Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Strange things going on. HELP!


  • This topic is locked This topic is locked
2 replies to this topic

#1 stitchup

stitchup

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:10:21 AM

Posted 19 February 2009 - 03:44 PM

Hi guys

For some strange reason I can no longer open any of my hard drives to view contents, I can't enable the WindowsXP Firewall, I can't do a system restore and I can't install any virus protection! I did have AVG Free installed and Spybot S&D but neither function now!

Here's the DDS generated file & below, the Attach file - I do hope I'm doing this correctly and would be so grateful of any assistance.


DDS (Ver_09-02-01.01) - NTFSx86
Run by John Cooper at 20:36:13.77 on 19/02/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.3263.2442 [GMT 0:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\XpertVision\TBPanel.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Genie-Soft\GBMPro8\GBMAgent.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Windows Live\Device Manager\msgrdvmn.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Software602\Print2PDF\Print2PDF.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\svhoste.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\John Cooper\Desktop\Problems\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.bbc.co.uk/
uInternet Settings,ProxyOverride = *.local
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 9\SnagItBHO.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2009\ievkbd.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 9\SnagItIEAddin.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [GBMPro8Agent] c:\program files\genie-soft\gbmpro8\GBMAgent.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [WindowsLivePhone] "c:\program files\windows live\device manager\msgrdvmn.exe" /AutoRun
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\Wcescomm.exe"
uRun: [AuctionNavigator] c:\program files\rkd\auctionnavigator\AuctionNavigator.exe
mRun: [Gainward] c:\program files\xpertvision\TBPanel.exe /A
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [GBMPro8Agent] c:\program files\genie-soft\gbmpro8\GBMAgent.exe
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [WINDVDPatch] CTHELPER.EXE
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [Jet Detection] "c:\program files\creative\sblive\program\ADGJDet.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [WindowsLivePhone] c:\program files\windows live\device manager\msgrdvmn.exe /AutoRun
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Print2PDF Print Monitor] "c:\program files\software602\print2pdf\Print2PDF.exe" /server
mRun: [microssoft] svhoste.exe
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\epsons~1.lnk - c:\windows\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\servic~1.lnk - c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\snagit~1.lnk - c:\program files\techsmith\snagit 9\SnagIt32.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: Add all items to the auction list - c:\program files\rkd\auctionnavigator\BidCtxtClick.dll/202
IE: Add this item to the auction list - c:\program files\rkd\auctionnavigator\BidCtxtClick.dll/201
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky internet security 2009\SCIEPlgn.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {5B7027AD-AA6D-40df-8F56-9560F277D2A5} - {E4ABF418-CB30-470C-BFF7-674AC0FC564F} - c:\program files\software602\print2pdf\Print602.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
TCP: NameServer = 85.255.112.39,85.255.112.40
TCP: {F1D3282D-F408-44A5-9C37-1CA451CECA58} = 85.255.112.39,85.255.112.40
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: klogon - c:\windows\system32\klogon.dll
Notify: LMIinit - LMIinit.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\adialhk.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\johnco~1\applic~1\mozilla\firefox\profiles\ve09e4op.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.bbc.co.uk/
FF - component: c:\program files\mozilla firefox\components\iamfamous.dll
FF - plugin: c:\documents and settings\john cooper\application data\mozilla\firefox\profiles\ve09e4op.default\extensions\logmeinclient@logmein.com\plugins\npRACtrl.dll
FF - plugin: c:\program files\google\google earth plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1487.6512\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.141.5\npGoogleOneClick7.dll

