Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with DNS 85.255 trojan


  • This topic is locked This topic is locked
2 replies to this topic

#1 pauliex

pauliex

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:59 AM

Posted 02 May 2009 - 02:07 PM

My system became infected with a trojan that would set DSN servers to 85.255.112.13 and 85.255.112.110. I used HijackThis to remove any "85.255.." entries from the registry, but upon rebooting sometimes the 85.255 is back, but sometimes it doesnt come back. If it's back, I manually change DNS back to 'automatic', and for the large part my computer is OK.

Some problems persist though:-

- I can't run Spybot S&D. I see it created the process SpybotSD.exe, but no GUI shows
- If I try to go to security sites, such as Spybot's site, it looks like it diverts to other sites (probably illegitimate ones)
- Sometimes when I open Internet Explorer it attempts to access my router (192.168.0.1).
- I tried System Restore, but when I hit the 'Next>' button after selecting a restore point, nothing happens.
- Sometimes I get errors opening C: drive with "Cant access C:\RECLYCLER\<some file name>"

Here's the DDS.txt, and attach.txt is zipped and attached.

Thank you so much bleepingcomputer! This is a wonderful service you provide.


DDS (Ver_09-03-16.01) - NTFSx86
Run by Paul Stanley at 14:54:38.98 on Sat 05/02/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3327.2620 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\UMonit.exe
C:\Program Files\D-Link\AirPlus XtremeG DWL-G520\AirPlusCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Paul Stanley\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.0988.2\msneshellx.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.16.0\gears.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.0988.2\msneshellx.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [ASRock OC Tuner]
uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 120\axcmd.exe" /automount
uRun: [Aim6]
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [WinSys2] c:\windows\system32\winsys2.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [UMonit] c:\windows\system32\UMonit.exe
mRun: [D-Link AirPlus XtremeG DWL-G520] c:\program files\d-link\airplus xtremeg dwl-g520\AirPlusCFG.exe
mRun: [ANIWZCS2Service] c:\program files\ani\aniwzcs2 service\WZCSLDR2.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\paulst~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.16.0\gears.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www2.snapfish.com/SnapfishActivia.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre/6u11-b90/jinstall-6u11-windows-i586-jc.cab?e=1232219729405&h=8d3516eb8009e7dc94992243a36d989d/&filename=jinstall-6u11-windows-i586-jc.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} - hxxp://www.instantaction.com/download/iaplayer.cab
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\paulst~1\applic~1\mozilla\firefox\profiles\t4msccyk.default\
FF - component: c:\program files\google\google gears\firefox\components\gears.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R0 ntcdrdrv;ntcdrdrv;c:\windows\system32\drivers\ntcdrdrv.sys [2009-4-22 13440]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-1-11 325128]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-1-11 27656]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-1-11 107272]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\adobe\photoshop elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-1-11 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-1-11 298264]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-2-8 24652]
R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [2005-3-22 472832]
S2 gupdate1c98d59c210397e;Google Update Service (gupdate1c98d59c210397e);c:\program files\google\update\GoogleUpdate.exe [2009-2-12 133104]
S3 FIXUSTOR;FIXUSTOR;c:\windows\system32\drivers\fixustor.sys [2009-1-10 12416]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\i:\ntglm7x.sys --> i:\NTGLM7X.sys [?]

