Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

resycled\boot.com not found


  • This topic is locked This topic is locked
2 replies to this topic

#1 nextkiller

nextkiller

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:13 AM

Posted 01 January 2009 - 08:28 PM

When trying to open a disk through my computer a pop-up opens that resycled\boot.com cannot be found.
I already deleted all autorun.inf and resycled folders however the message still keeps popping up.


DDS (Version 1.1.0) - NTFSx86
Run by tonny at 2:21:46,87 on vr 02-01-2009
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_07
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2047.1168 [GMT 1:00]

AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Outdated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\WINDOWS\Twain_32\Sweex Motion Tracking Webcam\MTTool.exe
C:\WINDOWS\Twain_32\Sweex Motion Tracking Webcam\SnapTrap.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe
C:\Program Files\Lexmark 6200 Series\lxbumon.exe
C:\Program Files\Lexmark 6200 Series\ezprint.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\oodtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\lxbucoms.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\PROGRA~1\INTERN~1\IEXPLORE.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\tonny\Bureaublad\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.nl/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {32C620D6-CC10-4e6a-9715-BACACD5B0E61} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [WhatPulse] c:\program files\whatpulse\WhatPulse.exe
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun
uRun: [Steam] "c:\program files\steam\steam.exe" -silent
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\Wcescomm.exe"
uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
uRun: [Nokia.PCSync] "c:\program files\nokia\nokia pc suite 7\PCSync2.exe" /NoDialog
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [NVIDIA nTune] "c:\program files\nvidia corporation\ntune\\nTune.exe" clear
mRun: [ASUS Probe] c:\program files\asus\probe\AsusProb.exe
mRun: [Launch Ai Booster] "c:\program files\asus\ai booster\OverClk.exe"
mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"
mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [HP Software Update] "c:\program files\hewlett-packard\hp software update\HPWuSchd.exe"
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
mRun: [Motor_Tracking_Tool] c:\windows\twain_32\sweex motion tracking webcam\MTTool.exe
mRun: [STICAP] c:\windows\twain_32\sweex motion tracking webcam\SnapTrap.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [lxbumon.exe] "c:\program files\lexmark 6200 series\lxbumon.exe"
mRun: [EzPrint] "c:\program files\lexmark 6200 series\ezprint.exe"
mRun: [OODefragTray] c:\windows\system32\oodtray.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [RemoteControl8] "c:\program files\cyberlink\powerdvd8\PDVD8Serv.exe"
mRun: [PDVD8LanguageShortcut] "c:\program files\cyberlink\powerdvd8\language\Language.exe"
mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
StartupFolder: c:\docume~1\tonny\menust~1\progra~1\opstar~1\mopypo~1.lnk - c:\mopyfish\GETPOINT.EXE
StartupFolder: c:\docume~1\tonny\menust~1\progra~1\opstar~1\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\bttray.lnk - c:\program files\belkin\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Verzenden naar &Bluetooth-apparaat... - c:\program files\belkin\bluetooth software\btsendto_ie_ctx.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\belkin\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
TCP: {302802A4-3672-4EB2-A347-8E5D649EF3CC} = 10.0.0.1,213.197.28.3
TCP: {D228ECEE-6350-4844-AFAB-BE4A91FE5E71} = 10.0.0.1,213.197.28.3
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: crypt - crypts.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
Notify: NavLogon - c:\windows\system32\NavLogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\tonny\applic~1\mozilla\firefox\profiles\m3q3hjgv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: network.proxy.ftp - 203.144.160.244
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - 203.144.160.244
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - 203.144.160.244
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 203.144.160.244
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 203.144.160.244
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 4

