSecure.exe [2005-04-20 487936]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-12-05 695624]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-02-08 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-11-07 378184]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:08:55 PM

Posted 14 December 2008 - 01:23 PM

Hello Dolphan,

Posted Image

Sorry about the delay.:thumbsup: If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you. Please dson't post the mess you posted in your first log. I don't need it.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:08:55 PM

Posted 23 December 2008 - 02:16 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users