Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet doesn't load properly, tzf652005b.exe has encountered a problem....


  • This topic is locked This topic is locked
2 replies to this topic

#1 jamc100

jamc100

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:37 AM

Posted 06 April 2009 - 09:50 AM

My computer seemed to melt down yesterday. Internet explorer is not loading properly, pictures no longer load at all. I also got an error message that said "tzf652005b.exe has encountered an error and needs to close. Sorry for the inconvenience." Also that same file is in the task manager under processes, and if you try to close it it opens itself right back up, and my husband was getting black windows pop open as a result. Surrently there are 10 of those files in processes right now. Also, other files in there that I don't recognize or know are not good are: 3899100802.exe, afisicx.exe, alg.exe, csrss.exe, smss.exe, sopidkc.exe, tdctxte.exe. My husband ran spybot, then ran it after a reboot. When that didn't work he tried to revert to a restore point, in safe mode, and got a message that was something like "system restore can't protect your computer. Restart and try again." When he restarted, all of the restore points were gone. Also, just now I got a pop-up in internet explorer (i am currently running opera) that says internet explorer cannot disply the page, with a url that starts with "url.adtrgt.com" every pop-up that opens up with that url does not load. There is definitely something bad on my computer. Here is the DDS log.




DDS (Ver_09-03-16.01) - NTFSx86
Run by Owner at 10:41:17.31 on Mon 04/06/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_10
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.448 [GMT -4:00]

