Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please help i dont know if i removed it all


  • This topic is locked This topic is locked
3 replies to this topic

#1 gtxr457

gtxr457

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:55 AM

Posted 18 April 2009 - 12:21 PM

Hi, the other day I had my kaspersky internet security 2009 uinstalled for a hour and in that time i got some program that asked me to buy it and said i was infected in the taskbar i forget what its called

i reinstalled kaspersky and it deleted everything it said it found but now when i start up i see this:

Posted Image

how do i removed this error message? is it safe to do banking on this computer????


here is the DDS log

DDS (Ver_09-03-16.01) - NTFSx86
Run by Jordan at 13:10:17.27 on 18/04/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_13
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.2.1033.18.2045.1032 [GMT -4:00]

AV: BitDefender Antivirus *On-access scanning disabled* (Updated)
AV: Kaspersky Internet Security *On-access scanning enabled* (Updated)
FW: Kaspersky Internet Security *enabled*
FW: BitDefender Firewall *disabled*

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\lxbkcoms.exe
C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lexmark X1100 Series\LXBKbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Volumouse\volumouse.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\TechSmith\Snagit 9\TSCHelp.exe
C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
C:\Program Files\TechSmith\Snagit 9\snagiteditor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\msconfig.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Users\Jordan\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uStart Page = hxxp://sympatico.msn.ca/
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 9\SnagitBHO.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2009\ievkbd.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {e103ce97-23a4-41c3-9d9e-212837b2b9e5} - c:\windows\system32\fccyaATn.dll
TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 9\SnagitIEAddin.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
uRun: [$Volumouse$] "c:\program files\volumouse\volumouse.exe" /nodlg
uRun: [doubleTwist] c:\program files\doubletwist 2.0\DoubleTwist.DeviceHelper.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [lxbkbmgr.exe] "c:\program files\lexmark x1100 series\lxbkbmgr.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE
mRun: [MSServer] rundll32.exe c:\windows\system32\mlJAtSlk.dll,#1
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\snagit~1.lnk - c:\program files\techsmith\snagit 9\Snagit32.exe
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Banner Ad Blocker - c:\program files\kaspersky lab\kaspersky internet security 2009\ie_banner_deny.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky internet security 2009\SCIEPlgn.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} -
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\adialhk.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll
SEH: {6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} - c:\windows\system32\mlJAtSlk.dll
LSA: Authentication Packages = msv1_0 c:\windows\system32\fccyaATn

================= FIREFOX ===================

FF - ProfilePath - c:\users\jordan\appdata\roaming\mozilla\firefox\profiles\e57js8fn.default\
FF - prefs.js: browser.startup.homepage - hxxp://sympatico.msn.ca/
FF - component: c:\program files\mozilla firefox\components\FFComm.dll
FF - component: c:\users\jordan\appdata\roaming\mozilla\firefox\profiles\e57js8fn.default\extensions\mintrayr@tn123.ath.cx\components\trayToolkit.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll

============= SERVICES / DRIVERS ===============

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 33808]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2008-7-9 20496]
R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2009-4-4 81920]
R2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe -service --> c:\windows\system32\lxbkcoms.exe -service [?]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2009-4-13 107520]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service;"c:\program files\common files\acronis\acronis disk director\oss_reinstall_svc.exe" --> c:\program files\common files\acronis\acronis disk director\oss_reinstall_svc.exe [?]