=============== Created Last 30 ================

2009-05-01 08:23 <DIR> --d----- c:\program files\Trend Micro
2009-05-01 08:06 <DIR> --d----- C:\fixwareout
2009-04-30 22:31 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-04-30 21:24 16,409,960 a------- c:\temp\spybotsd162.exe
2009-04-30 21:24 423,736 a------- c:\temp\avgarkt-setup-1.1.0.42.exe
2009-04-30 18:40 <DIR> --d----- c:\program files\AV Audio Recorder
2009-04-30 18:31 371 ---shr-- C:\autorun.inf
2009-04-30 17:55 140,488 a------- c:\windows\system32\COMDLG32.OCX
2009-04-30 17:55 115,920 a------- c:\windows\system32\MSINET.OCX
2009-04-30 17:12 164,864 a------- c:\program files\UNWISE.EXE
2009-04-30 17:12 <DIR> --d----- c:\program files\Acoustica Beatcraft
2009-04-29 19:10 <DIR> --d----- c:\docume~1\paulst~1\applic~1\Cakewalk
2009-04-29 18:54 118,784 a------- c:\windows\dsdxirmv.exe
2009-04-29 18:52 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Cakewalk
2009-04-29 18:52 233,472 a------- c:\windows\system32\REX Shared Library.dll
2009-04-29 18:52 180,224 a------- c:\windows\system32\ReWire.dll
2009-04-29 18:52 1,060,864 a------- c:\windows\system32\mfc71.dll
2009-04-29 18:52 1,047,552 a------- c:\windows\system32\mfc71u.dll
2009-04-29 18:52 487,424 a------- c:\windows\system32\msvcp70.dll
2009-04-29 18:52 <DIR> --d----- c:\program files\Cakewalk
2009-04-29 18:52 <DIR> --d----- C:\Cakewalk Projects
2009-04-29 05:19 <DIR> --d----- c:\program files\Acoustica Shared Effects
2009-04-27 19:22 499,712 a------- c:\windows\system32\msvcp71.dll
2009-04-27 19:22 348,160 a------- c:\windows\system32\msvcr71.dll
2009-04-27 19:22 14,608 a------- c:\windows\system32\iviaspi.sys
2009-04-27 19:22 <DIR> --d----- c:\program files\SanDisk
2009-04-25 17:59 <DIR> --d----- c:\program files\iPod
2009-04-25 17:59 <DIR> --d----- c:\program files\iTunes
2009-04-25 17:59 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-24 19:05 4,681,451,520 a------- C:\FROST_NIXON.ISO
2009-04-22 21:13 <DIR> --d----- C:\Doctor Who
2009-04-22 18:29 55 a------- c:\windows\REGKEYNT.INI
2009-04-22 18:29 13,440 a------- c:\windows\system32\drivers\ntcdrdrv.sys
2009-04-22 18:29 <DIR> --d----- c:\program files\NoteBurner
2009-04-22 16:53 <DIR> --d----- c:\program files\Ventrilo
2009-04-22 16:53 262 a------- c:\windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
2009-04-22 16:52 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2009-04-21 20:13 23 a------- c:\windows\BlendSettings.ini
2009-04-21 20:07 <DIR> --d----- c:\program files\Bethesda Softworks
2009-04-18 19:38 <DIR> --d----- c:\program files\common files\Knowledge Adventure
2009-04-16 18:35 34,064 a------- c:\windows\system32\lhacm.acm
2009-04-16 18:35 <DIR> --d----- c:\program files\Teamspeak2_RC2
2009-04-15 23:22 2,560 -------- c:\windows\system32\xpsp4res.dll
2009-04-12 19:53 <DIR> --d-h--- c:\windows\PIF
2009-04-09 21:40 1,181,022 a------- c:\windows\system32\TmpA320647890
2009-04-09 21:38 1,181,022 a------- c:\windows\system32\TmpA320521453
2009-04-09 21:34 900,015 a------- c:\windows\system32\TmpA320257859
2009-04-09 21:30 1,777,664 a------- c:\windows\system32\gdiplus.dll
2009-04-07 22:34 10,898 a------- C:\yogapyramid.docx
2009-04-06 20:13 <DIR> --d----- c:\docume~1\paulst~1\applic~1\AV Audio Recorder Build-in Simple Audio Editor
2009-04-06 20:10 <DIR> --d----- c:\docume~1\paulst~1\applic~1\AV Audio Recorder
2009-04-06 20:10 1,986,560 a------- c:\windows\system32\NCTAudioFile2.dll
2009-04-06 20:10 1,212,416 a------- c:\windows\system32\NCTAudioInformation2.dll
2009-04-06 20:10 880,640 a------- c:\windows\system32\NCTAudioEditor2.dll
2009-04-06 20:10 835,584 a------- c:\windows\system32\NCTAudioCDGrabber2.dll
2009-04-06 20:10 602,112 a------- c:\windows\system32\NCTAudioTransform2.dll
2009-04-06 20:10 479,232 a------- c:\windows\system32\NCTAudioVisualization2.dll
2009-04-06 20:10 458,752 a------- c:\windows\system32\NCTAudioRecord2.dll
2009-04-06 20:10 458,752 a------- c:\windows\system32\NCTAudioPlayer2.dll
2009-04-06 20:10 417,792 a------- c:\windows\system32\NCTTextToAudio2.dll
2009-04-06 20:10 348,160 a------- c:\windows\system32\NCTWMAFile2.dll
2009-04-06 20:10 344,064 a------- c:\windows\system32\msvcr70.dll
2009-04-06 20:10 113,486 a------- c:\windows\system32\NCTWMAProfiles.prx
2009-04-06 18:45 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AVS4YOU
2009-04-06 18:45 <DIR> --d----- c:\program files\common files\AVSMedia
2009-04-06 18:45 <DIR> --d----- c:\docume~1\paulst~1\applic~1\AVS4YOU
2009-04-06 18:45 24,576 a------- c:\windows\system32\msxml3a.dll
2009-04-06 16:57 <DIR> --d----- c:\program files\Curse
2009-04-03 19:02 <DIR> --d----- c:\program files\TubeBlasterPro