============= SERVICES / DRIVERS ===============

R0 AladdinUsbFilter;AladdinUsbFilterService;c:\windows\system32\drivers\AladdinUsbFilter.sys [2009-2-1 484352]
R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-7-21 121872]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 32784]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2009-2-19 227344]
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [2009-2-1 33824]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2008-7-24 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2009-1-25 47640]
R2 Par1284;Par1284;c:\program files\cutting master 2 1.50\program\Par1284.sys [2009-2-4 53344]
R2 wntpport;wntpport;c:\windows\system32\drivers\WNTPPORT.SYS [2009-2-1 28416]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-4-30 24592]
R3 SydexFDD;Sydex Diskette Driver;c:\windows\system32\drivers\SYDEXFDD.SYS [2009-2-1 13359]
S2 AVP;Kaspersky Internet Security;c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe [2008-11-11 206088]
S2 gupdate1c98c715b7ced8;Google Update Service (gupdate1c98c715b7ced8);c:\program files\google\update\GoogleUpdate.exe [2009-2-11 133104]
S3 Asushwio;Asushwio;c:\windows\system32\drivers\ASUSHWIO.SYS [2009-1-25 5824]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]

=============== Created Last 30 ================

2009-02-19 20:12 110,678 ---shr-- c:\windows\svhoste.exe
2009-02-19 19:57 <DIR> --d----- c:\program files\Trend Micro
2009-02-19 19:11 96,976 a------- c:\windows\system32\drivers\klin.dat
2009-02-19 19:11 87,855 a------- c:\windows\system32\drivers\klick.dat
2009-02-19 19:10 <DIR> --d----- c:\program files\Kaspersky Lab
2009-02-19 19:10 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Kaspersky Lab
2009-02-19 19:07 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files
2009-02-19 17:12 664 a------- c:\windows\system32\d3d9caps.dat
2009-02-18 21:15 <DIR> --d----- c:\docume~1\johnco~1\applic~1\Forte
2009-02-18 21:15 <DIR> --d----- c:\program files\Agent
2009-02-18 20:32 393 ---shr-- C:\autorun.inf
2009-02-18 08:39 <DIR> --d----- c:\docume~1\alluse~1\applic~1\ALM
2009-02-18 08:38 <DIR> --d----- c:\program files\Bonjour
2009-02-18 08:32 <DIR> --d----- c:\program files\common files\Macrovision Shared
2009-02-17 19:43 <DIR> --d----- c:\docume~1\johnco~1\applic~1\Software602
2009-02-17 19:43 151,552 ac------ c:\windows\system32\dllcache\irftp.exe
2009-02-17 19:43 28,160 ac------ c:\windows\system32\dllcache\irmon.dll
2009-02-17 19:43 19,584 ac------ c:\windows\system32\dllcache\rasirda.sys
2009-02-17 19:43 8,192 ac------ c:\windows\system32\dllcache\wshirda.dll
2009-02-17 19:43 151,552 a------- c:\windows\system32\irftp.exe
2009-02-17 19:43 28,160 a------- c:\windows\system32\irmon.dll
2009-02-17 19:43 19,584 a------- c:\windows\system32\drivers\rasirda.sys
2009-02-17 19:43 8,192 a------- c:\windows\system32\wshirda.dll
2009-02-17 19:43 88,192 ac------ c:\windows\system32\dllcache\irda.sys
2009-02-17 19:43 88,192 a------- c:\windows\system32\drivers\irda.sys
2009-02-17 19:43 18,688 ac------ c:\windows\system32\dllcache\irsir.sys
