Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected With Virtumonde


  • This topic is locked This topic is locked
2 replies to this topic

#1 360236

360236

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 03 January 2009 - 06:39 PM

I have ran my computer with Spyware Doctor and Malwarbytes Anti Malware but both cant get rid of my Virtumonde infection. I even have ran both programs in safe mode but they both cant get rid of them.

Other problems are that I cant run any Administrator accounts on my computer(Windows XP).



(The Attach.txt is attached to this post)


Thank You For Any Help.



DDS.txt File:


DDS (Version 1.1.0) - NTFSx86
Run by Lilly at 15:30:20.64 on Sat 01/03/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.958.433 [GMT -8:00]

AV: BitDefender Antivirus *On-access scanning disabled* (Outdated)
AV: Spyware Doctor with AntiVirus *On-access scanning enabled* (Updated)
FW: BitDefender Firewall *disabled*

============== Running Processes ===============

svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\PROGRA~1\COMMON~1\AOL\123093~1\EE\AOLHOS~1.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\COMMON~1\AOL\123093~1\EE\AOLServiceHost.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Lilly.YOUR-55E5F9E3D2.000\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=desktop
uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop
uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop
mSearchAssistant = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2009\IEToolbar.dll
TB: AOL Toolbar: {4982d40a-c53b-4615-b15b-b5b5e98d167c} - c:\program files\aol toolbar\toolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [AlwaysReady Power Message APP] ARPWRMSG.EXE
mRun: [<NO NAME>]
mRun: [PCDrProfiler]
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [HP Software Update] c:\program files\hp\hp software update\HPwuSchd2.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2009\bdagent.exe"
mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2009\IEShow.exe"
mRun: [ForgottenHeroes.exe]
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
mRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exe
mRun: [HostManager] c:\program files\common files\aol\1230938624\ee\AOLHostManager.exe
mRun: [AOL Spyware Protection] "c:\progra~1\common~1\aol\aolspy~1\AOLSP Scheduler.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\compaq~1.lnk - c:\program files\compaq connections\5577497\program\Compaq Connections.exe
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {4982d40a-c53b-4615-b15b-b5b5e98d167c} - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - c:\program files\aol toolbar\toolbar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: vtuopqhw - vtUopQHw.dll
AppInit_DLLs: wcoclb.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll

============= SERVICES / DRIVERS ===============

R0 IKFileSec;File Security Driver;c:\windows\system32\drivers\ikfilesec.sys [2008-12-14 40840]
R1 IKSysFlt;System Filter Driver;c:\windows\system32\drivers\iksysflt.sys [2008-12-14 66952]
R1 IKSysSec;System Security Driver;c:\windows\system32\drivers\iksyssec.sys [2008-12-14 81288]
R1 pctfw2;pctfw2;c:\windows\system32\drivers\pctfw2.sys [2008-12-14 160792]
R3 mbamprotector;mbamprotector;c:\windows\system32\drivers\mbam.sys [2009-1-3 15504]
R4 bdvedisk;BDVEDISK;c:\program files\bitdefender\bitdefender 2009\BDVEDISK.sys [2008-9-4 82440]
R4 mbamservice;mbamservice;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2008-11-30 170640]
R4 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R4 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2008-12-10 356920]
R4 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2008-12-10 1079176]
S0 gwanijz;gwanijz;c:\windows\system32\drivers\tyitjlkj.sys --> c:\windows\system32\drivers\tyItjlkj.sys [?]
S0 jhucax;jhucax;c:\windows\system32\drivers\vbyo.sys --> c:\windows\system32\drivers\vbyo.sys [?]
S1 ef416888;ef416888;c:\windows\system32\drivers\ef416888.sys [2008-12-14 0]
S3 arrakis3;BitDefender Arrakis Server;"c:\program files\common files\bitdefender\bitdefender arrakis server\bin\arrakis3.exe" --> c:\program files\common files\bitdefender\bitdefender arrakis server\bin\Arrakis3.exe [?]
S3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [2008-9-18 111112]
S3 getplus® helper;getPlus® Helper;c:\program files\nos\bin\getPlus_HelperSvc.exe [2008-12-27 33752]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-1-3 38496]
S3 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2003-4-4 30336]
S3 vhack;vhack;\??\c:\documents and settings\christian.your-55e5f9e3d2\desktop\cs hacks\vhack\vhack.sys --> c:\documents and settings\christian.your-55e5f9e3d2\desktop\cs hacks\vhack\vhack.sys [?]

