Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Several Viruses


  • This topic is locked This topic is locked
2 replies to this topic

#1 DeadMaster

DeadMaster

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:21 AM

Posted 10 May 2009 - 09:02 AM

Hello,
i did an antiviurs scan with my antivirus program(G DataAntiVirus) and it found some viruses :
Win32:Jifas-AJ, Win32:Trojan-gen, JS:Pdfka-ER, Win32:Falder. I pressed on delete to remove those files but not sure if they are gone..

I also got another question. 2 weeks ago i had a virus called autorun.inf virus (was a worm). Well I used a restoration point
to get rid of it. Am I still infected with it?

Well here are the logs:


DDS (Ver_09-03-16.01) - NTFSx86
Run by XXXXXX at 15:47:39,65 on 10.05.2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_11

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\G DATA AntiVirus\AVK\AVKService.exe
C:\Programme\G DATA AntiVirus\AVK\AVKWCtl.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\IoctlSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Packard Bell\SrvCDEject.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\mHotkey.exe
C:\Windows\CDCtr.exe
C:\Windows\ModHidKey.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Softex\OmniPass\opvapp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Softex\OmniPass\scureapp.exe
C:\Program Files\MultiScreen\MultiScreen.exe
C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Programme\G DATA AntiVirus\AVKTray\AVKTray.exe
C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\ICQ6\ICQ.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Common Files\Steam\SteamService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe
C:\Program Files\Combined Community Codec Pack\Zoom Player\zplayer.exe
C:\Program Files\Winamp\winamp.exe
C:\PROGRA~3\GDATAA~1\AVK\avk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\XXXXXX\Desktop\dds.scr
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.de/
uSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = localhost;*.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mWinlogon: Userinit=c:\windows\system32\userinit.exe
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: HP Print Clips: {053f9267-dc04-4294-a72c-58f732d338c0} - c:\program files\hp\smart web printing\hpswp_framework.dll
BHO: Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Anmelde-Hilfsprogramm: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\google\google_bae\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [LDM] c:\program files\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
uRun: [Steam] "c:\program files\steam\steam.exe" -silent
uRun: [SmpcSys] c:\program files\packard bell\setupmypc\SmpSys.exe
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [EA Core] c:\program files\electronic arts\eadm\Core.exe -silent
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun
uRun: [AdobeBridge]
uRun: [ICQ] "c:\program files\icq6\ICQ.exe" silent
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [LchMHotkey] LchMHKey.exe
mRun: [CarboniteSetupLite] "c:\program files\packard bell\carbonite\CarboniteSetupLitePBPreInstaller.exe" /preinstalled
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [<NO NAME>]
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [OmniPass] c:\program files\softex\omnipass\scureapp.exe
mRun: [MultiScreen] c:\program files\multiscreen\MultiScreen.exe
mRun: [Launch LGDCore] "c:\program files\common files\logitech\g-series software\LGDCore.exe" /SHOWHIDE
mRun: [Launch LCDMon] "c:\program files\common files\logitech\lcd manager\lcdmon.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [AVKTray] "c:\programme\g data antivirus\avktray\AVKTray.exe"
mRun: [ATSwpNav] "c:\program files\fingerprint sensor\ATSwpNav" -run
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [Adobe_ID0ENQBO] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
StartupFolder: c:\users\XXXX~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\users\XXXX~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
StartupFolder: c:\users\XXXX~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\xfire.lnk - c:\program files\xfire\xfire.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~2.lnk - c:\program files\logitech\desktop messenger\8876480\program\LDMConf.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download aller Links mit IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download FLV-Videoinhalt mit IDM - c:\program files\internet download manager\IEGetVL.htm
IE: Download mit IDM - c:\program files\internet download manager\IEExt.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files\icq6\ICQ.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
AppInit_DLLs: c:\progra~1\google\google~3\GOEC62~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\XXXXX~1\appdata\roaming\mozilla\firefox\profiles\14efib8x.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Anime Planet

============= SERVICES / DRIVERS ===============

R1 gdwfpcd;G DATA WFP CD;c:\windows\system32\drivers\gdwfpcd32.sys [2008-9-12 39880]
R2 AVKProxy;G DATA AntiVirus Proxy;c:\program files\common files\g data\avkproxy\AVKProxy.exe [2008-9-12 718408]
R2 AVKService;G DATA Scheduler;c:\programme\g data antivirus\avk\AVKService.exe [2008-9-12 427592]
R2 AVKWCtl;AntiVirus Wachter;c:\programme\g data antivirus\avk\AVKWCtl.exe [2008-9-12 1127816]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
R2 GDTdiInterceptor;GDTdiInterceptor;c:\windows\system32\drivers\GDTdiIcpt.sys [2008-9-12 41928]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2008-10-17 3712]
R2 SrvCDEject;SrvCDEject;c:\program files\packard bell\SrvCDEject.exe [2008-9-12 600576]
R3 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2008-9-12 46536]
R3 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2008-9-12 32200]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 284016]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2008-10-30 84832]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-8-2 32512]
S4 FLMCKUSB;AuthenTec TruePrint USB Driver (AES3400, AES3500, AES4000);c:\windows\system32\drivers\FLMckUSB.sys [2008-9-12 69810]
S4 GoogleDesktopManager-071508-051939;Google Desktop Manager 5.7.807.15159;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-9-12 24064]
S4 nvrd32;NVIDIA nForce RAID Driver;c:\windows\system32\drivers\nvrd32.sys [2008-9-12 123424]