2009-02-17 19:43 18,688 a------- c:\windows\system32\drivers\irsir.sys
2009-02-17 19:35 3,833,856 a------- c:\windows\system32\cdintf300.dll
2009-02-17 19:35 <DIR> --d----- c:\program files\Software602
2009-02-17 18:14 53,248 a----r-- c:\windows\system32\CSVer.dll
2009-02-17 18:14 <DIR> --d----- C:\Intel
2009-02-17 18:13 <DIR> --d----- c:\program files\Realtek
2009-02-14 22:48 <DIR> --d----- c:\windows\NV480832.TMP
2009-02-14 19:53 <DIR> --d----- c:\windows\LastGood(2)
2009-02-13 17:36 <DIR> --d----- C:\Outlook to Not Sure Drive
2009-02-13 17:36 <DIR> --d----- C:\Outlook Data
2009-02-13 17:36 <DIR> --d----- C:\Genie Outlook Backup
2009-02-12 16:48 69 a------- c:\windows\NeroDigital.ini
2009-02-12 10:20 118 a------- c:\windows\system32\MRT.INI
2009-02-11 06:33 206,793 a------- c:\windows\system32\nvapps.nvb
2009-02-11 06:33 <DIR> --d----- c:\windows\NV49164672.TMP
2009-02-11 06:29 <DIR> --d----- C:\NVIDIA
2009-02-09 21:18 <DIR> --d----- c:\program files\SOTI
2009-02-07 15:25 339,968 a------- c:\windows\system32\pscUD111.dll
2009-02-07 15:25 49,152 a------- c:\windows\system32\pscVSWIA.dll
2009-02-07 15:25 53,248 a------- c:\windows\system32\pscND111.exe
2009-02-07 15:25 94,208 a------- c:\windows\system32\PSCLU111.dll
2009-02-07 15:25 <DIR> --d----- c:\program files\Canon
2009-02-04 22:19 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-02-04 22:19 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-02-04 17:27 1,766,160 a------- c:\windows\system32\VBA5.DLL
2009-02-04 17:27 463,392 a------- c:\windows\system32\OWL250F.DLL
2009-02-04 17:27 279,098 a------- c:\windows\system32\VB5.OLB
2009-02-04 17:27 115,920 a------- c:\windows\system32\MSINET.OCX
2009-02-04 17:27 11,111 a------- c:\windows\system32\DELTREE.EXE
2009-02-04 17:27 471,840 a------- c:\windows\system32\hhupd.exe
2009-02-04 17:27 73,716 a------- c:\windows\system32\SENTINEL.VXD
2009-02-04 17:27 <DIR> --d----- c:\program files\Cutting Master 2 1.50
2009-02-04 17:22 <DIR> --d----- c:\program files\common files\Protexis
2009-02-04 17:20 <DIR> --d----- c:\program files\Corel
2009-02-04 16:59 88 ---shr-- c:\docume~1\alluse~1\applic~1\A5C4F0E9F3.sys
2009-02-04 16:59 3,140 a--sh--- c:\docume~1\alluse~1\applic~1\KGyGaAvL.sys
2009-02-04 16:51 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Corel
2009-02-04 16:49 <DIR> --d----- c:\program files\common files\Corel
2009-02-03 21:25 941,560 a------- c:\windows\system32\wodFtpDLX.dll
2009-02-03 21:25 581,064 a------- c:\windows\system32\wodCertificate.dll
2009-02-03 21:25 353,280 a------- c:\windows\system32\skinengine.dll
2009-02-03 21:25 99,840 a------- c:\windows\system32\ZIPDLL.DLL
2009-02-03 21:25 94,208 a------- c:\windows\system32\UNZDLL.DLL
2009-02-03 17:35 28 a------- c:\windows\ICOA.INI
2009-02-03 17:34 0 a------- c:\windows\QFN.ini
2009-02-03 17:34 0 a------- c:\windows\QDQICK.ini
2009-02-03 17:32 40,448 a------- c:\windows\Icg32.dll
2009-02-03 17:32 5,776 a------- c:\windows\Icoadb32.dat
2009-02-03 17:32 154 a------- c:\windows\QBWCD.INI
2009-02-03 17:32 <DIR> --d----- c:\windows\Intuit