=============== Created Last 30 ================

2009-01-03 10:59 <DIR> --d----- c:\docume~1\lillyy~1.000\applic~1\Malwarebytes
2009-01-03 10:52 <DIR> --d----- c:\docume~1\lillyy~1.000\applic~1\AOL
2009-01-03 09:21 129,024 a------- c:\windows\system32\dohgmevh.dll
2009-01-03 09:02 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-01-03 09:02 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-03 08:34 <DIR> --d----- C:\VundoFix Backups
2009-01-03 08:13 <DIR> --d----- C:\!KillBox
2009-01-03 07:44 54,156 a---h--- c:\windows\QTFont.qfn
2009-01-03 07:44 1,409 a------- c:\windows\QTFont.for
2009-01-03 07:43 129,024 a------- c:\windows\system32\luslmucd.dll
2009-01-03 07:40 1,307,356 a--sh--- c:\windows\system32\ajyjemsp.ini
2009-01-03 07:34 674,005 a--sh--- c:\windows\system32\FfOnWvut.ini2
2009-01-03 07:34 674,005 a--sh--- c:\windows\system32\FfOnWvut.ini
2009-01-03 05:55 <DIR> --d----- c:\program files\America's Army Server Manager
2009-01-03 05:53 <DIR> --d----- c:\program files\America's Army
2009-01-02 16:59 <DIR> --d----- C:\cache508
2009-01-02 15:28 723 a------- c:\windows\aolback.exe.lnk
2009-01-02 15:28 <DIR> --d----- c:\program files\common files\aolback
2009-01-02 15:28 <DIR> --d----- C:\Install ICQ
2009-01-02 15:28 <DIR> --d----- C:\Install iTunes
2009-01-02 15:28 <DIR> --d----- C:\AOL Instant Messenger
2009-01-02 15:28 <DIR> --d----- C:\MAV
2009-01-02 15:28 <DIR> --d----- C:\aolextras
2009-01-02 15:26 173,184 a------- c:\windows\system32\ygpss.scr
2009-01-02 15:26 <DIR> --d----- c:\program files\common files\Nullsoft
2009-01-02 15:25 86,016 a------- c:\windows\unvise32qt.exe
2009-01-02 15:25 102,400 a------- c:\windows\system32\SimpleRegistry.dll
2009-01-02 15:24 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Viewpoint
2009-01-02 15:24 <DIR> --d----- c:\program files\Viewpoint
2009-01-02 15:24 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Pure Networks
2009-01-02 15:24 <DIR> --d----- c:\program files\Pure Networks
2009-01-02 15:24 <DIR> --d----- c:\program files\common files\AolCoach
2009-01-02 15:23 <DIR> --d----- c:\program files\common files\aolshare
2009-01-02 15:00 <DIR> --d----- c:\program files\Qwest
2009-01-02 15:00 <DIR> --d----- c:\program files\common files\supportsoft
2009-01-02 15:00 <DIR> --d----- c:\program files\2Wire
2009-01-02 15:00 <DIR> --d----- c:\program files\Actiontec
2009-01-02 15:00 143,360 a------- c:\windows\GTRemove.exe
2009-01-02 14:57 <DIR> --d----- c:\program files\common files\AOL
2009-01-02 14:57 2,571 a---h--- C:\IPH.PH
2009-01-02 08:17 <DIR> --d----- c:\program files\Microsoft Games
2009-01-01 06:05 49,152 a------- c:\windows\system32\win.exe
2008-12-31 13:48 <DIR> --d----- c:\program files\TeamViewer
2008-12-31 10:50 <DIR> --d----- c:\program files\OGPlanet
2008-12-31 09:02 105 a------- c:\windows\Hu.INI
2008-12-31 08:33 0 a------- c:\windows\system32\RCBCOOL.cpl
2008-12-31 08:12 1,081,616 a------- c:\windows\system32\MSCOMCTL.OCX
2008-12-31 08:12 221,184 a------- c:\windows\system32\Toolbar2.ocx
2008-12-31 08:12 203,976 a------- c:\windows\system32\RICHTX32.OCX
2008-12-31 08:12 143 a------- c:\windows\system32\RCSTD.pid
2008-12-31 08:12 143 a------- c:\windows\system32\PM.pid
2008-12-31 07:38 <DIR> --d----- c:\program files\Solstar Games