AV: Anti-Virus - SBC Yahoo! Online Protection *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\afisicx.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\dhcp\svchost.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\ehome\RMSvc.exe
C:\WINDOWS\system32\sopidkc.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\tdctxte.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\3361\svchost.exe -sysrun
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\tzf652055b.exe
C:\WINDOWS\ehome\RMSysTry.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\tzf652055b.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\tzf652055b.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\tzf652055b.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\tzf652055b.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\tzf652055b.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\tzf652055b.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\tzf652055b.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\tzf652055b.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\tzf652055b.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\notepad.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\1015761414.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Owner\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://internetsearchservice.com/search?q={searchTerms}
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = about:blank
mSearch Bar = about:blank
mSearch Page = about:blank
mDefault_Search_Url = about:blank
mSearchMigratedDefaultURL = hxxp://internetsearchservice.com/search?q={searchTerms}
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchAssistant = about:blank
mSearchURL = about:blank
mSearchAssistant = about:blank
BHO: c:\windows\system32\nhser43uhjnefr.dll: {c2ba40a2-74f3-42bd-f434-2604812c8954} - c:\windows\system32\nhser43uhjnefr.dll
BHO: {f7d92265-da07-4ad1-b547-415c824f8bf6} - c:\windows\system32\pehirema.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File
TB: {7435856C-6CA1-45CF-A00D-82178387F223} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
TB: {119DBEDA-9C41-4F97-94B4-B6BCD01133CF} - No File
TB: {E74BC74F-F470-4AD7-9FB4-1A4170A06082} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Windows Resurections] c:\docume~1\owner\locals~1\temp\tzf652055b.exe
uRun: [Diagnostic Manager] c:\docume~1\owner\locals~1\temp\1015761414.exe
uRun: [<NO NAME>] c:\docume~1\owner\locals~1\temp\tzf652055b.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [SunKistEM] c:\program files\digital media reader\shwiconem.exe
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [CHotkey] zHotkey.exe
mRun: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
mRun: [NWEReboot]
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [IMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXE
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [CAVRID] "c:\program files\yahoo!\antivirus\CAVRID.exe"
mRun: [CaAvTray] "c:\program files\yahoo!\antivirus\CAVTray.exe"
mRun: [<NO NAME>]
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4.0\OpwareSE4.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [Jcego] rundll32.exe "c:\windows\etigatek.dll",e
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [svchost.exe] "c:\windows\system32\3361\svchost.exe"
mRun: [10d3d641] rundll32.exe "c:\windows\system32\hovolile.dll",b
mRun: [CPM13e0e5dd] Rundll32.exe "c:\windows\system32\jeyiniyo.dll",a
mRun: [fapozuyaze] Rundll32.exe "c:\windows\system32\yatodimi.dll",s
mRunOnce: [svchost.exe] "c:\windows\system32\3361\svchost.exe"
dRun: [MySpaceIM] c:\program files\myspace\im\MySpaceIM.exe
dRun: [<NO NAME>] c:\windows\temp\kwdq8.exe
dRun: [Windows Resurections] c:\windows\temp\kwdq8.exe
dRun: [Diagnostic Manager] c:\windows\temp\1031916926.exe
uExplorerRun: [iolpgr] c:\windows\system32\iolpgr.exe
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\yahoo!~1.lnk - c:\program files\yahoo!\widgets\YahooWidgets.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\extend~1.lnk - c:\windows\ehome\RMSysTry.exe
uPolicies-explorer: NoFolderOptions = 1 (0x1)
uPolicies-system: DisableRegistryTools = 1 (0x1)
dPolicies-explorer: NoFolderOptions = 1 (0x1)
dPolicies-system: DisableRegistryTools = 1 (0x1)
IE: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\yahoo!\Common/ycsms.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
LSP: c:\windows\system32\VetRedir.dll
Trusted Zone: defleppard.com\forum
Trusted Zone: defleppard.com\www
Trusted Zone: gamehouse.com\www
Trusted Zone: musicmatch.com\online
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: RaptisoftGameLoader - hxxp://www.miniclip.com/hamsterball/raptisoftgameloader.cab
DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} - hxxp://download.microsoft.com/download/7/0/7/707a44ad-52ad-49af-b7ef-e21b6b0656e4/VirtualEarth3D.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - hxxp://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
DPF: {2DFF31F9-7893-4922-AF66-C9A1EB4EBB31} - hxxp://forms.real.com/real/player/download.html?f=windows/mrkt/rhapx/RhapsodyPlayerEngine_Inst_Win.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} - hxxp://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
DPF: {46C66BBD-E667-4DAD-9683-58050E7C9FDC} - hxxp://www.cdpass.com/cdkey/CDPass.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.mail.live.com/mail/w1/resources/MSNPUpld.cab
DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} - hxxp://simcity.ea.com/update/EARTPX.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1144555824796
DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - hxxp://mediaplayer.walmart.com/installer/install.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} - hxxp://filelodge.bolt.com/ImageUploader3.cab
DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} - hxxps://media.pineconeresearch.com/ActiveX/downloadcontrol.cab
DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - hxxp://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://games.myspace.com/Gameshell/GameHost/1.0/OberonGameHost.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.shockwave.com/content/bonniesbookstore/sis/popcaploader_v10.cab
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: AtiExtEvent - Ati2evxx.dll
AppInit_DLLs: c:\windows\system32\fuduyefi.dll c:\progra~1\thunmail\testabd.dll c:\windows\system32\jeyiniyo.dll,c:\windows\system32\retasevo.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\jeyiniyo.dll
STS: c:\windows\system32\nhser43uhjnefr.dll: {c2ba40a2-74f3-42bd-f434-2604812c8954} - c:\windows\system32\nhser43uhjnefr.dll
STS: c:\windows\system32\ds43g4nfjkn93.dll: {d5bf49a0-94f3-42bd-f434-3604812c8955} - c:\windows\system32\ds43g4nfjkn93.dll
STS: STS: {ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} - c:\windows\system32\jeyiniyo.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SEH: CShellExecuteHookImpl Object: {57b86673-276a-48b2-bae7-c6dbb3020eb8} - c:\program files\grisoft\avg anti-spyware 7.5\shellexecutehook.dll
LSA: Notification Packages = scecli bdglex5.dll c:\windows\system32\retasevo.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\8lgmhb6j.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\ksolo\npAVX.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPSFDMGR.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\spiralfrog\NPSFDMGR.dll
FF - plugin: c:\program files\spiralfrog\wmp\np-mswmp.dll
FF - plugin: c:\program files\veoh networks\veoh\plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
FF - HiddenExtension: XUL Cache: {9AC44C03-56B3-48A2-904B-843A8E08F228} - c:\documents and settings\owner\local settings\application data\{9AC44C03-56B3-48A2-904B-843A8E08F228}
FF - HiddenExtension: XUL Cache: {3FC61E37-F41D-43DE-A196-0AFA34C4B2B0} - c:\windows\system32\config\systemprofile\local settings\application data\{3FC61E37-F41D-43DE-A196-0AFA34C4B2B0}
FF - HiddenExtension: XUL Cache: {7DC0D253-DCE1-4226-8AED-64E960AB99E6} - c:\documents and settings\pictures\local settings\application data\{7DC0D253-DCE1-4226-8AED-64E960AB99E6}

============= SERVICES / DRIVERS ===============

R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver;c:\program files\grisoft\avg anti-spyware 7.5\guard.sys [2007-5-30 11000]
R1 AvgAsCln;AVG Anti-Spyware Clean Driver;c:\windows\system32\drivers\AvgAsCln.sys [2007-12-3 10872]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2006-10-10 5632]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2007-2-27 32256]
R1 VET-FILT;VET File System Filter;c:\windows\system32\drivers\Vet-Filt.sys [2006-3-16 21031]
R1 VET-REC;VET File System Recognizer;c:\windows\system32\drivers\Vet-Rec.sys [2006-3-16 15478]
R1 VETEFILE;VET File Scan Engine;c:\windows\system32\drivers\VetEFile.sys [2006-3-16 879832]
R1 VETFDDNT;VET Floppy Boot Sector Monitor;c:\windows\system32\drivers\VetFDDNT.sys [2006-3-16 15735]
R1 VETMONNT;VET File Monitor;c:\windows\system32\drivers\vetmonnt.sys [2006-7-31 26787]
R2 afisicx;afisicx Service;c:\windows\system32\afisicx.exe [2004-8-10 193024]
R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard;c:\program files\grisoft\avg anti-spyware 7.5\guard.exe [2007-5-30 312880]
R2 CAISafe;CAISafe;c:\program files\yahoo!\antivirus\iSafe.exe [2006-3-16 259184]
R2 dhcpsrv;Dhcp server;c:\windows\dhcp\svchost.exe [2009-4-5 214016]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\McrdSvc.exe [2005-10-20 115200]
R2 sopidkc;sopidkc Service;c:\windows\system32\sopidkc.exe [2004-8-10 192512]
R2 tdctxte;tdctxte Service;c:\windows\system32\tdctxte.exe [2004-8-10 192000]
R2 VETMSGNT;VET Message Service;c:\program files\yahoo!\antivirus\VetMsg.exe [2006-3-16 201840]
R3 VETEBOOT;VET Boot Scan Engine;c:\windows\system32\drivers\VetEBoot.sys [2006-3-16 108360]
S3 at1394;at1394;c:\windows\system32\at1394.sys [2005-4-13 2304]
S3 f_kp;f_kp;c:\windows\system32\drivers\f_kp.sys [2007-2-26 4598]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2006-2-16 4096]
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\w300mgmt.sys [2008-6-19 87824]
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;c:\windows\system32\drivers\w300obex.sys [2008-6-19 85696]