=============== Created Last 30 ================

2009-04-16 22:56 101,287 a------- c:\windows\system32\drivers\klin.dat
2009-04-16 22:56 89,601 a------- c:\windows\system32\drivers\klick.dat
2009-04-16 22:55 2,860,064 a--sh--- c:\windows\system32\drivers\fidbox.dat
2009-04-16 22:55 360,480 a--sh--- c:\windows\system32\drivers\fidbox2.dat
2009-04-16 22:55 24,472 a--sh--- c:\windows\system32\drivers\fidbox.idx
2009-04-16 22:55 3,360 a--sh--- c:\windows\system32\drivers\fidbox2.idx
2009-04-16 22:55 <DIR> --d----- c:\program files\Kaspersky Lab
2009-04-16 22:55 <DIR> --d----- c:\programdata\Kaspersky Lab
2009-04-16 22:55 <DIR> --d----- c:\progra~2\Kaspersky Lab
2009-04-16 22:52 121 a------- c:\windows\bdagent.INI
2009-04-16 22:25 570 a------- c:\windows\system32\BDUpdateV1.xml
2009-04-16 22:24 81,984 a------- c:\windows\system32\bdod.bin
2009-04-16 22:19 850 a------- c:\windows\system32\ProductTweaks.xml
2009-04-16 22:19 385 a------- c:\windows\system32\user_gensett.xml
2009-04-16 22:18 <DIR> --d----- c:\users\jordan\appdata\roaming\BitDefender
2009-04-16 22:18 <DIR> --d----- c:\programdata\BitDefender
2009-04-16 22:18 <DIR> --d----- c:\program files\BitDefender
2009-04-16 22:18 <DIR> --d----- c:\progra~2\BitDefender
2009-04-16 22:13 <DIR> --d----- c:\program files\common files\BitDefender
2009-04-16 21:31 29,128 a------- c:\windows\system32\drivers\GRD.sys
2009-04-16 21:06 48,712 a------- c:\windows\system32\drivers\MiniIcpt.sys
2009-04-16 21:06 51,656 a------- c:\windows\system32\drivers\PktIcpt.sys
2009-04-16 21:05 40,392 a------- c:\windows\system32\drivers\gdwfpcd32.sys
2009-04-16 21:05 <DIR> --d----- c:\programdata\G DATA
2009-04-16 21:05 <DIR> --d----- c:\program files\G DATA
2009-04-16 21:05 <DIR> --d----- c:\program files\common files\G DATA
2009-04-16 21:05 <DIR> --d----- c:\progra~2\G DATA
2009-04-16 19:05 2,332 a--sh--- c:\windows\system32\nTAayccf.ini
2009-04-16 19:05 372 a--sh--- c:\windows\system32\nTAayccf.ini2
2009-04-16 18:50 2,560 a------- c:\windows\system32\ssqNHwUN.dll
2009-04-16 18:35 <DIR> --d----- c:\programdata\Symantec
2009-04-16 18:35 <DIR> --d----- c:\progra~2\Symantec
2009-04-16 18:35 <DIR> --d----- c:\programdata\Norton
2009-04-16 18:35 <DIR> --d----- c:\progra~2\Norton
2009-04-16 18:35 <DIR> --d----- c:\programdata\NortonInstaller
2009-04-16 18:35 <DIR> --d----- c:\progra~2\NortonInstaller
2009-04-16 18:34 <DIR> --d----- c:\program files\Unlocker
2009-04-16 18:32 <DIR> --d----- c:\users\jordan\appdata\roaming\GetRightToGo
2009-04-15 21:58 <DIR> --d----- c:\users\jordan\appdata\roaming\VitySoft
2009-04-13 23:24 <DIR> --d----- c:\programdata\Kaspersky Lab Setup Files
2009-04-13 23:24 <DIR> --d----- c:\progra~2\Kaspersky Lab Setup Files
2009-04-13 13:33 <DIR> --d----- c:\program files\MP3 Converter
2009-04-12 14:09 <DIR> --d----- c:\users\jordan\appdata\roaming\VistaStyleBuilder
2009-04-11 16:54 20 a------- c:\windows\mafosav.INI
2009-04-11 16:53 <DIR> --d----- c:\program files\Mario Forever
2009-04-10 20:31 <DIR> --d----- c:\program files\Activision