2009-02-03 17:32 <DIR> --d----- c:\program files\Intuit
2009-02-03 17:31 <DIR> --d----- c:\documents and settings\john cooper\WINDOWS
2009-02-03 16:13 <DIR> --d----- c:\program files\RKD
2009-02-03 12:51 <DIR> --d----- c:\program files\uTorrent
2009-02-03 12:51 <DIR> --d----- c:\docume~1\johnco~1\applic~1\uTorrent
2009-02-03 09:38 379 a------- c:\windows\Composer
2009-02-02 11:34 <DIR> --d----- c:\program files\QuickPar
2009-02-01 22:29 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-02-01 22:10 1,482,795 a------- c:\windows\system32\TORO_57FD245C.hasp
2009-02-01 22:09 33,824 a------- c:\windows\system32\drivers\oreans32.sys
2009-02-01 21:47 484,352 a------- c:\windows\system32\drivers\AladdinUsbFilter.sys
2009-02-01 21:47 54,784 a------- c:\windows\system32\drivers\vusbbus.sys
2009-02-01 21:11 33,340 a------- c:\windows\system32\dbmsqlgc.dll
2009-02-01 21:11 24,576 a------- c:\windows\system32\dbmsgnet.dll
2009-02-01 21:11 306,688 a------- c:\windows\IsUninst.exe
2009-02-01 21:10 <DIR> --d----- c:\program files\Microsoft SQL Server
2009-02-01 21:09 <DIR> --d----- C:\Design
2009-02-01 21:09 <DIR> --d----- C:\SampleDatabase
2009-02-01 21:09 685,056 a------- c:\windows\system32\drivers\hardlock.sys
2009-02-01 21:09 0 a------- c:\windows\TempFile
2009-02-01 21:09 327,808 a------- c:\windows\system32\drivers\akshasp.sys
2009-02-01 21:09 104,576 a------- c:\windows\system32\drivers\aksclass.sys
2009-02-01 21:09 100,096 a------- c:\windows\system32\drivers\aksusb.sys
2009-02-01 21:09 7,168 a------- c:\windows\system32\akscoinst.dll
2009-02-01 21:09 <DIR> --d----- C:\Clipart
2009-02-01 21:08 244,232 a------- c:\windows\system32\MSFLXGRD.OCX
2009-02-01 21:08 140,288 a------- c:\windows\system32\COMDLG32.OCX
2009-02-01 21:08 133,392 a------- c:\windows\system32\MSMAPI32.OCX
2009-02-01 21:08 28,416 a------- c:\windows\system32\drivers\WNTPPORT.SYS
2009-02-01 21:08 20,644 a------- c:\windows\system32\EMTRANS.VXD
2009-02-01 21:08 13,359 a------- c:\windows\system32\drivers\SYDEXFDD.SYS
2009-02-01 21:08 <DIR> --d----- c:\program files\Wilcom
2009-02-01 19:54 24,064 -------- c:\windows\system32\msxml3a.dll
2009-02-01 19:50 125,184 -------- c:\windows\system32\drivers\imagesrv.sys
2009-02-01 19:50 5,504 -------- c:\windows\system32\drivers\imagedrv.sys
2009-02-01 19:50 155,648 a------- c:\windows\system32\NeroCheck.exe
2009-02-01 19:50 1,568,768 -------- c:\windows\system32\ImagX7.dll
2009-02-01 19:50 476,320 -------- c:\windows\system32\ImagXpr7.dll
2009-02-01 19:50 471,040 -------- c:\windows\system32\ImagXRA7.dll
2009-02-01 19:50 262,144 -------- c:\windows\system32\ImagXR7.dll
2009-02-01 19:50 106,496 -------- c:\windows\system32\TwnLib20.dll
2009-02-01 19:31 <DIR> --d----- c:\program files\DivX
2009-02-01 18:12 21,760 a------- c:\windows\system32\drivers\point32.sys
2009-02-01 18:12 <DIR> --d----- c:\program files\Microsoft IntelliPoint
2009-01-31 18:13 <DIR> --d----- c:\program files\GNU
2009-01-31 18:11 <DIR> --d----- c:\program files\GRETECH
2009-01-30 20:13 <DIR> --d----- c:\program files\common files\HP