=============== Created Last 30 ================

2009-04-06 05:35 1,418,628 ---sh--- c:\windows\system32\elilovoh.ini
2009-04-05 19:15 <DIR> --d----- c:\windows\system32\3361
2009-04-05 19:15 108,336 a------- c:\windows\system32\MSWINSCK.OCX
2009-04-05 19:15 <DIR> --d----- c:\windows\dhcp
2009-04-05 19:14 <DIR> --dshr-- c:\program files\ThunMail
2009-04-05 19:13 21,704 a------- c:\windows\system32\vv.exe
2009-04-05 19:13 15,000 a------- c:\windows\system32\ds43g4nfjkn93.dll
2009-04-05 16:42 <DIR> --d----- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2009-04-05 16:42 <DIR> --d----- c:\program files\SDHelper (Spybot - Search & Destroy)
2009-04-05 16:42 <DIR> --d----- c:\program files\TeaTimer (Spybot - Search & Destroy)
2009-04-05 16:42 <DIR> --d----- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2009-04-05 15:35 16 a------- c:\windows\Wbaboyadomi.bin
2009-04-05 15:35 1,420 a------- c:\windows\Fnuhu.dat
2009-04-05 13:18 46 a------- C:\p2hhr.bat
2009-04-05 13:18 96,750 a------- c:\windows\system32\drivers\ac11e0f2.sys
2009-04-05 13:18 106,496 a------- C:\ovmhmkie.exe
2009-04-05 13:18 46,080 a------- C:\fkajlvl.exe
2009-04-05 13:17 578,560 ac------ c:\windows\system32\dllcache\user32.dll
2009-04-05 13:17 2 a------- C:\282318574
2009-04-05 13:17 29,696 a------- C:\kgqxi.exe
2009-04-05 13:17 125,440 a------- c:\windows\system32\azton.mt
2009-04-05 13:17 15,000 a------- c:\windows\system32\nhser43uhjnefr.dll
2009-04-05 13:17 249,344 a------- C:\wlct.exe
2009-04-05 13:17 57,856 a------- C:\xuyyhnc.exe
2009-04-05 13:17 50,688 -------- C:\jurj.exe
2009-03-25 12:57 <DIR> --d----- c:\windows\system32\Adobe
2009-03-18 12:59 <DIR> --d----- c:\program files\kSolo

==================== Find3M ====================

2009-04-06 05:12 49,152 a--sh--- c:\windows\system32\hisakite.dll
2009-04-06 05:12 87,552 a--sh--- c:\windows\system32\jeyiniyo.dll
2009-04-06 05:12 84,768 a--sh--- c:\windows\system32\yihazuso.exe
2009-04-06 05:12 79,872 a--sh--- c:\windows\system32\hovolile.dll
2009-04-05 13:17 578,560 a------- c:\windows\system32\user32.DLL
2009-04-05 13:17 156,672 a------- c:\windows\etigatek.dll
2009-04-05 13:17 84,768 a--sh--- c:\windows\system32\zelayira.exe
2009-02-09 07:13 1,846,784 -------- c:\windows\system32\win32k.sys
2006-07-01 23:18 0 a------- c:\docume~1\owner\applic~1\internaldb41.dat
2006-01-25 17:38 498 a------- c:\docume~1\owner\applic~1\wklnhst.dat
2008-08-27 07:43 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008082720080828\index.dat

============= FINISH: 10:47:42.10 ===============

BC AdBot (Login to Remove)

 


#2 jamc100

jamc100
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:37 AM

Posted 09 April 2009 - 01:02 PM

Nevermind. The computer crashed, it's completely gone now.

#3 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the &quot;Logic Free Zone&quot;, in Md, USA
  • Local time:02:37 AM

Posted 09 April 2009 - 11:36 PM

Sorry to hear such. But thanks for informing us.

This thread is closed.
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users