2009-04-10 20:27 <DIR> --dsh--- c:\windows\ftpcache
2009-04-10 19:00 <DIR> --d----- c:\users\jordan\appdata\roaming\Outertech
2009-04-10 19:00 <DIR> --d----- c:\program files\GetDiz
2009-04-10 16:25 <DIR> --d----- c:\program files\PowerISO
2009-04-10 16:01 <DIR> --d----- c:\program files\Alcohol Soft
2009-04-10 15:59 717,296 a------- c:\windows\system32\drivers\sptd.sys
2009-04-09 22:25 <DIR> --d----- c:\program files\UltraISO
2009-04-09 21:58 <DIR> --d----- c:\program files\MagicISO
2009-04-07 21:01 563,712 a----r-- c:\windows\system32\Redemption.dll
2009-04-07 17:21 167,152 a---h--- c:\windows\system32\mlfcache.dat
2009-04-07 17:19 <DIR> --d----- c:\program files\common files\PX Storage Engine
2009-04-07 17:19 <DIR> --d----- c:\windows\system32\IOSUBSYS
2009-04-07 15:48 <DIR> --d----- c:\program files\FastStone Image Viewer
2009-04-07 15:44 <DIR> --d----- c:\users\jordan\appdata\roaming\XnView
2009-04-07 15:34 <DIR> --d----- c:\users\jordan\appdata\roaming\FastStone
2009-04-06 20:33 <DIR> --d----- c:\programdata\ACD Systems
2009-04-06 20:33 <DIR> --d----- c:\progra~2\ACD Systems
2009-04-06 18:56 <DIR> --d----- c:\users\jordan\appdata\roaming\ACD Systems
2009-04-06 18:56 <DIR> --d----- c:\program files\common files\ACD Systems
2009-04-06 16:34 107,368 a------- c:\windows\system32\GEARAspi.dll
2009-04-06 16:34 23,400 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-04-06 16:33 <DIR> --d----- c:\program files\iPod
2009-04-06 16:33 <DIR> --d----- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-06 16:33 <DIR> --d----- c:\progra~2\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-06 16:33 <DIR> --d----- c:\program files\iTunes
2009-04-06 08:54 <DIR> --d-h--- c:\windows\PIF
2009-04-06 08:50 <DIR> --d----- c:\program files\Doom 3
2009-04-05 18:55 <DIR> --d----- c:\program files\Elaborate Bytes
2009-04-03 15:39 <DIR> --d----- c:\windows\system32\AGEIA
2009-04-03 15:39 801,312 a------- c:\windows\system32\nvcplui.exe
2009-04-03 15:39 420,384 a------- c:\windows\system32\nvcpl.cpl
2009-04-03 15:38 453,152 a------- c:\windows\system32\NVUNINST.EXE
2009-04-02 15:09 540 a------- c:\windows\system32\PDBootState
2009-04-01 14:34 231,176 a------- c:\windows\system32\PDBoot.exe
2009-04-01 01:03 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-04-01 00:58 <DIR> --d----- c:\programdata\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-04-01 00:58 <DIR> --d----- c:\progra~2\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-04-01 00:58 <DIR> --d----- c:\program files\Bonjour
2009-04-01 00:57 <DIR> --d----- c:\programdata\Apple Computer
2009-04-01 00:57 <DIR> --d----- c:\programdata\Apple
2009-04-01 00:32 174 a------- c:\windows\Lexstat.ini
2009-04-01 00:31 <DIR> --d----- c:\program files\Lexmark X1100 Series
2009-03-31 23:43 <DIR> --d----- c:\program files\uTorrent
2009-03-31 23:43 <DIR> --d----- c:\users\jordan\appdata\roaming\uTorrent
2009-03-31 22:09 <DIR> --d----- c:\programdata\Adobe
2009-03-31 21:55 <DIR> --d----- c:\programdata\Real
