Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

some kind of malware/virus


  • This topic is locked This topic is locked
2 replies to this topic

#1 saleen1975

saleen1975

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:59 PM

Posted 03 January 2009 - 12:37 PM

hi i think my computer got infected by the antivirus2009 virus since i was getting there pop ups now i have managed to download malwarebytes, spybot and they scanned and removed a lot of the infections. now i am running norton360 and this virus won't let me update my virus protection. also i can't download firefox when the file is extracting it gives me a files are corrucpt error. i also can't enter into yoville it stays at 100% and can't update priority files from microsoft. thank for your help in advance.




DDS (Version 1.1.0) - NTFSx86
Run by nehemias mercedes at 12:16:29.67 on Sat 01/03/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_10
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.2858 [GMT -5:00]

AV: Norton 360 *On-access scanning enabled* (Outdated)
FW: Norton 360 *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Ahead\InCD\InCDsrv.exe
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\stsystra.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Dell AIO Printer A960\dlbfbmgr.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Dell AIO Printer A960\dlbfbmon.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\nehemias mercedes\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL =
uStart Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
uDefault_Page_URL = hxxp://www.google.com
uSearch Bar =
mSearch Page = hxxp://www.msn.com
mStart Page = hxxp://www.msn.com
mSearch Bar =
mSearchMigratedDefaultURL =
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: : {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~1\crawler\toolbar\ctbr.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: NCO 2.0 IE BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\common files\symantec shared\coshared\browser\2.6\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Shopping Advisor: {a057a204-bacc-4d26-c7d7-6bad84e32fcb} - c:\progra~1\buysaf~1\BUYSAF~1.DLL
BHO: {ca6319c0-31b7-401e-a518-a07c3db8f777} - CBrowserHelperObject Object
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\common files\symantec shared\coshared\browser\2.6\CoIEPlg.dll
TB: &Crawler Toolbar: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - c:\progra~1\crawler\toolbar\ctbr.dll
TB: Shopping Advisor: {a057a204-bacc-4d26-c7d7-6bad84e32fcb} - c:\progra~1\buysaf~1\BUYSAF~1.DLL
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: {62B33E58-54D8-4583-8027-03E212C6FD64} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Creative MediaSource Go] "c:\program files\creative\mediasource\go\CTCMSGo.exe" /SCB
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [AudioDrvEmulator] "c:\program files\creative\shared files\module loader\dllml.exe" -1 audiodrvemulator "c:\program files\creative\shared files\module loader\audio emulator\AudDrvEm.dll"
mRun: [VolPanel] "c:\program files\creative\sound blaster x-fi\volume panel\VolPanel.exe" /r
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\isuspm.exe" -scheduler
mRun: [InCD] c:\program files\ahead\incd\InCD.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [Dell AIO Printer A960] "c:\program files\dell aio printer a960\dlbfbmgr.exe"
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [CTHelper] CTHELPER.EXE
mRun: [CTDVDDET] "c:\program files\creative\sound blaster x-fi\dvdaudio\CTDVDDET.EXE"
mRun: [MMTray] "c:\program files\musicmatch\musicmatch jukebox\mm_tray.exe"
mRun: [MimBoot] c:\progra~1\musicm~1\musicm~3\mimboot.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] c:\program files\java\jre6\bin\jusched.exe
mRun: [Logitech Utility] Logi_MwX.Exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [osCheck] "c:\program files\norton 360\osCheck.exe"
dRunOnce: [RunNarrator] Narrator.exe
dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\GetFlash.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\windows\system32\msjava.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: microsoft.com\update
Trusted Zone: microsoft.com\windowsupdate
Trusted Zone: microsoft.com\www.update
Trusted Zone: windowsupdate.com\download
Trusted Zone: musicmatch.com\online
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\crawler\toolbar\ctbr.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R1 mchInjDrv;madCodeHook DLL injection driver;c:\windows\system32\drivers\mchInjDrv.sys [2008-12-27 2560]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2008-12-31 109616]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20080213.036\NAVENG.SYS [2008-12-31 82256]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20080213.036\NAVEX15.SYS [2008-12-31 895312]
R3 NeroCd2k;NeroCd2k;c:\windows\system32\drivers\NeroCD2k.sys [2001-4-16 44227]
R4 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-2-18 149352]
R4 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-2-18 149352]
R4 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-2-18 149352]
R4 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S0 szkg5;szkg;c:\windows\system32\drivers\szkg.sys --> c:\windows\system32\drivers\szkg.sys [?]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-1-12 23904]
S3 Symantec Core LC;Symantec Core LC;c:\progra~1\common~1\symant~1\ccpd-lc\symlcsvc.exe [2008-12-31 1245064]

