Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Anyone please tell me what virus I have so I can kill it


  • This topic is locked This topic is locked
2 replies to this topic

#1 cbcrod

cbcrod

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:08 PM

Posted 16 February 2009 - 06:23 PM

Running XP Pro Ver 2002 Service Pack 3

I have got a virus on my computer but have no idea what it is. I think it was downloaded by accident with several others on a program sharing site. I used Norton, AVG 8, Spybot s&d and a few others to try and get them/it off my computer. Some names that were found included Backdoor.tideserv! inf, Packed.generic.200, trojan.nebulerbosch. These seemed to get removed on the initial searches and all searches have come up clean since.
I still have problems so think something is hiding and I need help removing it.
Symptoms I have now are Internet Explorer 7 (upgraded to 8 to try and fix) will not start up. The debug send error message box pops up instead of the program. I installed Mozilla Firefox so I could have a browser, when I click on Windows Update and any Windows sites to download virus removal programs or fixes the page either freezes or closes. When I tried to update the newly installed AVG 8 like the other programs it froze on the virus definition update saying there was no broadband connection. I updated it manually with a pen drive from another computer. Also not working is my Windows restore, the points are there on the calender but when I try restoring the computer just hangs.

Any advice would be greatly appreciated.

Many thanks Mark


DDS (Ver_09-02-01.01) - NTFSx86
Run by Mark XXXXXX at 21:42:52.76 on 16/02/2009
Internet Explorer: 8.0.6001.18372 BrowserJavaVersion: 1.6.0_12
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.2046.1061 [GMT 0:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Iconix\OEAddOn\OEdmn_4.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\parentalcontrol\parentalcontrol.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Common Files\Iconix\IconixService.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\AVG\AVG8\aAvgApi.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
J:\WinCalendarTime-1.0\WinCalendarTime.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Mozilla Firefox\firefox.exe
D:\DATA\My Documents\My Downloads\HiJackThis.exe
C:\Program Files\Cobian Backup 8\Cobian.exe
C:\Program Files\Cobian Backup 8\cbInterface.exe
D:\DATA\My Documents\My Downloads\dds.scr