2008-12-31 07:38 16 a------- c:\windows\guiinfo.dat
2008-12-31 06:29 <DIR> --d----- c:\program files\No-IP
2008-12-31 05:50 <DIR> --d----- c:\windows\vbSkinner
2008-12-31 03:32 4,096 a------- c:\windows\d3dx.dat
2008-12-31 03:10 6,066,176 a------- c:\windows\system32\dllcache\ieframe.dll
2008-12-31 03:10 2,455,488 a------- c:\windows\system32\dllcache\ieapfltr.dat
2008-12-31 03:10 991,232 a------- c:\windows\system32\dllcache\ieframe.dll.mui
2008-12-31 03:10 459,264 a------- c:\windows\system32\dllcache\msfeeds.dll
2008-12-31 03:10 383,488 a------- c:\windows\system32\dllcache\ieapfltr.dll
2008-12-31 03:10 267,776 a------- c:\windows\system32\dllcache\iertutil.dll
2008-12-31 03:10 63,488 a------- c:\windows\system32\dllcache\icardie.dll
2008-12-31 03:10 52,224 a------- c:\windows\system32\dllcache\msfeedsbs.dll
2008-12-31 03:10 13,824 a------- c:\windows\system32\dllcache\ieudinit.exe
2008-12-30 13:12 <DIR> --d----- c:\program files\DivX
2008-12-28 10:18 122,880 a------- c:\windows\UnGins.exe
2008-12-28 10:18 <DIR> --d----- c:\program files\ShadowScan
2008-12-28 08:46 <DIR> --d----- c:\program files\Net Tools
2008-12-28 08:26 8,214 a------- c:\windows\system32\SYSTEM.DBS
2008-12-28 06:39 <DIR> --d----- c:\program files\DNA
2008-12-28 06:39 <DIR> --d----- c:\program files\BitTorrent
2008-12-27 08:49 140,288 a------- c:\windows\system32\Comdlg32.ocx
2008-12-27 08:42 159,498 a------- c:\windows\system32\_screenshot.jpg
2008-12-27 08:42 36,088 a------- c:\windows\system32\_capture.jpg
2008-12-26 01:59 124,688 a------- c:\windows\system32\MSWINSCK.OCX
2008-12-24 19:28 <DIR> --d----- c:\windows\.silabclient_store_32
2008-12-24 07:19 2,088 a------- C:\mediamp3.dat
2008-12-24 06:41 72 a------- c:\windows\MediaManager.INI
2008-12-24 06:32 <DIR> --d----- c:\windows\system32\LogFiles
2008-12-24 06:31 <DIR> --d----- c:\program files\MP3 Player Utilities 4.18
2008-12-20 02:08 <DIR> --d----- c:\program files\InCode Solutions
2008-12-19 00:14 <DIR> --d----- c:\windows\system32\CatRoot_bak
2008-12-16 03:38 272,128 a------- c:\windows\system32\drivers\bthport.sys
2008-12-16 03:38 272,128 a------- c:\windows\system32\dllcache\bthport.sys
2008-12-16 03:37 2,180,352 a------- c:\windows\system32\dllcache\ntoskrnl.exe
2008-12-16 03:37 2,136,064 a------- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-12-16 03:37 2,057,728 a------- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-12-16 03:37 2,015,744 a------- c:\windows\system32\dllcache\ntkrpamp.exe
2008-12-16 03:37 28,672 a------- c:\windows\system32\verclsid.exe
2008-12-16 03:34 163,840 a------- c:\windows\system32\dllcache\jgdw400.dll
2008-12-16 03:34 27,648 a------- c:\windows\system32\dllcache\jgpl400.dll
2008-12-16 03:34 453,632 a------- c:\windows\system32\dllcache\mrxsmb.sys
2008-12-16 03:00 <DIR> --d----- c:\windows\system32\PreInstall
2008-12-15 18:49 268,648 a------- c:\windows\system32\mucltui.dll
2008-12-15 18:49 208,744 a------- c:\windows\system32\muweb.dll
2008-12-15 18:49 27,496 a------- c:\windows\system32\mucltui.dll.mui
2008-12-15 18:48 <DIR> --d----- c:\windows\system32\SoftwareDistribution
2008-12-15 17:33 <DIR> --d----- c:\program files\CamStudio
2008-12-15 13:53 <DIR> --d----- c:\windows\SxsCaPendDel