============= SERVICES / DRIVERS ===============

R0 SiWinAcc;SiWinAcc;c:\windows\system32\drivers\SiWinAcc.sys [2004-11-1 17064]
R1 SAVRT;SAVRT;\??\c:\program files\symantec antivirus\savrt.sys [2005-2-4 324232]
R1 SAVRTPEL;SAVRTPEL;\??\c:\program files\symantec antivirus\Savrtpel.sys [2005-2-4 53896]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};\??\c:\program files\cyberlink\powerdvd8\000.fcl [2008-6-27 61424]
R2 ccEvtMgr;Symantec Event Manager;"c:\program files\common files\symantec shared\ccEvtMgr.exe" [2005-4-8 185968]
R2 ccSetMgr;Symantec Settings Manager;"c:\program files\common files\symantec shared\ccSetMgr.exe" [2005-4-8 161392]
R2 Symantec AntiVirus;Symantec AntiVirus;"c:\program files\symantec antivirus\Rtvscan.exe" [2005-4-17 1706176]
R3 NAVENG;NAVENG;\??\c:\progra~1\common~1\symant~1\virusd~1\20090101.005\naveng.sys [2009-1-2 89104]
R3 NAVEX15;NAVEX15;\??\c:\progra~1\common~1\symant~1\virusd~1\20090101.005\navex15.sys [2009-1-2 876112]
S2 bEvtService;bEvtService;c:\windows\system32\bEvtService.exe -k netsvcs []
S2 CbEvtSvc;CbEvtSvc;c:\windows\system32\CbEvtSvc.exe -k netsvcs []
S3 ccPwdSvc;Symantec Password Validation;"c:\program files\common files\symantec shared\ccPwdSvc.exe" [2005-4-8 83568]
S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys []
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2008-10-26 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2008-10-26 8320]
S3 SavRoam;SAVRoam;"c:\program files\symantec antivirus\SavRoam.exe" [2005-4-17 124608]
S3 SQTECH930B;Sweex Motion Tracking Webcam;c:\windows\system32\drivers\Capt930b.sys [2008-4-25 376374]