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = *.local
BHO: IE7Pro BHO: {00011268-e188-40df-a514-835fcd78b1bf} - c:\program files\iepro\iepro.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: eBay Toolbar Helper: {22d8e815-4a5e-4dfb-845e-aab64207f5bd} - c:\program files\ebay\ebay toolbar2\eBayTB.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Parental Control Toolbar: {4e7bd74f-2b8d-469e-9fa5-a33de8dbe931} - c:\progra~1\parent~1\PARENT~1.DLL
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: IconixBHOClass Class: {761233b6-f228-49e4-8f6b-668499d4e55a} - c:\program files\iconix\ieaddon\IconixBHO_37.dll
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: eBay Toolbar: {92085ad4-f48a-450d-bd93-b28cc7df67ce} - c:\program files\ebay\ebay toolbar2\eBayTB.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: Parental Control Toolbar: {4e7bd74f-2b8d-469e-9fa5-a33de8dbe931} - c:\progra~1\parent~1\PARENT~1.DLL
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [Active Desktop Calendar] c:\program files\xemicomputers\active desktop calendar\ADC.exe
uRun: [1&1 EasyLogin] c:\program files\1&1\1&1 easylogin\EasyLogin.exe
uRun: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\RegistryBooster.exe /S
uRun: [RegistryMechanic] c:\program files\registry mechanic\RegMech.exe /H
uRun: [XSC SIP Client] "c:\program files\sipgate x-lite\sipgateXLite.exe"
uRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\HOMERunner.exe"
uRun: [Antispyware] c:\program files\antispyware\Antispyware.exe -boot
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [Ulead AutoDetector v2] c:\program files\common files\ulead systems\autodetector\monitor.exe
mRun: [zBrowser Launcher] c:\program files\logitech\itouch\iTouch.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [eBayToolbar] c:\program files\ebay\ebay toolbar2\eBayTBDaemon.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [IconixOEAddOn] "c:\program files\iconix\oeaddon\OEdmn_4.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [parentalcontrol] "c:\program files\parentalcontrol\parentalcontrol.exe" "c:\program files\parentalcontrol\parentalcontrol.dll" "parentalcontrol"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [Cobian Backup 8] "c:\program files\cobian backup 8\Cobian.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\markan~1\startm~1\programs\startup\mailwa~1.lnk - c:\program files\firetrust\mailwasher pro\MailWasher.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\sipgat~1.lnk - c:\program files\sipgate x-lite\sipgateXLite.exe
IE: eBay Search - c:\program files\ebay\ebay toolbar2\eBayTb.dll/RCSearch.html
IE: {5CC5AADB-AD8E-433a-A5DE-46F33901281A} - c:\program files\pc techzone\merlin auctionmagic\ie toolbar\iebutton.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {000002a3-84fe-43f1-b958-f2c3ca804f1a} - {CD275D4E-791A-4993-9D4D-6A071EDD2709} - c:\program files\iepro\iepro.dll
IE: {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - {B119EB0C-C021-46CF-85B0-34A760E0D5FE} - c:\program files\iepro\iepro.dll
IE: {400A6CFA-E326-4d61-A90C-9AD75358DC5F} - {44E212AB-13EA-4CA4-BE65-197FBA170412} - c:\program files\iconix\ieaddon\IconixBHO_37.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {BC3F6B6D-2E49-4603-B028-7411655713F3} - {0CC2F28D-D415-4FC6-A2E4-54B4D983609A} - c:\program files\iconix\ieaddon\IconixBHO_37.dll
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://go.microsoft.com/fwlink/?linkid=58813
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1223923665631
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} - hxxp://static.photobox.co.uk/sg/common/uploader_uni.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 85.255.112.39,85.255.112.40
TCP: {EC1D1108-4297-4F5B-B4B1-1E51360758F0} = 85.255.112.39,85.255.112.40
Handler: intu-res - {9CE7D474-16F9-4889-9BB9-53E2008EAE8A} - c:\program files\common files\intuit\intu-res.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: NavLogon - c:\windows\system32\NavLogon.dll
Notify: winexy32 - winexy32.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\markan~1\applic~1\mozilla\firefox\profiles\fyx3okqt.default\
FF - prefs.js: browser.startup.homepage - hxxp://my.ebay.co.uk/ws/eBayISAPI.dll?MyeBay&CurrentPage=MyeBayWatching&gbh=1&ssPageName=STRK:ME:LNLK
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg8\toolbarff\components\vmAVGConnector.dll
FF - plugin: c:\program files\entriq\mediasphere\3.8.2.9\npEntriqMediaMozillaPlugin.dll
FF - plugin: c:\program files\entriq\mediasphere\3.8.2.9\npEntriqVersionCheckMozillaPlugin.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-2-15 325128]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-2-15 27656]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-15 107272]
R1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2006-9-6 337592]
R1 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2006-9-6 54968]
R2 ASFIPmon;Broadcom ASF IP Monitor;c:\program files\broadcom\asfipmon\AsfIpMon.exe [2006-3-17 65536]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-2-15 298264]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2006-7-19 192160]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2006-7-19 169632]
R2 IconixService;Iconix Update Service;c:\program files\common files\iconix\IconixService.exe [2008-8-13 254224]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;c:\program files\common files\nero\nero backitup 4\NBService.exe [2008-12-5 935208]
R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2006-9-27 1813232]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2008-9-9 99376]
R3 LCcfltr;Logitech USB Filter Driver;c:\windows\system32\drivers\LCcfltr.sys [2007-5-26 14095]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20090215.002\naveng.sys [2009-2-15 89104]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20090215.002\navex15.sys [2009-2-15 876112]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-5-22 29744]
S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\npf.sys --> c:\windows\system32\drivers\npf.sys [?]
S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2006-9-27 116464]