2008-12-15 13:52 121 a------- c:\windows\bdagent.INI
2008-12-15 13:19 850 a------- c:\windows\system32\ProductTweaks.xml
2008-12-15 13:19 385 a------- c:\windows\system32\user_gensett.xml
2008-12-15 13:15 <DIR> --d----- c:\windows\system32\logs
2008-12-15 13:00 <DIR> --d----- c:\windows\system32\appmgmt
2008-12-15 11:19 <DIR> --d----- c:\docume~1\lillyy~1.000\applic~1\Intuit
2008-12-15 11:19 <DIR> --d----- c:\docume~1\lillyy~1.000\applic~1\Digital Interactive Systems Corporation
2008-12-15 11:19 <DIR> --d----- c:\docume~1\lillyy~1.000\applic~1\Symantec
2008-12-15 11:19 <DIR> --d----- c:\documents and settings\lilly.your-55e5f9e3d2.000\WINDOWS
2008-12-15 11:19 <DIR> --d----- c:\documents and settings\Lilly.YOUR-55E5F9E3D2.000
2008-12-15 02:10 <DIR> --d----- c:\windows\system32\quicktime
2008-12-14 15:55 0 a------- c:\windows\system32\drivers\ef416888.sys
2008-12-14 15:23 160,792 a------- c:\windows\system32\drivers\pctfw2.sys
2008-12-14 15:19 81,288 a------- c:\windows\system32\drivers\iksyssec.sys
2008-12-14 15:19 66,952 a------- c:\windows\system32\drivers\iksysflt.sys
2008-12-14 15:19 40,840 a------- c:\windows\system32\drivers\ikfilesec.sys
2008-12-14 15:19 29,576 a------- c:\windows\system32\drivers\kcom.sys
2008-12-14 15:00 410,984 a------- c:\windows\system32\deploytk.dll
2008-12-14 15:00 73,728 a------- c:\windows\system32\javacpl.cpl
2008-12-14 08:48 <DIR> --d----- c:\windows\wt
2008-12-14 08:42 <DIR> --dshr-- C:\cmdcons
2008-12-14 08:42 <DIR> --d----- c:\windows\setupupd
2008-12-14 08:40 1,857 a--shr-- c:\windows\system32\drivers\103C_HP_CPC_EL445AA-ABA SR1750NX NA650_YC_0Pres_QCNH551_E61NAemRED1_48_IAmberine M_SASUSTek Computer INC._V1.03_B3.13_T051115_WXP2_L409_M959_J200_7AMD_8Athlon 64_92.19_#060419_N10EC8139_Z11C10620_G10025954.MRK
2008-12-14 03:12 <DIR> --dshr-- c:\windows\system32\dllcache
2008-12-13 23:08 <DIR> --d----- c:\program files\common files\TechSmith Shared
2008-12-13 21:35 <DIR> --d----- c:\program files\Pivot Stickfigure Animator
2008-12-13 21:30 <DIR> --d-h--- C:\Temp
2008-12-13 14:02 133,632 a------- c:\windows\Otewamikum.dat
2008-12-12 03:02 <DIR> --d----- c:\program files\MSXML 4.0
2008-12-11 19:16 <DIR> --d----- c:\docume~1\alluse~1\applic~1\BitDefender
2008-12-11 19:16 <DIR> --d----- c:\program files\common files\BitDefender
2008-12-11 01:09 <DIR> --d----- c:\program files\Registry Easy
2008-12-10 11:41 141,312 a------- c:\windows\ojivomasiv.dll
2008-12-10 11:25 37,376 a------- c:\windows\Ppakupicericoxe.dll
2008-12-10 11:20 <DIR> --d----- c:\program files\Unlocker
2008-12-10 11:08 <DIR> --d----- c:\program files\common files\PC Tools
2008-12-10 11:08 <DIR> --d----- c:\program files\Spyware Doctor
2008-12-10 11:04 <DIR> --d----- C:\Binaries
2008-12-09 18:37 <DIR> --d----- c:\program files\BitDefender
2008-12-09 18:21 <DIR> --d----- c:\program files\AVG
2008-12-09 18:21 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2008-12-07 22:03 <DIR> --d----- c:\program files\Trend Micro
2008-12-07 14:53 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2008-12-07 04:39 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2008-12-06 19:31 <DIR> --d----- c:\docume~1\alluse~1\applic~1\ConeXware
2008-12-06 19:30 <DIR> --d----- c:\program files\PowerArchiver

