Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

dns changer i think....maybe more


  • This topic is locked This topic is locked
2 replies to this topic

#1 FleckFilet

FleckFilet

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:02 AM

Posted 08 May 2009 - 04:42 PM

ok, here is my problem: everytime i get on the google and click a search result, im redirected to a totally random website. also, when i run msconfig and check my startup apps, there is something in C:\WINDOWS\system 32\ called rundll86.exe that i've never seen before. when i look in my windows folder, its not there but it shows up in msconfig...strange. also, i just noticed i now have a program installed entitled Hotfix for Windows XP (KB952287)....never heard of it before...but im not gonna touch anything else until someone tells me what to do

what i've done so far: ran a full scan with avira antivir and removed several suspected trojans and dns changers. i also ran a full scan with malwarebytes, and it also detected several trojans and dns changers. i quarantined and deleted everything and restarted my computer.
within minutes of opening firefox back up, i was experiencing the same symptoms.

the last thing i've done is delete bittorrent. i swear im done with any p2p programs forever
thanks much for your time and effort


Attached File  Attach.txt   6.32KB   2 downloads




DDS (Ver_09-03-16.01) - NTFSx86
Run by Administrator at 15:16:05.51 on 08/05/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.2.1033.18.446.164 [GMT -6:00]

AV: AntiVir Desktop *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No File
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [VTTimer] VTTimer.exe
mRun: [VTTrayp] VTtrayp.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-explorer: NoSMBalloonTip = 0 (0x0)
uPolicies-explorer: NoStrCmpLogical = 1 (0x1)
mPolicies-explorer: NoWelcomeScreen = 1 (0x1)
mPolicies-system: SynchronousMachineGroupPolicy = 0 (0x0)
mPolicies-system: SynchronousUserGroupPolicy = 0 (0x0)
IE: Append to existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert link target to existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: Microsoft XML Parser for Java
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\iuq4vtql.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://partnerpage.google.com/email.phoenix.edu?tab=mS

============= SERVICES / DRIVERS ===============

R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-5-4 11608]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-5-4 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-5-4 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-5-4 55640]
R4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-5-3 38496]
S0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [2005-12-19 77312]
S0 vvfeuhr;vvfeuhr;c:\windows\system32\drivers\tfhxw.sys --> c:\windows\system32\drivers\tfhxw.sys [?]