=============== Created Last 30 ================

2009-05-10 12:40 <DIR> --d----- c:\users\XXXXX~1\appdata\roaming\Audio Recorder for Free
2009-05-10 12:40 417,792 a------- c:\windows\system32\NCTTextToAudio2.dll
2009-05-10 12:40 348,160 a------- c:\windows\system32\NCTWMAFile2.dll
2009-05-10 12:40 113,486 a------- c:\windows\system32\NCTWMAProfiles.prx
2009-05-10 12:40 1,986,560 a------- c:\windows\system32\NCTAudioFile2.dll
2009-05-10 12:40 1,212,416 a------- c:\windows\system32\NCTAudioInformation2.dll
2009-05-10 12:40 602,112 a------- c:\windows\system32\NCTAudioTransform2.dll
2009-05-10 12:40 479,232 a------- c:\windows\system32\NCTAudioVisualization2.dll
2009-05-10 12:40 458,752 a------- c:\windows\system32\NCTAudioRecord2.dll
2009-05-10 12:40 458,752 a------- c:\windows\system32\NCTAudioPlayer2.dll
2009-05-10 12:40 880,640 a------- c:\windows\system32\NCTAudioEditor2.dll
2009-05-10 12:40 835,584 a------- c:\windows\system32\NCTAudioCDGrabber2.dll
2009-05-10 12:40 <DIR> --d----- c:\program files\Audio Recorder for Free
2009-05-10 00:34 <DIR> --d----- c:\programdata\WindowsSearch
2009-05-03 16:14 <DIR> --d----- c:\users\XXXXX~1\appdata\roaming\DNA
2009-05-03 16:14 <DIR> --d----- c:\program files\DNA
2009-05-01 13:13 <DIR> --d----- c:\program files\ユニゾンシフト
2009-05-01 13:13 <DIR> --d----- c:\program files\common files\SOFTPAL
2009-04-28 16:36 <DIR> --d----- C:\T
2009-04-23 14:09 <DIR> --d----- c:\users\XXXXX \.jogl_ext
2009-04-20 20:07 <DIR> --d----- c:\program files\Trend Micro
2009-04-15 11:41 307 a------- c:\windows\JAP.INI
2009-04-12 18:20 <DIR> --d----- c:\program files\SE Inc
2009-04-10 21:39 258,352 a------- c:\windows\system32\unicows.dll
2009-04-10 20:13 <DIR> --d----- c:\users\XXXXX~1\appdata\roaming\GetRightToGo

==================== Find3M ====================

2009-05-10 00:55 607,544 a------- c:\windows\system32\perfh007.dat
2009-05-10 00:55 122,212 a------- c:\windows\system32\perfc007.dat
2009-04-06 18:24 410,984 a------- c:\windows\system32\deploytk.dll
2009-04-01 00:40 143,360 a------- c:\windows\inf\infstrng.dat
2009-04-01 00:40 86,016 a------- c:\windows\inf\infstor.dat
2009-04-01 00:40 51,200 a------- c:\windows\inf\infpub.dat
2009-03-20 15:49 84,998 a------- c:\windows\War3Unin.dat
2009-03-17 05:38 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-17 05:38 13,824 a------- c:\windows\system32\apilogen.dll
2009-03-17 05:38 24,064 a------- c:\windows\system32\amxread.dll
2009-03-03 06:46 3,599,328 a------- c:\windows\system32\ntkrnlpa.exe
2009-03-03 06:46 3,547,632 a------- c:\windows\system32\ntoskrnl.exe
2009-03-03 06:40 827,392 a------- c:\windows\system32\wininet.dll
2009-03-03 06:39 183,296 a------- c:\windows\system32\sdohlp.dll
2009-03-03 06:39 551,424 a------- c:\windows\system32\rpcss.dll
2009-03-03 06:39 26,112 a------- c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 06:37 78,336 a------- c:\windows\system32\ieencode.dll
2009-03-03 06:37 98,304 a------- c:\windows\system32\iasrecst.dll
2009-03-03 06:37 54,784 a------- c:\windows\system32\iasads.dll
2009-03-03 06:37 44,032 a------- c:\windows\system32\iasdatastore.dll
2009-03-03 05:04 666,624 a------- c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 04:38 17,408 a------- c:\windows\system32\iashost.exe
2009-03-03 04:28 26,624 a------- c:\windows\system32\ieUnatt.exe
2009-02-21 12:37 107,888 -------- c:\windows\system32\CmdLineExt.dll
2009-02-15 14:40 262,144 -------- c:\windows\system32\wrap_oal.dll
2009-02-15 14:40 86,016 -------- c:\windows\system32\OpenAL32.dll
2009-02-14 17:18 21,840 -------- c:\windows\system32\SIntfNT.dll
2009-02-14 17:18 17,212 -------- c:\windows\system32\SIntf32.dll
2009-02-14 17:18 12,067 -------- c:\windows\system32\SIntf16.dll
2009-02-13 10:49 72,704 a------- c:\windows\system32\secur32.dll
2009-02-13 10:49 1,255,936 a------- c:\windows\system32\lsasrv.dll
2008-09-12 23:07 665,600 a------- c:\windows\inf\drvindex.dat
2008-09-12 22:50 290,748 a------- c:\windows\inf\perflib\0407\perfi.dat
2008-09-12 22:50 290,748 a------- c:\windows\inf\perflib\0407\perfh.dat
2008-09-12 22:50 36,916 a------- c:\windows\inf\perflib\0407\perfd.dat
2008-09-12 22:50 36,916 a------- c:\windows\inf\perflib\0407\perfc.dat
2008-01-21 04:43 174 a--sh--- c:\program files\desktop.ini
2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 15:48:08,89 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,009 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:04:21 AM

Posted 26 May 2009 - 12:52 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results, click no to the Optional_Scan
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. You can find information on A/V control HERE

Orange Blossom :thumbup2:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,009 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:04:21 AM

Posted 05 June 2009 - 07:12 PM

Due to the lack of feedback, this Topic is now closed.

In case you still have problems, please start a new topic.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users