2009-01-30 20:10 970,752 a------- c:\windows\system32\hpotiop5.dll
2009-01-30 20:10 729,088 a------- c:\windows\system32\hpowiax5.dll
2009-01-30 20:10 364,544 a------- c:\windows\system32\hppldcoi.dll
2009-01-30 20:10 309,760 a------- c:\windows\system32\difxapi.dll
2009-01-30 20:10 303,104 a------- c:\windows\system32\hpovst12.dll
2009-01-30 20:07 164,809 a------- c:\windows\hpoins21.dat
2009-01-30 20:07 7,262 -------- c:\windows\hpomdl21.dat
2009-01-30 19:26 <DIR> --d----- c:\program files\SystemRequirementsLab
2009-01-30 15:45 <DIR> --d----- c:\program files\SpeedFan
2009-01-30 15:45 45 a------- c:\windows\system32\initdebug.nfo
2009-01-30 07:31 221,184 a------- c:\windows\system32\wmpns.dll
2009-01-29 21:34 <DIR> --d----- c:\program files\Microsoft ActiveSync
2009-01-29 17:29 102,664 a------- c:\windows\system32\drivers\tmcomm.sys
2009-01-29 17:28 <DIR> --d----- c:\documents and settings\john cooper\.housecall6.6
2009-01-29 17:18 410,984 a------- c:\windows\system32\deploytk.dll
2009-01-29 17:18 73,728 a------- c:\windows\system32\javacpl.cpl
2009-01-29 17:03 <DIR> --d----- c:\windows\system32\LogFiles
2009-01-29 16:58 16,420 a------- c:\windows\system32\BMXStateBkp-{00000001-00000000-00000001-00001102-00000002-80401102}.rfx
2009-01-29 16:58 16,420 a------- c:\windows\system32\BMXState-{00000001-00000000-00000001-00001102-00000002-80401102}.rfx
2009-01-29 16:58 1,080 a------- c:\windows\system32\settingsbkup.sfm
2009-01-29 16:58 1,080 a------- c:\windows\system32\settings.sfm
2009-01-29 16:58 24 a------- c:\windows\system32\DVCStateBkp-{00000001-00000000-00000001-00001102-00000002-80401102}.dat
2009-01-29 16:58 24 a------- c:\windows\system32\DVCState-{00000001-00000000-00000001-00001102-00000002-80401102}.dat
2009-01-29 16:57 <DIR> --d----- c:\program files\Windows Media Connect 2
2009-01-28 21:21 56 a---h--- c:\windows\system32\ezsidmv.dat
2009-01-28 21:19 <DIR> --d----- c:\program files\Skype
2009-01-27 19:12 <DIR> --d----- c:\docume~1\johnco~1\applic~1\MailWasherPro
2009-01-27 19:12 <DIR> --d----- c:\program files\FireTrust
2009-01-27 17:41 <DIR> --d----- c:\program files\MSXML 4.0
2009-01-27 10:27 31,744 a------- c:\windows\system32\GPCUTMON.DLL
2009-01-26 22:10 135,168 a------- c:\windows\system32\EEBAPI.dll
2009-01-26 22:10 110,592 a------- c:\windows\system32\EEBDSCVR.dll
2009-01-26 22:10 69,632 a------- c:\windows\system32\EBAPI.dll
2009-01-26 22:10 65,536 a------- c:\windows\system32\EEBUtil.dll
2009-01-26 22:10 55,808 a------- c:\windows\system32\EEBSDKIF.dll
2009-01-26 22:10 155,648 a------- c:\windows\system32\EBAPI2.dll
2009-01-26 22:10 <DIR> --d----- c:\program files\common files\EPSON
2009-01-26 22:07 <DIR> --d----- c:\docume~1\alluse~1\applic~1\WEBREG
2009-01-26 22:02 118,272 a------- c:\windows\system32\hpz3l5ha.dll
2009-01-26 22:01 80,731 a------- c:\windows\system32\EBPMON2.DLL
2009-01-26 22:01 64,000 a------- c:\windows\system32\ECBTEG.DLL
2009-01-26 22:01 34,304 a------- c:\windows\system32\EBPCHP.DLL
2009-01-26 21:59 60,032 ac------ c:\windows\system32\dllcache\usbaudio.sys
2009-01-26 21:59 60,032 a------- c:\windows\system32\drivers\USBAUDIO.sys