2009-03-31 21:55 <DIR> --d----- c:\program files\K-Lite Codec Pack
2009-03-31 21:49 <DIR> --d----- c:\users\jordan\appdata\roaming\Mp3tag
2009-03-31 21:49 <DIR> --d----- c:\program files\Mp3tag
2009-03-31 21:47 676,224 a------- c:\windows\system32\ogacheckcontrol.dll
2009-03-31 21:39 39,424 a------- c:\windows\zipinst.exe
2009-03-31 21:39 <DIR> --d----- c:\program files\Volumouse
2009-03-31 21:24 <DIR> --d----- c:\programdata\Microsoft Help
2009-03-31 21:17 114,048 a------- c:\windows\system32\drivers\snapman.sys
2009-03-31 21:13 <DIR> --d----- c:\users\jordan\appdata\roaming\LimeWire
2009-03-31 21:13 <DIR> --d----- c:\program files\LimeWire
2009-03-31 21:11 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-31 21:08 <DIR> --d----- c:\program files\MediaMonkey
2009-03-31 21:01 <DIR> --d----- c:\program files\OO Software
2009-03-31 21:00 <DIR> --d----- c:\programdata\Raxco
2009-03-31 20:59 <DIR> --d----- c:\program files\Raxco
2009-03-31 20:57 <DIR> --d----- c:\programdata\TechSmith
2009-03-31 20:56 <DIR> --d----- C:\Sandbox
2009-03-31 20:55 2,332 a------- c:\windows\Sandboxie.ini
2009-03-31 20:55 <DIR> --d----- c:\program files\Sandboxie
2009-03-31 20:49 <DIR> --d----- c:\users\jordan\appdata\roaming\Darq Software
2009-03-31 20:02 <DIR> --d----- c:\programdata\Downloaded Installations
2009-03-31 20:02 <DIR> --d----- c:\progra~2\Downloaded Installations
2009-03-31 20:01 <DIR> --d----- c:\program files\AVG
2009-03-31 19:55 625,152 a------- c:\windows\system32\drivers\dxgkrnl.sys
2009-03-31 19:48 <DIR> --d----- C:\PerfLogs
2009-03-31 19:36 181,304 a------- c:\windows\system32\drivers\msiscsi.sys
2009-03-31 19:35 41,472 a------- c:\windows\system32\drivers\raspppoe.sys
2009-03-31 19:19 269,312 a------- c:\windows\system32\es.dll
2009-03-31 19:19 <DIR> --d--r-- c:\users\jordan\Tracing
2009-03-31 19:18 <DIR> --d----- c:\program files\Microsoft
2009-03-31 19:17 <DIR> --d----- c:\program files\Windows Live SkyDrive
2009-03-31 19:17 <DIR> --d----- c:\windows\PCHEALTH
2009-03-31 19:12 <DIR> --d----- c:\program files\common files\Windows Live
2009-03-31 18:59 296,960 a------- c:\windows\system32\gdi32.dll
2009-03-31 18:59 <DIR> --d----- c:\windows\Panther
2009-03-31 18:58 8,192 a--s-r-- C:\BOOTSECT.BAK
2009-03-31 18:58 333,203 a--shr-- C:\bootmgr
2009-03-31 18:58 <DIR> --dsh--- C:\Boot
2009-03-31 18:58 212,480 a------- c:\windows\system32\drivers\mrxsmb10.sys
2009-03-31 18:58 36 a---hr-- c:\windows\DELL_VERSION
2009-03-31 18:58 <DIR> --d----- c:\windows\system32\OEM
2009-03-31 18:57 28,672 a------- c:\windows\system32\Apphlpdm.dll
2009-03-31 18:57 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2009-03-31 18:57 1,695,744 a------- c:\windows\system32\gameux.dll
2009-03-31 18:57 303,616 a------- c:\windows\system32\wmpeffects.dll
2009-03-31 18:56 1,191,936 a------- c:\windows\system32\msxml3.dll
2009-03-31 18:56 2,048 a------- c:\windows\system32\msxml3r.dll
2009-03-31 18:53 2,048 a------- c:\windows\system32\tzres.dll
2009-03-31 18:52 428,544 a------- c:\windows\system32\EncDec.dll