=============== Created Last 30 ================

2009-01-01 23:47 108,336 a------- c:\windows\system32\mswinsck.ocx
2009-01-01 23:47 705 a------- C:\eoscmb.exe
2009-01-01 23:47 705 a------- C:\iuuksh.exe
2009-01-01 23:47 2 a------- C:\1556563327
2008-12-27 16:47 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Hitman Pro
2008-12-27 16:47 <DIR> --d----- c:\program files\Hitman Pro 3
2008-12-27 16:47 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Hitman Pro 3
2008-12-27 15:51 123,200 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2008-12-27 15:51 91,856 a------- c:\windows\system32\S32EVNT1.DLL
2008-12-27 15:50 <DIR> --d----- c:\program files\Symantec
2008-12-27 15:50 <DIR> --d----- c:\program files\Symantec AntiVirus
2008-12-27 15:50 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Symantec
2008-12-27 14:50 <DIR> --d----- c:\program files\common files\CyberLink
2008-12-27 14:48 29,480 a------- c:\windows\system32\msxml3a.dll
2008-12-27 14:48 16,198 a------- c:\windows\system32\sft.res
2008-12-27 11:57 98,304 a------- c:\windows\system32\CmdLineExt.dll
2008-12-21 16:32 831,048 a------- c:\windows\system32\WudfUpdate_01005.dll
2008-12-20 22:24 202,776 ac------ c:\windows\system32\dllcache\wuweb.dll
2008-12-19 07:55 <DIR> --d----- c:\windows\system32\NtmsData
2008-12-18 09:38 608 a------- C:\bar.emf
2008-12-16 10:24 <DIR> --d----- c:\docume~1\tonny\applic~1\Helios
2008-12-16 10:24 <DIR> --d----- c:\program files\TextPad 5
2008-12-14 14:37 <DIR> --d----- c:\documents and settings\tonny\vpworkspace
2008-12-14 14:35 <DIR> --d----- c:\documents and settings\tonny\.vplls
2008-12-14 14:25 <DIR> --d----- c:\program files\VP Suite 3.4
2008-12-04 23:21 <DIR> --d----- c:\documents and settings\tonny\amsn
2008-12-04 23:21 <DIR> --d----- c:\program files\aMSN
2008-12-04 20:28 3,786,760 a------- c:\windows\system32\D3DX9_37.dll
2008-12-04 20:28 1,420,824 a------- c:\windows\system32\D3DCompiler_37.dll
2008-12-04 20:28 462,864 a------- c:\windows\system32\d3dx10_37.dll
2008-12-04 20:28 81,768 a------- c:\windows\system32\xinput1_3.dll
2008-12-04 19:17 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys
2008-12-04 19:17 1,106,944 -c------ c:\windows\system32\dllcache\msxml3.dll
2008-12-04 19:17 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll
2008-12-04 19:16 333,824 -c------ c:\windows\system32\dllcache\srv.sys
2008-12-04 19:16 2,149,888 -c------ c:\windows\system32\dllcache\ntkrnlmp.exe
2008-12-04 19:16 2,070,400 -c------ c:\windows\system32\dllcache\ntkrnlpa.exe
2008-12-04 19:16 2,028,544 -c------ c:\windows\system32\dllcache\ntkrpamp.exe
2008-12-04 19:16 2,193,536 -c------ c:\windows\system32\dllcache\ntoskrnl.exe
2008-12-04 19:16 138,496 -c------ c:\windows\system32\dllcache\afd.sys
2008-12-04 19:16 1,846,528 -c------ c:\windows\system32\dllcache\win32k.sys
2008-12-04 19:15 331,776 -c------ c:\windows\system32\dllcache\msadce.dll
2008-12-04 19:15 691,712 -c------ c:\windows\system32\dllcache\inetcomm.dll
2008-12-04 19:14 272,640 -c------ c:\windows\system32\dllcache\bthport.sys
2008-12-04 19:14 203,136 -c------ c:\windows\system32\dllcache\rmcast.sys
2008-12-04 18:56 221,184 a------- c:\windows\system32\wmpns.dll
2008-12-04 18:43 <DIR> --d----- c:\windows\system32\nl
2008-12-04 18:43 <DIR> --d----- c:\windows\l2schemas
2008-12-04 18:41 <DIR> --d----- c:\windows\network diagnostic
2008-12-04 18:28 27,672 a------- c:\windows\system32\wuapi.dll.mui
2008-12-04 18:28 <DIR> --d----- c:\windows\system32\SoftwareDistribution
2008-12-04 18:13 507,400 a------- c:\windows\system32\XAudio2_1.dll
2008-12-04 18:13 238,088 a------- c:\windows\system32\xactengine3_1.dll
2008-12-04 18:13 65,032 a------- c:\windows\system32\XAPOFX1_0.dll
2008-12-04 18:13 25,608 a------- c:\windows\system32\X3DAudio1_4.dll
2008-12-04 18:13 479,752 a------- c:\windows\system32\XAudio2_0.dll
2008-12-04 18:13 238,088 a------- c:\windows\system32\xactengine3_0.dll
2008-12-04 18:13 25,608 a------- c:\windows\system32\X3DAudio1_3.dll

==================== Find3M ====================

2008-12-26 23:45 65,236 a---h--- c:\windows\system32\mlfcache.dat
2008-12-04 20:05 512,410 a------- c:\windows\system32\perfh013.dat
2008-12-04 20:05 92,052 a------- c:\windows\system32\perfc013.dat
2008-12-04 18:44 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2008-11-08 00:29 1,522 a------- c:\windows\mozver.dat
2008-10-23 13:43 286,720 a------- c:\windows\system32\gdi32.dll
2008-10-16 02:02 669,184 a------- c:\windows\system32\wininet.dll
2008-04-24 19:50 32 a------- c:\docume~1\alluse~1\applic~1\ezsid.dat

============= FINISH: 2:22:19,37 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:09:13 PM

Posted 13 January 2009 - 03:11 PM

Hello nextkiller,

Posted Image

Sorry about the delay.:thumbsup: If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.

Please do this:
1. Download HijackThis™ here:
http://www.trendsecure.com/portal/en-US/th.../hijackthis.php

2. Click 'Do a System Scan and Save log'.
The HJT log will open in notepad.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:09:13 PM

Posted 23 January 2009 - 05:03 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users