==================== Find3M ====================

2009-04-30 20:20 138,920 a------- c:\windows\system32\drivers\PnkBstrK.sys
2009-04-30 20:20 189,072 a------- c:\windows\system32\PnkBstrB.exe
2009-04-30 17:13 4,059 a------- c:\program files\INSTALL.LOG
2009-03-19 16:32 23,400 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-08 04:34 914,944 a------- c:\windows\system32\wininet.dll
2009-03-08 04:34 43,008 a------- c:\windows\system32\licmgr10.dll
2009-03-08 04:33 18,944 a------- c:\windows\system32\corpol.dll
2009-03-08 04:33 420,352 a------- c:\windows\system32\vbscript.dll
2009-03-08 04:32 72,704 a------- c:\windows\system32\admparse.dll
2009-03-08 04:32 71,680 a------- c:\windows\system32\iesetup.dll
2009-03-08 04:31 34,816 a------- c:\windows\system32\imgutil.dll
2009-03-08 04:31 48,128 a------- c:\windows\system32\mshtmler.dll
2009-03-08 04:31 45,568 a------- c:\windows\system32\mshta.exe
2009-03-08 04:22 156,160 a------- c:\windows\system32\msls31.dll
2009-03-06 10:22 284,160 a------- c:\windows\system32\pdh.dll
2009-02-28 16:42 75,064 a------- c:\windows\system32\PnkBstrA.exe
2009-02-09 08:10 729,088 a------- c:\windows\system32\lsasrv.dll
2009-02-09 08:10 714,752 a------- c:\windows\system32\ntdll.dll
2009-02-09 08:10 617,472 a------- c:\windows\system32\advapi32.dll
2009-02-09 08:10 401,408 a------- c:\windows\system32\rpcss.dll
2009-02-09 07:13 1,846,784 a------- c:\windows\system32\win32k.sys
2009-02-06 07:11 110,592 a------- c:\windows\system32\services.exe
2009-02-06 07:06 2,145,280 a------- c:\windows\system32\ntoskrnl.exe
2009-02-06 06:39 35,328 a------- c:\windows\system32\sc.exe
2009-02-06 06:32 2,023,936 a------- c:\windows\system32\ntkrnlpa.exe
2009-02-05 16:50 42,320 a------- c:\windows\system32\xfcodec.dll
2009-02-03 15:59 56,832 a------- c:\windows\system32\secur32.dll
2009-01-27 02:09 2,698,189 a------- c:\program files\!!! copy.jpg
2009-01-27 02:09 72,297,645 a------- c:\program files\!!!.psd
2009-01-16 16:45 0 a------- c:\docume~1\alluse~1\applic~1\PKP_DLdy.DAT
2009-01-11 00:16 22,328 a------- c:\docume~1\paulst~1\applic~1\PnkBstrK.sys

============= FINISH: 14:54:49.45 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 pauliex

pauliex
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:59 AM

Posted 02 May 2009 - 04:27 PM

OP again...

Additional symptoms noted since I posted above:-

- My DVD burner is recognized, but no longer as a burner. Nero etc all say 'no writers'.
- Shortcut keys in photoshop no longer work.

#3 pauliex

pauliex
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:59 AM

Posted 02 May 2009 - 08:57 PM

I found a similar thread on this forum, and followed the instructions there, primarily running ComboFix.exe.......... it seems to have cured all symptoms!!

A big thankyou to this site - it's a wonderful resource.

Please close my issue.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users