=============== Created Last 30 ================

2009-01-03 11:50 <DIR> --d----- c:\program files\Trend Micro
2009-01-03 03:19 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-01-03 03:19 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-01-03 00:09 <DIR> --d----- c:\docume~1\nehemi~1\applic~1\BUYSAFESHOPPINGADVISOR
2009-01-02 14:25 <DIR> --d----- c:\program files\Crawler
2009-01-02 14:10 <DIR> --d----- C:\NSS
2009-01-02 13:40 <DIR> --d----- c:\documents and settings\all users\Symantec Temporary Files
2009-01-02 13:00 <DIR> --d----- c:\program files\buySAFEShoppingAdvisor
2009-01-01 13:48 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2009-01-01 04:09 116,224 a------- c:\windows\system32\dllcache\xrxwiadr.dll
2009-01-01 04:09 23,040 a------- c:\windows\system32\dllcache\xrxwbtmp.dll
2009-01-01 04:09 18,944 a------- c:\windows\system32\dllcache\xrxscnui.dll
2009-01-01 04:09 27,648 a------- c:\windows\system32\dllcache\xrxftplt.exe
2009-01-01 04:09 4,608 a------- c:\windows\system32\dllcache\xrxflnch.exe
2009-01-01 04:09 99,865 a------- c:\windows\system32\dllcache\xlog.exe
2009-01-01 04:07 35,871 a------- c:\windows\system32\dllcache\wbfirdma.sys
2009-01-01 04:06 7,556 a------- c:\windows\system32\dllcache\usroslba.sys
2009-01-01 04:05 11,520 a------- c:\windows\system32\dllcache\twotrack.sys
2009-01-01 04:04 81,408 a------- c:\windows\system32\dllcache\tgiul50.dll
2009-01-01 04:03 285,760 a------- c:\windows\system32\dllcache\stlnata.sys
2009-01-01 04:02 25,034 a------- c:\windows\system32\dllcache\smcpwr2n.sys
2009-01-01 04:01 252,032 a------- c:\windows\system32\dllcache\sis300iv.dll
2009-01-01 04:00 75,392 a------- c:\windows\system32\dllcache\s3savmxm.sys
2009-01-01 03:59 3,840 a------- c:\windows\system32\dllcache\rpfun.sys
2009-01-01 03:58 16,128 a------- c:\windows\system32\dllcache\pscr.sys
2009-01-01 03:57 30,495 a------- c:\windows\system32\dllcache\pc100nds.sys
2009-01-01 03:56 123,776 a------- c:\windows\system32\dllcache\nv3.dll
2009-01-01 03:56 51,552 a------- c:\windows\system32\dllcache\ntgrip.sys
2009-01-01 03:56 9,344 a------- c:\windows\system32\dllcache\ntapm.sys
2009-01-01 03:56 7,552 a------- c:\windows\system32\dllcache\nsmmc.sys
2009-01-01 03:56 28,672 a------- c:\windows\system32\dllcache\nscirda.sys
2008-12-31 22:23 87,040 a------- c:\windows\system32\dllcache\nm6wdm.sys
2008-12-31 22:23 126,080 a------- c:\windows\system32\dllcache\nm5a2wdm.sys
2008-12-31 22:23 32,840 a------- c:\windows\system32\dllcache\ngrpci.sys
2008-12-31 22:23 132,695 a------- c:\windows\system32\dllcache\netwlan5.sys
2008-12-31 22:23 65,278 a------- c:\windows\system32\dllcache\netflx3.sys
2008-12-31 22:21 103,296 a------- c:\windows\system32\dllcache\mtxvideo.sys
2008-12-31 22:21 49,024 a------- c:\windows\system32\dllcache\mstape.sys
2008-12-31 22:21 12,416 a------- c:\windows\system32\dllcache\msriffwv.sys
2008-12-31 22:21 2,944 a------- c:\windows\system32\dllcache\msmpu401.sys
2008-12-31 22:21 22,016 a------- c:\windows\system32\dllcache\msircomm.sys
2008-12-31 22:21 35,200 a------- c:\windows\system32\dllcache\msgame.sys
2008-12-31 22:21 6,016 a------- c:\windows\system32\dllcache\msfsio.sys
2008-12-31 22:19 727,786 a------- c:\windows\system32\dllcache\ltck000c.sys
2008-12-31 22:18 26,624 a------- c:\windows\system32\dllcache\irstusb.sys
2008-12-31 22:17 61,952 a------- c:\windows\system32\dllcache\icam4ext.dll
2008-12-31 22:16 542,879 a------- c:\windows\system32\dllcache\hsf_msft.sys
2008-12-31 22:15 123,392 a------- c:\windows\system32\dllcache\hpgt21tk.dll
2008-12-31 22:14 442,240 a------- c:\windows\system32\dllcache\fpnpbase.sys