=============== Created Last 30 ================

2009-02-16 20:56 <DIR> --d----- c:\program files\Cobian Backup 8
2009-02-15 21:47 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-02-15 21:07 107,272 a------- c:\windows\system32\drivers\avgtdix.sys
2009-02-15 21:07 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-02-15 21:07 325,128 a------- c:\windows\system32\drivers\avgldx86.sys
2009-02-15 21:07 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-02-15 21:07 <DIR> --d----- c:\docume~1\markan~1\applic~1\AVGTOOLBAR
2009-02-15 21:07 <DIR> --d----- c:\program files\AVG
2009-02-15 21:07 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-02-15 00:26 552 a------- c:\windows\system32\d3d8caps.dat
2009-02-14 12:23 26 a------- c:\windows\Zone.Identifier
2009-02-13 20:42 <DIR> --d----- c:\docume~1\markan~1\applic~1\Antispyware
2009-02-13 13:02 4,642 a------- c:\windows\system32\tmp.reg
2009-02-11 22:24 <DIR> --dsh--- c:\documents and settings\mark anson\PrivacIE
2009-02-11 22:06 <DIR> --dsh--- c:\documents and settings\mark anson\IETldCache
2009-02-11 21:56 <DIR> -cd-h--- c:\windows\ie8
2009-02-03 22:31 <DIR> --d----- c:\program files\Aimersoft
2009-02-03 22:04 434,176 a------- c:\windows\system32\Mpeg2DecFilter.ax
2009-02-03 22:04 376,832 a------- c:\windows\system32\AVAide_MpegSplitter.ax
2009-01-27 22:40 <DIR> --d----- c:\docume~1\markan~1\applic~1\NetMedia Providers
2009-01-27 22:40 <DIR> --d----- c:\docume~1\markan~1\applic~1\Sonic Foundry
2009-01-27 22:39 <DIR> --d----- c:\program files\Sonic Foundry
2009-01-27 22:39 156,910 a------- c:\windows\WMSysPr8.prx
2009-01-27 22:39 665,424 a------- c:\windows\system32\wmv8dmoe.dll
2009-01-27 22:39 566,272 a------- c:\windows\system32\wmvdmoe.dll
2009-01-27 22:39 438,608 a------- c:\windows\system32\wmv8dmod.dll
2009-01-27 22:39 1,683,792 a------- c:\windows\system32\wmvcore2.dll
2009-01-27 22:39 285,184 a------- c:\windows\system32\wmidx2.ocx
2009-01-27 22:37 <DIR> --d----- c:\program files\Sonic Foundry Setup
2009-01-23 10:48 <DIR> --d----- c:\program files\sipgate X-Lite
2009-01-18 12:12 <DIR> --d----- c:\docume~1\markan~1\applic~1\NeroDigital™