2009-03-31 18:52 177,664 a------- c:\windows\system32\mpg2splt.ax
2009-03-31 18:52 293,376 a------- c:\windows\system32\psisdecd.dll
2009-03-31 18:52 217,088 a------- c:\windows\system32\psisrndr.ax
2009-03-31 18:52 80,896 a------- c:\windows\system32\MSNP.ax
2009-03-31 18:52 69,632 a------- c:\windows\system32\Mpeg2Data.ax
2009-03-31 18:52 57,856 a------- c:\windows\system32\MSDvbNP.ax
2009-03-31 18:50 622,080 a------- c:\windows\system32\icardagt.exe
2009-03-31 18:50 97,800 a------- c:\windows\system32\infocardapi.dll
2009-03-31 18:50 37,384 a------- c:\windows\system32\infocardcpl.cpl
2009-03-31 18:50 11,264 a------- c:\windows\system32\icardres.dll
2009-03-31 18:49 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-03-31 18:49 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
2009-03-31 18:49 326,160 a------- c:\windows\system32\PresentationHost.exe
2009-03-31 18:49 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
2009-03-31 18:39 21,299,200 a------- c:\windows\ocsetup_install_NetFx3.etl
2009-03-31 18:39 196,608 a------- c:\windows\ocsetup_cbs_install_NetFx3.perf
2009-03-31 18:39 65,536 a------- c:\windows\ocsetup_cbs_install_NetFx3.dpx
2009-03-31 18:37 96,760 a------- c:\windows\system32\dfshim.dll
2009-03-31 18:37 41,984 a------- c:\windows\system32\netfxperf.dll
2009-03-31 18:36 282,112 a------- c:\windows\system32\mscoree.dll
2009-03-31 18:36 158,720 a------- c:\windows\system32\mscorier.dll
2009-03-31 18:36 83,968 a------- c:\windows\system32\mscories.dll
2009-03-31 18:19 361,984 a------- c:\windows\system32\IPSECSVC.DLL
2009-03-31 18:19 272,896 a------- c:\windows\system32\polstore.dll
2009-03-31 18:19 61,440 a------- c:\windows\system32\winipsec.dll
2009-03-31 18:19 28,672 a------- c:\windows\system32\FwRemoteSvr.dll
2009-03-31 18:18 1,820 a------- c:\windows\system32\rasctrnm.h
2009-03-31 18:17 241,152 a------- c:\windows\system32\PortableDeviceApi.dll
2009-03-31 18:17 160,768 a------- c:\windows\system32\PortableDeviceTypes.dll
2009-03-31 18:17 94,720 a------- c:\windows\system32\PortableDeviceClassExtension.dll
2009-03-31 18:13 8,147,456 a------- c:\windows\system32\wmploc.DLL
2009-03-31 18:13 7,680 a------- c:\windows\system32\spwmp.dll
2009-03-31 18:13 4,096 a------- c:\windows\system32\msdxm.ocx
2009-03-31 18:13 4,096 a------- c:\windows\system32\dxmasf.dll
2009-03-31 18:10 2,927,104 a------- c:\windows\explorer.exe
2009-03-31 18:06 6,656 a------- c:\windows\system32\kbd106n.dll
2009-03-31 18:06 988,216 a------- c:\windows\system32\winload.exe
2009-03-31 18:06 927,288 a------- c:\windows\system32\winresume.exe
2009-03-31 18:06 615,992 a------- c:\windows\system32\ci.dll
2009-03-31 18:06 378,368 a------- c:\windows\system32\srcore.dll
2009-03-31 18:06 318,464 a------- c:\windows\system32\rstrui.exe
2009-03-31 18:06 46,592 a------- c:\windows\system32\setbcdlocale.dll
2009-03-31 18:06 40,960 a------- c:\windows\system32\srclient.dll
2009-03-31 18:06 19,000 a------- c:\windows\system32\kd1394.dll
2009-03-31 18:06 14,848 a------- c:\windows\system32\srdelayed.exe