2009-01-26 21:58 15,104 ac------ c:\windows\system32\dllcache\usbscan.sys
2009-01-26 21:58 15,104 a------- c:\windows\system32\drivers\usbscan.sys
2009-01-26 21:54 <DIR> --d----- c:\program files\EPSON
2009-01-26 21:43 <DIR> --d----- c:\program files\common files\Hewlett-Packard
2009-01-26 21:42 21,568 a------- c:\windows\system32\drivers\HPZius12.sys
2009-01-26 21:42 16,496 a------- c:\windows\system32\drivers\HPZipr12.sys
2009-01-26 21:42 49,920 a------- c:\windows\system32\drivers\HPZid412.sys
2009-01-26 21:42 271,704 a------- c:\windows\system32\hpzids01.dll
2009-01-26 21:42 <DIR> --d----- c:\program files\HP
2009-01-26 21:20 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2009-01-26 19:00 3,373,917 a------- c:\windows\{00000001-00000000-00000001-00001102-00000002-80401102}.BAK
2009-01-26 19:00 3,373,917 a------- c:\windows\{00000001-00000000-00000001-00001102-00000002-80401102}.CDF
2009-01-26 18:58 37,727 a------- c:\windows\system32\Emu10kx.ini
2009-01-26 18:57 12,288 a------- c:\windows\system32\AHQCpURes.dll
2009-01-26 18:57 32,768 a------- c:\windows\system32\AudioHQU.cpl
2009-01-26 18:56 6,752 -------- c:\windows\system32\PFMODNT.SYS
2009-01-26 18:56 <DIR> --d----- c:\program files\Creative
2009-01-26 18:54 16,128 ac------ c:\windows\system32\dllcache\modemcsa.sys
2009-01-26 18:54 16,128 a------- c:\windows\system32\drivers\MODEMCSA.sys
2009-01-26 17:33 <DIR> --d----- c:\windows\NV27083840.TMP
2009-01-25 23:32 208,744 a------- c:\windows\system32\muweb.dll
2009-01-25 23:32 27,496 a------- c:\windows\system32\mucltui.dll.mui
2009-01-25 23:32 268,648 a------- c:\windows\system32\mucltui.dll
2009-01-25 21:54 <DIR> --d----- c:\documents and settings\john cooper\Tracing
2009-01-25 21:51 <DIR> --d----- c:\program files\Microsoft
2009-01-25 21:51 <DIR> --d----- c:\program files\Windows Live SkyDrive
2009-01-25 21:49 <DIR> --d----- c:\program files\common files\Windows Live
2009-01-25 21:46 <DIR> --d----- c:\docume~1\alluse~1\applic~1\LogMeIn
2009-01-25 21:46 83,288 a------- c:\windows\system32\LMIRfsClientNP.dll
2009-01-25 21:46 47,640 a------- c:\windows\system32\drivers\LMIRfsDriver.sys
2009-01-25 21:46 28,984 a------- c:\windows\system32\LMIport.dll
2009-01-25 21:46 87,352 a------- c:\windows\system32\LMIinit.dll
2009-01-25 21:46 1,024 a------- C:\.rnd
2009-01-25 21:46 <DIR> --d----- c:\program files\LogMeIn
2009-01-25 21:29 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2009-01-25 21:29 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-01-25 21:28 21,504 a------- c:\windows\system32\drivers\hidserv.dll
2009-01-25 21:28 1,421,384 a------- c:\windows\system32\wdfcoinstaller01005.dll
2009-01-25 21:28 18,504 a------- c:\windows\system32\drivers\nuidfltr.sys
2009-01-25 21:11 <DIR> --d----- c:\program files\Siber Systems
2009-01-25 20:11 <DIR> --d----- c:\docume~1\johnco~1\applic~1\Windows Search
2009-01-25 19:50 <DIR> --d----- c:\docume~1\johnco~1\applic~1\GrabIt
2009-01-25 19:49 <DIR> --d----- c:\program files\GrabIt
2009-01-25 19:27 <DIR> --d----- C:\Queue