2008-12-31 22:13 595,647 a------- c:\windows\system32\dllcache\es56cvmp.sys
2008-12-31 22:12 19,594 a------- c:\windows\system32\dllcache\e100isa4.sys
2008-12-31 22:11 103,044 a------- c:\windows\system32\dllcache\digidxb.sys
2008-12-31 22:10 175,104 a------- c:\windows\system32\dllcache\csamsp.dll
2008-12-31 22:09 66,082 a------- c:\windows\system32\dllcache\c_870.nls
2008-12-31 22:08 26,624 a------- c:\windows\system32\dllcache\ativxbar.sys
2008-12-31 22:03 66,048 a------- c:\windows\system32\dllcache\s3legacy.dll
2008-12-31 19:10 <DIR> --d----- c:\program files\Norton 360
2008-12-31 19:08 123,952 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2008-12-31 19:08 60,800 a------- c:\windows\system32\S32EVNT1.DLL
2008-12-31 19:08 10,671 a------- c:\windows\system32\drivers\SYMEVENT.CAT
2008-12-31 19:08 805 a------- c:\windows\system32\drivers\SYMEVENT.INF
2008-12-31 19:08 <DIR> --d----- c:\program files\Symantec
2008-12-31 16:17 <DIR> --d----- c:\docume~1\nehemi~1\applic~1\Malwarebytes
2008-12-31 16:17 15,504 a------- c:\windows\system32\drivers\mbam.sys
2008-12-31 16:17 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-31 16:17 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2008-12-31 16:17 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2008-12-30 18:04 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Symantec
2008-12-30 17:37 78,048,408 a------- C:\N360S200.exe
2008-12-30 16:57 <DIR> --d----- c:\windows\LMI6.tmp
2008-12-30 15:24 <DIR> --d----- c:\windows\LMI302.tmp
2008-12-30 03:48 <DIR> --d----- c:\windows\system32\N360_BACKUP
2008-12-30 02:00 1,262,893 ---sh--- c:\windows\system32\umutegas.ini
2008-12-29 09:52 2,713 ---sh--- c:\windows\system32\kukikobe.dll
2008-12-29 01:41 <DIR> --d----- c:\program files\Microsoft Windows OneCare Live
2008-12-28 19:50 1,261,704 ---sh--- c:\windows\system32\ovobamok.ini
2008-12-28 01:37 <DIR> --d----- c:\program files\Sling Media
2008-12-27 19:49 1,262,968 ---sh--- c:\windows\system32\usavubay.ini
2008-12-27 06:52 2,713 ---sh--- c:\windows\system32\gugaduwu.exe
2008-12-27 01:29 66,952 a------- c:\windows\system32\drivers\iksysflt.sys
2008-12-27 01:29 81,288 a------- c:\windows\system32\drivers\iksyssec.sys
2008-12-27 01:29 40,840 a------- c:\windows\system32\drivers\ikfilesec.sys
2008-12-27 01:29 29,576 a------- c:\windows\system32\drivers\kcom.sys
2008-12-27 01:25 2,560 a------- c:\windows\system32\drivers\mchInjDrv.sys
2008-12-27 00:52 <DIR> --d----- c:\program files\Spyware Doctor
2008-12-25 22:48 <DIR> --d----- c:\windows\Logs
2008-12-25 05:02 <DIR> --d----- c:\program files\XoftSpySE
2008-12-24 15:03 <DIR> --dsh--- C:\found.000
2008-12-24 12:08 <DIR> --d----- c:\program files\common files\Download Manager
2008-12-23 23:49 281 a------- C:\Shortcut to Backup (D).lnk
2008-12-23 23:47 432 a------- C:\Shortcut to Shared Documents.lnk
2008-12-23 23:46 644 a------- C:\Shortcut to Guest's Documents.lnk
2008-12-23 23:46 434 a------- C:\Shortcut to My Documents.lnk
2008-12-23 15:26 <DIR> --d----- C:\Netgear
2008-12-16 00:16 <DIR> --d----- c:\program files\Philips
2008-12-15 22:35 <DIR> --d----- c:\program files\Enigma Software Group
2008-12-14 00:49 2,713 -c-sh--- c:\windows\system32\rovuruye.dll
2008-12-12 11:46 1,647,277 ---sh--- c:\windows\system32\ilofezuw.tmp
2008-12-08 20:31 <DIR> --d----- c:\documents and settings\nehemias mercedes\Tracing
2008-12-08 20:23 3,426,072 ac------ c:\windows\system32\d3dx9_32.dll
2008-12-08 20:19 <DIR> --d----- c:\program files\Microsoft
2008-12-08 20:14 <DIR> --d----- c:\program files\common files\Windows Live
2008-12-08 11:50 <DIR> --d----- C:\ConverterOutput
2008-12-08 02:45 <DIR> --d----- c:\program files\Tansee iPhone Transfer