==================== Find3M ====================

2008-12-12 22:40 3,593,216 a------- c:\windows\system32\dllcache\mshtml.dll
2008-11-21 13:46 1,044,480 a------- c:\windows\system32\libdivx.dll
2008-11-21 13:46 200,704 a------- c:\windows\system32\ssldivx.dll
2008-10-23 05:01 283,648 a------- c:\windows\system32\gdi32.dll
2008-10-23 05:01 283,648 a------- c:\windows\system32\dllcache\gdi32.dll
2008-10-16 14:13 1,809,944 a------- c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 14:13 202,776 a------- c:\windows\system32\dllcache\wuweb.dll
2008-10-16 14:12 323,608 a------- c:\windows\system32\dllcache\wucltui.dll
2008-10-16 14:12 561,688 a------- c:\windows\system32\dllcache\wuapi.dll
2008-10-16 14:09 92,696 a------- c:\windows\system32\dllcache\cdm.dll
2008-10-16 14:09 51,224 a------- c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 14:08 34,328 a------- c:\windows\system32\dllcache\wups.dll
2008-10-16 05:11 70,656 a------- c:\windows\system32\dllcache\ie4uinit.exe
2008-10-16 02:37 1,023,488 a------- c:\windows\system32\dllcache\browseui.dll
2008-10-16 02:37 1,494,528 a------- c:\windows\system32\dllcache\shdocvw.dll
2008-10-16 02:37 474,112 a------- c:\windows\system32\dllcache\shlwapi.dll
2008-10-16 02:37 1,054,208 a------- c:\windows\system32\dllcache\danim.dll
2008-10-16 02:37 151,040 a------- c:\windows\system32\dllcache\cdfview.dll
2008-10-15 08:57 332,800 a------- c:\windows\system32\dllcache\netapi32.dll
2008-10-14 23:06 633,632 a------- c:\windows\system32\dllcache\iexplore.exe
2008-10-14 23:04 161,792 a------- c:\windows\system32\dllcache\ieakui.dll

============= FINISH: 15:30:43.54 ===============

Attached Files


Edited by 360236, 03 January 2009 - 06:40 PM.


BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:10:56 AM

Posted 15 January 2009 - 05:19 PM

Hello 360236,

Posted Image

Sorry about the delay.:thumbsup: If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.

Please do this:
1. Download HijackThis™ here:
http://www.trendsecure.com/portal/en-US/th.../hijackthis.php

2. Click 'Do a System Scan and Save log'.
The HJT log will open in notepad.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:10:56 AM

Posted 30 January 2009 - 02:12 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users