2009-03-31 18:05 712,704 a------- c:\windows\system32\WindowsCodecs.dll
2009-03-31 18:05 425,472 a------- c:\windows\system32\PhotoMetadataHandler.dll
2009-03-31 18:05 347,136 a------- c:\windows\system32\WindowsCodecsExt.dll
2009-03-31 18:03 443,392 a------- c:\windows\system32\win32spl.dll
2009-03-31 18:03 37,888 a------- c:\windows\system32\printcom.dll
2009-03-31 18:03 113,664 a------- c:\windows\system32\drivers\rmcast.sys
2009-03-31 18:03 14,848 a------- c:\windows\system32\wshrm.dll
2009-03-31 18:03 288,768 a------- c:\windows\system32\drivers\srv.sys
2009-03-31 18:02 268,288 a------- c:\windows\system32\schannel.dll
2009-03-31 18:02 2,868,736 a------- c:\windows\system32\mf.dll
2009-03-31 18:02 996,352 a------- c:\windows\system32\WMNetMgr.dll
2009-03-31 18:02 98,816 a------- c:\windows\system32\mfps.dll
2009-03-31 18:02 94,720 a------- c:\windows\system32\logagent.exe
2009-03-31 18:02 53,248 a------- c:\windows\system32\rrinstaller.exe
2009-03-31 18:02 24,576 a------- c:\windows\system32\mfpmp.exe
2009-03-31 18:02 2,048 a------- c:\windows\system32\mferror.dll
2009-03-31 18:02 738,304 a------- c:\windows\system32\inetcomm.dll
2009-03-31 18:02 84,480 a------- c:\windows\system32\INETRES.dll
2009-03-31 18:01 1,645,568 a------- c:\windows\system32\connect.dll
2009-03-31 18:01 1,314,816 a------- c:\windows\system32\quartz.dll
2009-03-31 18:01 2,033,152 a------- c:\windows\system32\win32k.sys
2009-03-31 18:01 1,334,272 a------- c:\windows\system32\msxml6.dll
2009-03-31 18:01 2,048 a------- c:\windows\system32\msxml6r.dll
2009-03-31 16:12 1,904 -------- c:\windows\system32\SetupBD.din
2009-03-31 16:11 228,224 a------- c:\windows\system32\drivers\e1e6032.sys
2009-03-31 16:11 179,048 a------- c:\windows\system32\e1000msg.dll
2009-03-31 16:11 154,496 a------- c:\windows\system32\Prounstl.exe
2009-03-31 16:11 39,288 a------- c:\windows\system32\NicInE6.dll
2009-03-31 16:11 28,536 a------- c:\windows\system32\NicCo6.dll
2009-03-31 16:11 2,689 a------- c:\windows\system32\e1e6032.din
2009-03-31 16:11 <DIR> --d-h--- C:\dell
2009-03-31 16:11 <DIR> --dsh--- c:\windows\Installer
2009-03-31 16:06 <DIR> --d----- c:\users\Jordan
2009-03-31 15:40 1,524,736 a------- c:\windows\system32\wucltux.dll
2009-03-31 15:40 83,456 a------- c:\windows\system32\wudriver.dll
2009-03-31 15:40 162,064 a------- c:\windows\system32\wuwebv.dll
2009-03-31 15:40 31,232 a------- c:\windows\system32\wuapp.exe
2009-03-31 15:29 53,248 a------- c:\windows\system32\CSVer.dll
2009-03-31 15:29 <DIR> --d-h--- C:\Intel
2009-03-31 15:23 <DIR> --d----- c:\windows\system32\directx
2009-03-31 15:22 <DIR> --d----- c:\programdata\NVIDIA
2009-03-31 15:20 319,456 a------- c:\windows\DIFxAPI.dll
2009-03-31 15:20 61,440 a------- c:\windows\system32\MBWrp32.dll
2009-03-31 15:20 <DIR> --d----- c:\program files\Realtek
2009-03-31 15:20 <DIR> --d-h--- c:\program files\Temp
2009-03-31 15:17 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2009-03-31 15:16 <DIR> --d----- C:\NVIDIA
2009-03-20 14:50 3,358,720 a------- c:\windows\system32\GPhotos.scr