2009-01-25 19:27 <DIR> --d----- C:\Seppath
2009-01-25 19:26 317,952 a------- c:\windows\system32\ROBOEX32.DLL
2009-01-25 19:26 33,858 a------- c:\windows\system32\par1284B.vxd
2009-01-25 19:26 33,858 a------- c:\windows\system32\par1284A.vxd
2009-01-25 19:26 33,858 a------- c:\windows\system32\par1284.vxd
2009-01-25 19:25 53,344 a------- c:\windows\system32\drivers\PAR1284.SYS
2009-01-25 19:25 <DIR> --d----- C:\Jobs
2009-01-25 19:25 <DIR> --d----- C:\GSP
2009-01-25 19:24 5,460 a------- c:\windows\gsp.ini
2009-01-25 19:24 <DIR> --d----- c:\program files\SafeNet Sentinel
2009-01-25 19:24 <DIR> --d----- c:\program files\common files\SafeNet Sentinel
2009-01-25 19:24 <DIR> --d----- c:\docume~1\johnco~1\applic~1\Omega
2009-01-25 19:16 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Genie-Soft
2009-01-25 19:12 <DIR> --d----- c:\docume~1\johnco~1\applic~1\Genie-soft
2009-01-25 19:08 <DIR> --d----- c:\program files\Genie-Soft
2009-01-25 18:34 <DIR> --d----- c:\docume~1\johnco~1\applic~1\Windows Desktop Search
2009-01-25 18:33 <DIR> --d----- c:\program files\Windows Desktop Search
2009-01-25 18:33 <DIR> --d----- c:\windows\system32\GroupPolicy
2009-01-25 18:32 192,000 -c------ c:\windows\system32\dllcache\offfilt.dll
2009-01-25 18:32 98,304 -c------ c:\windows\system32\dllcache\nlhtml.dll
2009-01-25 18:32 29,696 -c------ c:\windows\system32\dllcache\mimefilt.dll
2009-01-25 14:33 32,592 a------- c:\windows\system32\msonpmon.dll
2009-01-25 14:26 <DIR> --d----- c:\windows\SHELLNEW
2009-01-25 13:48 <DIR> --d----- c:\windows\system32\scripting
2009-01-25 13:48 <DIR> --d----- c:\windows\l2schemas
2009-01-25 13:48 <DIR> --d----- c:\windows\system32\en
2009-01-25 13:48 <DIR> --d----- c:\windows\system32\bits
2009-01-25 13:42 <DIR> --d----- c:\windows\ServicePackFiles
2009-01-25 13:20 13,646 a------- c:\windows\system32\wpa.bak
2009-01-25 13:03 <DIR> --d----- c:\windows\network diagnostic
2009-01-25 12:49 23,829 -c------ c:\windows\system32\dllcache\tourbg.gif
2009-01-25 12:47 104,960 -------- c:\windows\system32\drivers\atinrvxx.sys
2009-01-25 12:34 272,128 -c------ c:\windows\system32\dllcache\bthport.sys
2009-01-25 12:34 272,128 -------- c:\windows\system32\drivers\bthport.sys
2009-01-25 12:33 1,846,400 -c------ c:\windows\system32\dllcache\win32k.sys
2009-01-25 12:33 2,145,280 -c------ c:\windows\system32\dllcache\ntkrnlmp.exe
2009-01-25 12:33 2,189,184 -c------ c:\windows\system32\dllcache\ntoskrnl.exe
2009-01-25 12:33 2,023,936 -c------ c:\windows\system32\dllcache\ntkrpamp.exe
2009-01-25 12:33 2,066,048 -c------ c:\windows\system32\dllcache\ntkrnlpa.exe
2009-01-25 12:33 203,136 -c------ c:\windows\system32\dllcache\rmcast.sys
2009-01-25 12:32 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys
2009-01-25 12:32 333,952 -c------ c:\windows\system32\dllcache\srv.sys
2009-01-25 12:32 691,712 -c------ c:\windows\system32\dllcache\inetcomm.dll
2009-01-25 12:32 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll
2009-01-25 12:22 26,488 a------- c:\windows\system32\spupdsvc.exe
2009-01-25 12:22 <DIR> --d----- c:\windows\system32\PreInstall