=============== Created Last 30 ================

2009-05-08 11:27 <DIR> --d----- c:\program files\common files\Macrovision Shared
2009-05-08 11:27 45,392 a----r-- c:\windows\system32\AdobePDF.dll
2009-05-08 11:27 22,872 a----r-- c:\windows\system32\AdobePDFUI.dll
2009-05-05 13:32 5,632 a--sh--- c:\windows\Thumbs.db
2009-05-04 20:00 <DIR> --d----- c:\docume~1\admini~1\applic~1\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2009-05-04 17:26 <DIR> --d-h--- c:\docume~1\alluse~1\applic~1\{A25FEDC1-F6D7-440C-BCE2-B71F595F6646}
2009-05-04 17:26 <DIR> --d----- c:\program files\Eraser
2009-05-04 16:20 55,640 a------- c:\windows\system32\drivers\avgntflt.sys
2009-05-04 16:20 <DIR> --d----- c:\program files\Avira
2009-05-04 16:20 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Avira
2009-05-04 14:10 268,648 a------- c:\windows\system32\mucltui.dll
2009-05-04 14:10 208,744 a------- c:\windows\system32\muweb.dll
2009-05-04 14:10 27,496 a------- c:\windows\system32\mucltui.dll.mui
2009-05-04 02:06 <DIR> --d----- c:\program files\VideoLAN
2009-05-04 01:20 <DIR> --d----- c:\docume~1\admini~1\applic~1\Malwarebytes
2009-05-03 23:41 <DIR> a-dshr-- C:\cmdcons
2009-05-03 22:26 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-05-03 22:26 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-03 22:26 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-05-03 22:26 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-05-03 21:54 <DIR> --d----- c:\program files\Trend Micro
2009-05-03 21:50 <DIR> --d----- c:\program files\CCleaner
2009-05-03 19:56 <DIR> --d----- c:\program files\common files\Adobe Systems Shared
2009-04-27 19:20 26,368 ac------ c:\windows\system32\dllcache\usbstor.sys
2009-04-27 02:05 40,960 a------- c:\windows\system32\ssubtmr6.dll
2009-04-27 02:05 36,864 a------- c:\windows\system32\trayicon_handler.ocx
2009-04-27 01:38 <DIR> --d----- c:\docume~1\admini~1\applic~1\Pegasys Inc
2009-04-27 01:27 <DIR> --d----- c:\windows\system32\appmgmt
2009-04-27 00:47 86,016 -------- c:\windows\system32\pxwma.dll
2009-04-26 23:35 <DIR> --d----- C:\my dvd
2009-04-26 23:34 67 a------- c:\windows\Easy Avi Divx Xvid to DVD Burner.INI
2009-04-26 20:38 <DIR> --d----- c:\program files\Microsoft Office Outlook Connector
2009-04-26 20:38 <DIR> --d----- c:\program files\MSECache
2009-04-26 18:36 <DIR> --d----- c:\windows\system32\NtmsData
2009-04-25 02:25 <DIR> --d-h--- c:\windows\PIF
2009-04-23 03:51 <DIR> --d----- c:\program files\DivX
2009-04-23 03:51 <DIR> --d----- c:\program files\common files\DivX Shared
2009-04-22 02:45 410,984 a------- c:\windows\system32\deploytk.dll
2009-04-22 02:45 73,728 a------- c:\windows\system32\javacpl.cpl
2009-04-22 00:52 116 a------- c:\windows\NeroDigital.ini
2009-04-21 05:41 107,368 a------- c:\windows\system32\GEARAspi.dll
2009-04-21 05:41 23,400 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-04-21 05:41 <DIR> --d----- c:\program files\iPod
2009-04-21 05:41 <DIR> --d----- c:\program files\iTunes
2009-04-21 05:41 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-21 03:14 <DIR> --d----- c:\docume~1\admini~1\applic~1\Convivea
2009-04-21 03:14 124,688 a------- c:\windows\system32\mswinsck.ocx
2009-04-21 03:13 <DIR> --d----- c:\program files\DNA
2009-04-21 03:13 <DIR> --d----- c:\docume~1\admini~1\applic~1\DNA
2009-04-20 06:59 <DIR> --d----- c:\program files\Messenger
2009-04-20 06:58 <DIR> --d----- c:\windows\system32\scripting
2009-04-20 06:58 <DIR> --d----- c:\windows\l2schemas
2009-04-20 06:58 <DIR> --d----- c:\windows\system32\en
2009-04-20 06:58 <DIR> --d----- c:\windows\system32\bits
2009-04-20 06:54 <DIR> --d----- c:\windows\ServicePackFiles
2009-04-20 06:34 104,960 -------- c:\windows\system32\drivers\atinrvxx.sys
2009-04-20 05:28 <DIR> --d----- C:\60bb2f1214ab1c7827
2009-04-20 03:36 272,128 -c------ c:\windows\system32\dllcache\bthport.sys
2009-04-20 03:36 272,128 -------- c:\windows\system32\drivers\bthport.sys
2009-04-20 03:35 401,408 -c------ c:\windows\system32\dllcache\rpcss.dll
2009-04-20 03:35 284,160 -c------ c:\windows\system32\dllcache\pdh.dll
2009-04-20 03:35 473,600 -c------ c:\windows\system32\dllcache\fastprox.dll
2009-04-20 03:35 110,592 -c------ c:\windows\system32\dllcache\services.exe
2009-04-20 03:35 729,088 -c------ c:\windows\system32\dllcache\lsasrv.dll
2009-04-20 03:35 453,120 -c------ c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-20 03:35 227,840 -c------ c:\windows\system32\dllcache\wmiprvse.exe
2009-04-20 03:35 714,752 -c------ c:\windows\system32\dllcache\ntdll.dll
2009-04-20 03:35 617,472 -c------ c:\windows\system32\dllcache\advapi32.dll
2009-04-20 03:35 2,145,280 -c------ c:\windows\system32\dllcache\ntkrnlmp.exe
2009-04-20 03:35 2,189,056 -c------ c:\windows\system32\dllcache\ntoskrnl.exe
2009-04-20 03:35 2,023,936 -c------ c:\windows\system32\dllcache\ntkrpamp.exe
2009-04-20 03:34 203,136 -c------ c:\windows\system32\dllcache\rmcast.sys
2009-04-20 03:34 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys
2009-04-20 03:34 333,952 -c------ c:\windows\system32\dllcache\srv.sys
2009-04-20 03:34 691,712 -c------ c:\windows\system32\dllcache\inetcomm.dll
2009-04-20 03:33 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll
2009-04-20 03:33 2,560 -------- c:\windows\system32\xpsp4res.dll
2009-04-20 03:33 215,552 -c------ c:\windows\system32\dllcache\wordpad.exe
2009-04-20 03:32 <DIR> --d----- c:\windows\system32\PreInstall
2009-04-20 03:32 26,488 a------- c:\windows\system32\spupdsvc.exe
2009-04-20 03:32 <DIR> --d-h--- c:\windows\$hf_mig$
2009-04-20 03:28 <DIR> --d----- c:\windows\system32\SoftwareDistribution
2009-04-19 18:43 5 a--sh--- c:\windows\system32\AuxDrv32_d.dlx
2009-04-19 18:43 5 a------- c:\windows\system32\SndDrv32_d.dlx
2009-04-19 17:45 <DIR> --d----- c:\program files\AVG
2009-04-19 17:26 <DIR> --d----- c:\windows\pss
2009-04-19 16:48 221,184 a------- c:\windows\system32\wmpns.dll
2009-04-19 16:47 17 a------- c:\windows\wininit.ini
2009-04-19 16:47 <DIR> --d----- c:\docume~1\admini~1\applic~1\Azureus
2009-04-19 16:47 335,872 a------- C:\StatBar.exe
2009-04-19 16:47 60,463 a------- C:\StatBar.hlp
2009-04-19 16:47 377 a------- C:\StatBar.cnt
2009-04-19 16:46 28,040 a------- c:\windows\system32\mdimon.dll
2009-04-19 16:45 <DIR> --d----- c:\program files\Microsoft ActiveSync
2009-04-19 16:43 <DIR> --d----- c:\windows\SHELLNEW
2009-04-19 16:42 125,184 -------- c:\windows\system32\drivers\imagesrv.sys
2009-04-19 16:42 5,504 -------- c:\windows\system32\drivers\imagedrv.sys
2009-04-19 16:41 106,496 a------- c:\windows\system32\TwnLib20.dll
2009-04-19 16:41 155,648 a------- c:\windows\system32\NeroCheck.exe
2009-04-19 16:41 1,568,768 -------- c:\windows\system32\ImagX7.dll
2009-04-19 16:41 476,320 -------- c:\windows\system32\ImagXpr7.dll
2009-04-19 16:41 471,040 -------- c:\windows\system32\ImagXRA7.dll
2009-04-19 16:41 262,144 -------- c:\windows\system32\ImagXR7.dll
2009-04-19 16:41 107,132 a------- c:\windows\UninstallFirefox.exe
2009-04-19 16:41 2,293 a------- c:\windows\mozver.dat
2009-04-19 16:36 157,696 a------- c:\windows\system32\unrar.dll
2009-04-19 16:36 1,415,680 a------- c:\windows\system32\WMV9VCM.dll
2009-04-19 16:36 1,024,000 a------- c:\windows\system32\3ivx.dll
2009-04-19 16:36 843,776 a------- c:\windows\system32\xvidcore.dll
2009-04-19 16:36 217,088 a------- c:\windows\system32\xvidvfw.dll
2009-04-19 16:36 348,160 a------- c:\windows\system32\msvcr71.dll
2009-04-19 16:36 344,064 a------- c:\windows\system32\msvcr70.dll
2009-04-19 16:36 245,408 a------- c:\windows\system32\unicows.dll
2009-04-19 16:36 19,968 a------- c:\windows\system32\cpuinf32.dll
2009-04-19 16:36 <DIR> --d----- c:\program files\K-Lite Codec Pack
2009-04-19 16:36 <DIR> --d----- c:\program files\Game XP
2009-04-19 16:35 <DIR> --d----- c:\program files\FlashGet
2009-04-19 16:35 <DIR> --d----- c:\program files\cpu-z
2009-04-19 16:35 <DIR> --d----- c:\program files\Webteh
2009-04-19 16:35 <DIR> --d----- c:\program files\Azureus
2009-04-19 16:34 159,616 a------- c:\windows\system32\drivers\Vax347b.sys
2009-04-19 16:34 5,248 a------- c:\windows\system32\drivers\Vax347s.sys
2009-04-19 16:34 <DIR> --d----- c:\program files\Alcohol Soft
2009-04-19 16:30 <DIR> --d----- c:\program files\File And MP3 Tag Renamer
2009-04-19 16:26 <DIR> --d----- c:\documents and settings\Administrator
2009-04-19 16:25 <DIR> --ds---- c:\windows\system32\Microsoft
2009-04-19 16:25 8,192 a------- c:\windows\REGLOCS.OLD
2009-04-19 16:23 143,422 ac------ c:\windows\system32\dllcache\softkey.dll
2009-04-19 16:22 10,129,408 ac------ c:\windows\system32\dllcache\hwxkor.dll
2009-04-19 16:21 19,968 ac------ c:\windows\system32\dllcache\inetsloc.dll
2009-04-19 16:21 <DIR> --d----- c:\program files\msn gaming zone
2009-04-19 16:20 <DIR> --dsh--- c:\documents and settings\all users\DRM
2009-04-19 16:20 488 a---hr-- c:\windows\system32\WindowsLogon.manifest
2009-04-19 16:20 488 a---hr-- c:\windows\system32\logonui.exe.manifest
2009-04-19 16:20 <DIR> --ds---- c:\windows\Downloaded Program Files
2009-04-19 16:20 <DIR> --d--r-- c:\windows\Offline Web Pages
2009-04-19 16:20 749 a---hr-- c:\windows\WindowsShell.Manifest
2009-04-19 16:20 749 a---hr-- c:\windows\system32\wuaucpl.cpl.manifest
2009-04-19 16:20 749 a---hr-- c:\windows\system32\sapi.cpl.manifest
2009-04-19 16:20 749 a---hr-- c:\windows\system32\nwc.cpl.manifest
2009-04-19 16:20 749 a---hr-- c:\windows\system32\ncpa.cpl.manifest
2009-04-19 16:20 749 a---hr-- c:\windows\system32\cdplayer.exe.manifest
2009-04-19 16:20 <DIR> --d-h--- c:\program files\WindowsUpdate
2009-04-19 16:20 <DIR> --d----- c:\program files\Online Services
2009-04-19 16:19 <DIR> --d----- c:\program files\common files\MSSoap
2009-04-19 16:17 <DIR> --d----- c:\program files\Windows NT
2009-04-19 10:11 <DIR> --d----- c:\program files\common files\ODBC
2009-04-19 10:11 <DIR> --d----- c:\program files\common files\SpeechEngines
2009-04-19 10:10 <DIR> --d--r-- c:\documents and settings\all users\Documents