==================== Find3M ====================

2009-04-16 23:03 33,808 a------- c:\windows\system32\drivers\klbg.sys
2009-04-16 22:56 86,016 a------- c:\windows\inf\infstor.dat
2009-04-16 22:56 51,200 a------- c:\windows\inf\infpub.dat
2009-04-16 22:56 86,016 a------- c:\windows\inf\infstrng.dat
2009-04-02 15:21 84,480 a------- c:\windows\system32\ff_vfw.dll
2009-03-31 19:52 174 a--sh--- c:\program files\desktop.ini
2009-03-31 19:48 665,600 a------- c:\windows\inf\drvindex.dat
2009-03-31 19:43 101,888 a------- c:\windows\system32\ifxcardm.dll
2009-03-31 19:43 82,432 a------- c:\windows\system32\axaltocm.dll
2009-03-31 18:57 2,154,496 a------- c:\windows\apppatch\AcGenral.dll
2009-03-31 18:57 541,696 a------- c:\windows\apppatch\AcLayers.dll
2009-03-31 18:57 460,288 a------- c:\windows\apppatch\AcSpecfc.dll
2009-03-31 18:57 2,560 a------- c:\windows\apppatch\AcRes.dll
2009-03-31 18:57 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2009-03-31 18:57 52,736 a------- c:\windows\apppatch\iebrshim.dll
2009-03-30 12:04 1,003,040 a------- c:\windows\system32\RtkPgExt.dll
2009-03-30 12:04 46,112 a------- c:\windows\system32\RtkCoInst.dll
2009-03-30 12:04 326,176 a------- c:\windows\system32\RtkApoApi.dll
2009-03-30 12:04 2,525,216 a------- c:\windows\system32\RtkAPO.dll
2009-03-30 11:13 2,350,624 a------- c:\windows\system32\drivers\RTKVHDA.sys
2009-03-25 09:06 142,848 a------- c:\windows\system32\AERTACap.dll
2009-03-17 07:58 540,672 a------- c:\windows\RtlExUpd.dll
2009-03-16 23:38 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-16 23:38 13,824 a------- c:\windows\system32\apilogen.dll
2009-03-16 23:38 24,064 a------- c:\windows\system32\amxread.dll
2009-03-16 14:18 517,448 a------- c:\windows\system32\XAudio2_4.dll
2009-03-16 14:18 235,352 a------- c:\windows\system32\xactengine3_4.dll
2009-03-16 14:18 69,448 a------- c:\windows\system32\XAPOFX1_3.dll
2009-03-16 14:18 22,360 a------- c:\windows\system32\X3DAudio1_6.dll
2009-03-15 06:25 56,268 a------- c:\windows\system32\drivers\scdemu.sys
2009-03-09 15:27 4,178,264 a------- c:\windows\system32\D3DX9_41.dll
2009-03-09 15:27 1,846,632 a------- c:\windows\system32\D3DCompiler_41.dll
2009-03-09 15:27 453,456 a------- c:\windows\system32\d3dx10_41.dll
2009-03-05 23:59 1,900,544 a------- c:\windows\system32\usbaaplrc.dll
2009-03-05 23:59 36,864 a------- c:\windows\system32\drivers\usbaapl.sys
2009-03-03 00:46 3,599,328 a------- c:\windows\system32\ntkrnlpa.exe
2009-03-03 00:46 3,547,632 a------- c:\windows\system32\ntoskrnl.exe
2009-03-03 00:40 827,392 a------- c:\windows\system32\wininet.dll
2009-03-03 00:39 183,296 a------- c:\windows\system32\sdohlp.dll
2009-03-03 00:39 551,424 a------- c:\windows\system32\rpcss.dll
2009-03-03 00:39 26,112 a------- c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 00:37 78,336 a------- c:\windows\system32\ieencode.dll
2009-03-03 00:37 98,304 a------- c:\windows\system32\iasrecst.dll
2009-03-03 00:37 54,784 a------- c:\windows\system32\iasads.dll
2009-03-03 00:37 44,032 a------- c:\windows\system32\iasdatastore.dll
2009-03-02 23:04 666,624 a------- c:\windows\system32\printfilterpipelinesvc.exe
2009-03-02 22:38 17,408 a------- c:\windows\system32\iashost.exe
2009-03-02 22:28 26,624 a------- c:\windows\system32\ieUnatt.exe
2009-03-02 07:41 29,184 a------- c:\windows\system32\drivers\VClone.sys
2009-02-26 16:47 2,255,360 a------- c:\windows\system32\x264vfw.dll
2009-02-18 14:44 795,104 a------- c:\windows\system32\dpinst.exe
2009-02-13 04:49 72,704 a------- c:\windows\system32\secur32.dll
2009-02-13 04:49 1,255,936 a------- c:\windows\system32\lsasrv.dll
2009-02-12 14:24 282,112 a------- c:\windows\system32\RTPCEE32.dll
2009-02-06 18:52 49,504 a------- c:\windows\system32\sirenacm.dll
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 13:10:53.56 ===============

please help thanks!

BC AdBot (Login to Remove)

 


#2 gtxr457

gtxr457
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:55 AM

Posted 18 April 2009 - 12:52 PM

can anyone help me???
====================
Hello

While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large as are other comparable sites that help others with malware issues. Although our HJT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.

Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, you wouldn't want someone to assist you who is not familiar with your issue and attempt to fix it, would you?

We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or make further replies until it has been responded to by a member of the HJT Team. The reason we ask this or do not respond to your requests is because that would remove you from the active queue that Techs and Staff have access to. The malware staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response, there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

That is why I have made an edit to your last post, instead of a reply. Please do not multiple post here, as that only pushes you further down the queue and causes confusion to the staff.

Please be patient. It may take a while to get a response but your log will be reviewed and answered as soon as possible.

Thank you for understanding.

Orange Blossom ~ forum moderator

Edited by Orange Blossom, 18 April 2009 - 03:05 PM.


#3 gtxr457

gtxr457
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:55 AM

Posted 20 April 2009 - 09:19 PM

i understand how busy you all are and how many reports you get but honestly identity theft is huge and u just cant take risks

so i formatted my computer and promptly resinstalled KIS2009 wont be uninstalling again

#4 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the &quot;Logic Free Zone&quot;, in Md, USA
  • Local time:10:55 AM

Posted 21 April 2009 - 05:02 PM

Thanks for informing us what you had to do.

Good luck.

This Topic is closed.

Should you need it reopened, please contact a Forum Moderator. Include the address of this thread in your request.

If you have a new issue, please start a New Topic.

This applies only to the original poster. Everyone else please begin a New Topic.

R,
K
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users