==================== Find3M ====================

2008-12-30 02:00 97,932 a--sh--- c:\windows\system32\suliweya.dll
2008-12-30 00:59 63,181 a--sh--- c:\windows\system32\sihivubo.dll
2008-12-27 18:49 61,541 a--sh--- c:\windows\system32\nevigapi.dll
2008-12-25 13:19 63,701 a--sh--- c:\windows\system32\loditija.dll
2008-12-23 12:12 62,038 ac-sh--- c:\windows\system32\zizaduvu.dll
2008-12-13 01:40 3,593,216 a------- c:\windows\system32\dllcache\mshtml.dll
2008-12-10 23:45 62,010 a--sh--- c:\windows\system32\fibibeme.dll
2008-12-08 11:44 64,151 ac-sh--- c:\windows\system32\durewoji.dll
2008-12-03 17:11 81,920 -c------ c:\windows\bwUnin-6.1.4.61-8876480L.exe
2008-12-02 14:21 410,976 ac------ c:\windows\system32\deploytk.dll
2008-10-24 06:21 455,296 a------- c:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 07:36 286,720 ac------ c:\windows\system32\SET146.tmp
2008-10-23 07:36 286,720 a------- c:\windows\system32\gdi32.dll
2008-10-23 07:36 286,720 a------- c:\windows\system32\dllcache\gdi32.dll
2008-10-23 07:36 286,720 -c------ c:\windows\system32\SET2E.tmp
2008-10-23 07:36 286,720 -c------ c:\windows\system32\SET200.tmp
2008-10-16 14:13 1,809,944 a------- c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 14:13 202,776 a------- c:\windows\system32\dllcache\wuweb.dll
2008-10-16 14:12 323,608 a------- c:\windows\system32\dllcache\wucltui.dll
2008-10-16 14:12 561,688 a------- c:\windows\system32\dllcache\wuapi.dll
2008-10-16 14:09 92,696 a------- c:\windows\system32\dllcache\cdm.dll
2008-10-16 14:09 51,224 a------- c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 14:08 34,328 a------- c:\windows\system32\dllcache\wups.dll
2008-10-16 14:06 268,648 ac------ c:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 ac------ c:\windows\system32\muweb.dll
2008-10-16 08:11 70,656 a------- c:\windows\system32\dllcache\ie4uinit.exe
2008-10-15 11:34 337,408 a------- c:\windows\system32\dllcache\netapi32.dll
2008-10-15 02:06 633,632 a--s---- c:\windows\system32\dllcache\iexplore.exe
2008-10-15 02:04 161,792 a------- c:\windows\system32\dllcache\ieakui.dll
2007-08-06 21:20 87,608 ac------ c:\docume~1\nehemi~1\applic~1\inst.exe
2007-08-06 21:20 47,360 ac------ c:\docume~1\nehemi~1\applic~1\pcouffin.sys
2007-09-29 22:10 56 -c-shr-- c:\windows\system32\E310C9A9A9.sys
2007-09-29 22:10 4,184 ac-sh--- c:\windows\system32\KGyGaAvL.sys
2008-08-02 12:59 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008080220080803\index.dat

============= FINISH: 12:16:59.32 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:11:59 PM

Posted 05 January 2009 - 07:15 AM

Hello Saleen1975 and welcome to BleepingComputer,

1. * Clean your Cache and Cookies in IE:
  • Close all instances of Outlook Express and Internet Explorer
  • Go to Control Panel > Internet Options > General tab
  • Under Browsing History, click Delete.
  • Click Delete Files, Delete cookies and Delete history
  • Click Close below.
* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):
  • Go to Tools > Options.
  • Click Privacy in the menu..
  • Click the Clear now button below.. A new window will popup what to clear.
  • Select all and click the Clear button again.
  • Click OK to close the Options window
* Clean other Temporary files + Recycle bin
  • Go to start > run and type: cleanmgr and click ok.
  • Let it scan your system for files to remove.
  • Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
  • Press OK to remove them.
2. Please download ComboFix from one of the locations below, and save it to your Desktop.

Link
Link
Link

Double click the ComboFix icon to run it.
If ComboFix askes you to install the Recovery Console, please do so..
The Windows Recovery Console will allow you to boot up into a special recovery mode, in case your computer has a problem after an attempted removal of malware. This allows us to help you.
Once the Recovery Console is installed, continue with the malware scan.

Note: Make sure not to click ComboFix's window while it's running. That may cause it to stall or freeze.

Please post the log from ComboFix (can also be found as C:\ComboFix.txt) in your next reply. :thumbsup:

If you have any questions along the way, STOP and ask them before proceeding !!

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#3 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:11:59 PM

Posted 03 February 2009 - 05:41 PM

Since there is no feedback anymore, I assume this issue is resolved ... so, this Topic is closed.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users