==================== Find3M ====================

2009-04-26 21:34 77,211 a------- c:\windows\cursors\mac\Mac_OS_X_Cursors.zip
2009-04-20 07:01 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-04-19 16:41 2,678 a------- c:\windows\java\packages\data\B5F9RVLJ.DAT
2009-04-19 16:40 2,678 a------- c:\windows\java\packages\data\17TZDVPB.DAT
2009-04-19 16:40 2,678 a------- c:\windows\java\packages\data\N35ZNFRL.DAT
2009-04-19 16:40 2,678 a------- c:\windows\java\packages\data\K7RXRZX3.DAT
2009-04-19 16:40 2,678 a------- c:\windows\java\packages\data\AZDB3BLJ.DAT
2009-04-19 16:40 155,995 a------- c:\windows\java\packages\T7TBVTZD.ZIP
2009-04-19 16:40 2,232 a------- c:\windows\java\packages\data\XF3XBFNB.DAT
2009-04-19 16:17 21,640 a------- c:\windows\system32\emptyregdb.dat
2009-04-15 14:25 129,784 -------- c:\windows\system32\pxafs.dll
2009-04-15 14:25 120,056 -------- c:\windows\system32\pxcpyi64.exe
2009-04-15 14:25 118,520 -------- c:\windows\system32\pxinsi64.exe
2009-04-15 14:25 43,528 -------- c:\windows\system32\drivers\PxHelp20.sys
2009-04-15 14:25 9,464 -------- c:\windows\system32\drivers\cdralw2k.sys
2009-04-15 14:25 9,336 -------- c:\windows\system32\drivers\cdr4_xp.sys
2009-04-15 14:24 90,112 a------- c:\windows\system32\dpl100.dll
2009-04-15 14:24 823,296 a------- c:\windows\system32\divx_xx0c.dll
2009-04-15 14:24 823,296 a------- c:\windows\system32\divx_xx07.dll
2009-04-15 14:24 815,104 a------- c:\windows\system32\divx_xx0a.dll
2009-04-15 14:24 802,816 a------- c:\windows\system32\divx_xx11.dll
2009-04-15 14:24 684,032 a------- c:\windows\system32\DivX.dll
2009-03-06 08:22 284,160 a------- c:\windows\system32\pdh.dll
2009-03-02 18:18 826,368 a------- c:\windows\system32\wininet.dll
2009-02-20 12:09 78,336 a------- c:\windows\system32\ieencode.dll
2009-02-09 06:10 729,088 a------- c:\windows\system32\lsasrv.dll
2009-02-09 06:10 714,752 a------- c:\windows\system32\ntdll.dll
2009-02-09 06:10 617,472 a------- c:\windows\system32\advapi32.dll
2009-02-09 06:10 401,408 a------- c:\windows\system32\rpcss.dll
2009-02-09 05:13 1,846,784 a------- c:\windows\system32\win32k.sys
2009-02-07 19:02 2,066,048 a------- c:\windows\system32\ntkrnlpa.exe
2008-04-13 18:12 1,033,216 a------- c:\windows\inf\explorer.exe

============= FINISH: 15:16:21.96 ===============

BC AdBot (Login to Remove)

 


#2 FleckFilet

FleckFilet
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:02 AM

Posted 09 May 2009 - 02:55 PM

ok, i think it is fixed for now so you don't have to waste your time on this

#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,963 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:01:02 AM

Posted 14 May 2009 - 10:04 PM

Thank you for letting us know. This topic shall now be closed. ~ OB
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users