==================== Find3M ====================

2009-02-13 20:11 410,984 a------- c:\windows\system32\deploytk.dll
2009-01-15 02:17 636,264 a------- c:\windows\system32\dllcache\iexplore.exe
2009-01-15 02:17 392,040 a------- c:\windows\system32\dllcache\iedkcs32.dll
2009-01-15 02:13 5,888,512 a------- c:\windows\system32\dllcache\mshtml.dll
2009-01-15 02:12 10,963,968 a------- c:\windows\system32\dllcache\ieframe.dll
2009-01-15 02:06 1,182,720 a------- c:\windows\system32\dllcache\urlmon.dll
2009-01-15 02:06 236,544 a------- c:\windows\system32\dllcache\webcheck.dll
2009-01-15 02:06 105,984 a------- c:\windows\system32\dllcache\url.dll
2009-01-15 02:05 911,872 a------- c:\windows\system32\wininet.dll
2009-01-15 02:05 911,872 a------- c:\windows\system32\dllcache\wininet.dll
2009-01-15 02:05 193,536 a------- c:\windows\system32\dllcache\msrating.dll
2009-01-15 02:05 109,056 a------- c:\windows\system32\dllcache\occache.dll
2009-01-15 02:05 43,008 a------- c:\windows\system32\licmgr10.dll
2009-01-15 02:05 43,008 a------- c:\windows\system32\dllcache\licmgr10.dll
2009-01-15 02:04 755,200 a------- c:\windows\system32\dllcache\VGX.dll
2009-01-15 02:04 18,944 a------- c:\windows\system32\corpol.dll
2009-01-15 02:04 18,944 -------- c:\windows\system32\dllcache\corpol.dll
2009-01-15 02:04 25,600 a------- c:\windows\system32\dllcache\jsproxy.dll
2009-01-15 02:02 1,975,296 a------- c:\windows\system32\dllcache\iertutil.dll
2009-01-15 02:02 593,920 a------- c:\windows\system32\dllcache\msfeeds.dll
2009-01-15 02:02 611,840 a------- c:\windows\system32\dllcache\mstime.dll
2009-01-15 02:01 183,808 a------- c:\windows\system32\dllcache\iepeers.dll
2009-01-15 02:01 59,904 a------- c:\windows\system32\dllcache\icardie.dll
2009-01-15 02:01 54,272 a------- c:\windows\system32\dllcache\msfeedsbs.dll
2009-01-15 02:01 34,304 a------- c:\windows\system32\imgutil.dll
2009-01-15 02:01 34,304 a------- c:\windows\system32\dllcache\imgutil.dll
2009-01-15 02:01 348,160 a------- c:\windows\system32\dllcache\dxtmsft.dll
2009-01-15 02:01 46,592 a------- c:\windows\system32\dllcache\pngfilt.dll
2009-01-15 02:01 216,064 a------- c:\windows\system32\dllcache\dxtrans.dll
2009-01-15 02:01 66,560 a------- c:\windows\system32\dllcache\mshtmled.dll
2009-01-15 02:00 48,128 a------- c:\windows\system32\mshtmler.dll
2009-01-15 02:00 48,128 a------- c:\windows\system32\dllcache\mshtmler.dll
2009-01-15 02:00 45,568 a------- c:\windows\system32\mshta.exe
2009-01-15 02:00 45,568 a------- c:\windows\system32\dllcache\mshta.exe
2009-01-15 01:53 68,608 a------- c:\windows\system32\dllcache\hmmapi.dll
2009-01-15 01:50 156,160 a------- c:\windows\system32\msls31.dll
2009-01-15 01:50 156,160 a------- c:\windows\system32\dllcache\msls31.dll
2009-01-15 01:35 445,440 a------- c:\windows\system32\dllcache\ieapfltr.dll
2008-12-14 17:12 3,698,040 a------- c:\windows\system32\dllcache\ieapfltr.dat
2008-12-12 00:57 78,336 a------- c:\windows\system32\Agent.OMZ.Fix.exe
2008-12-11 10:57 333,952 -------- c:\windows\system32\dllcache\srv.sys
2008-12-11 00:33 200,704 a------- c:\windows\system32\dtu100.dll
2008-12-11 00:33 86,016 a------- c:\windows\system32\dpl100.dll
2008-12-09 02:28 593,920 a------- c:\windows\system32\dpuGUI11.dll
2008-12-09 02:28 344,064 a------- c:\windows\system32\dpus11.dll
2008-12-09 02:28 294,912 a------- c:\windows\system32\dpu11.dll
2008-12-09 02:28 57,344 a------- c:\windows\system32\dpv11.dll
2008-11-29 17:58 82,944 a------- c:\windows\system32\IEDFix.C.exe
2008-01-23 10:28 27,126 ac------ c:\documents and settings\mark xxxxxx\TB2Categories000.dat
2008-10-13 19:19 16,384 a--sh--- c:\windows\system32\config\systemprofile\cookies\index.dat
2008-09-19 21:39 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008091920080920\index.dat
2008-10-13 19:19 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008101320081014\index.dat

============= FINISH: 21:43:13.51 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 chryssi2001

chryssi2001

  • Members
  • 1,930 posts
  • OFFLINE
  •  
  • Local time:05:08 PM

Posted 28 February 2009 - 05:32 AM

Hello cbcrod,

I apologise for the delay, the forum is extremely busy.
Unfortunately there are a lot of people waiting for help, and we are doing our best.
----------------------------------------------
I will be assisting you with your malware issues.
  • Whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.
  • Continue to respond to this thread until I give you the All Clean! If you have any question or you're stuck in there please reply it to me. I will try my best to help you!
  • Please bookmark or favourite this page. In case you need it as reference or etc.
  • If you fail to reply in 5 days period from now, this thread will close, and you will have to open another topic, and wait for another helper.
----------------------------------------------
If case you are having problems with Internet, do you have another pc, which we can use to download tools?
----------------------------------------------
Download and Run HijackThis
Download HJTInstall.exe to your Desktop.
  • Doubleclick HJTInstall.exe to install it.
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed, it will launch Hijackthis.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Copy/Paste the log to your next reply please.
Don't use the Analyse This button, its findings are dangerous if misinterpreted.
Don't have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
Posted Image
Private Messages for personal support will be ignored. If you need help post in the forum.

#3 chryssi2001

chryssi2001

  • Members
  • 1,930 posts
  • OFFLINE
  •  
  • Local time:05:08 PM

Posted 05 March 2009 - 02:23 PM

Due to the lack of feedback, this Topic is now closed and will not be reopened.
If you still need help, begin a new topic.

Applies only to the original poster, anyone else with similar problems please start a new topic.
Posted Image
Private Messages for personal support will be ignored. If you need help post in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users