2009-01-25 12:21 <DIR> --d-h--- c:\windows\$hf_mig$
2009-01-25 12:20 558 a------- c:\windows\DFC.INI
2009-01-25 12:14 201,155 a------- c:\windows\system32\nvapps.xml
2009-01-25 12:14 18,725 a------- c:\windows\system32\nvdisp.nvu
2009-01-25 12:14 <DIR> --d----- c:\windows\nview
2009-01-25 12:14 453,152 a------- c:\windows\system32\nvudisp.exe
2009-01-25 12:13 453,152 a------- c:\windows\system32\NVUNINST.EXE
2009-01-25 12:12 5,306 a------- c:\windows\system32\drivers\TBPanel.sys
2009-01-25 12:12 <DIR> --d----- c:\program files\XpertVision
2009-01-25 12:08 <DIR> --d----- c:\windows\system32\ReinstallBackups
2009-01-25 12:00 <DIR> --dsh--- c:\documents and settings\john cooper\UserData
2009-01-25 12:00 <DIR> --d----- c:\windows\system32\SoftwareDistribution
2009-01-25 11:58 103,296 a----r-- c:\windows\system32\drivers\Rtenicxp.sys
2009-01-25 11:58 <DIR> --d----- c:\windows\OPTIONS
2009-01-25 11:56 5,824 a------- c:\windows\system32\drivers\ASUSHWIO.SYS
2009-01-25 11:45 <DIR> --d----- c:\documents and settings\John Cooper
2009-01-25 11:44 <DIR> --ds---- c:\windows\system32\Microsoft
2009-01-25 11:44 8,192 a------- c:\windows\REGLOCS.OLD
2009-01-25 11:41 10,096,640 ac------ c:\windows\system32\dllcache\hwxcht.dll
2009-01-25 11:40 23,392 a------- c:\windows\system32\nscompat.tlb
2009-01-25 11:40 <DIR> --dsh--- c:\documents and settings\all users\DRM
2009-01-25 11:40 <DIR> --d-h--- c:\program files\WindowsUpdate
2009-01-25 11:39 <DIR> --d----- c:\program files\common files\MSSoap
2009-01-25 11:38 <DIR> --d----- c:\program files\Online Services
2009-01-25 11:38 <DIR> --d----- c:\program files\Messenger
2009-01-25 11:37 <DIR> --d----- c:\program files\MSN Gaming Zone
2009-01-25 11:37 <DIR> --d----- c:\program files\Windows NT
2009-01-25 11:30 <DIR> --d----- c:\program files\common files\ODBC
2009-01-25 11:30 <DIR> --d----- c:\program files\common files\SpeechEngines
2009-01-25 11:29 <DIR> --d--r-- c:\documents and settings\all users\Documents

==================== Find3M ====================

2009-01-25 13:52 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-01-25 11:38 21,640 a------- c:\windows\system32\emptyregdb.dat
2008-12-20 23:15 826,368 a------- c:\windows\system32\wininet.dll
2008-12-11 00:33 200,704 a------- c:\windows\system32\dtu100.dll
2008-12-11 00:33 86,016 a------- c:\windows\system32\dpl100.dll
2008-12-02 22:37 49,480 a------- c:\windows\system32\sirenacm.dll

============= FINISH: 20:36:38.85 ===============

Edited by stitchup, 19 February 2009 - 05:18 PM.


BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:04:21 AM

Posted 01 March 2009 - 05:32 PM

Hello stitchup,

Posted Image

Sorry about the delay.:thumbup2: If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.

Please do this:
1. Download HijackThis™ here:
http://www.trendsecure.com/portal/en-US/th.../hijackthis.php

2. Click 'Do a System Scan and Save log'.
The HJT log will open in notepad.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:04:21 AM

Posted 08 March 2009 - 05:01 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users