Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search Engine Redirects and more


  • This topic is locked This topic is locked
2 replies to this topic

#1 Stressed2

Stressed2

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:23 AM

Posted 15 May 2009 - 01:24 PM

Hello, my name is Mark and thanks for looking :thumbup2:

Am running windows xp in an old emachine. google redirects almost all links. am able to progress by copy/paste into address bar. am not able to access and download any updates from microsoft or windows websites. always 'page not available.'

Have been getting corrupt file notice: c:\windows\system32\drivers\sysaudio.sys and now no sound.


Hijack this logs to follow and thanks again.



DDS (Ver_09-05-14.01) - NTFSx86
Run by Mark at 9:29:58.40 on Mon 05/15/2000
Internet Explorer: 6.0.2800.1106
Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1033.18.383.145 [GMT -7:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe
C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\McAfee\McAfee VirusScan\alogserv.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
C:\WINDOWS\Hws5a.exe
C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Mark\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://www.emachines.com/
uInternet Settings,ProxyOverride = localhost
BHO: {4A368E80-174F-4872-96B5-0B27DDD11DB2} - No File
TB: 3DNA Toolbar: {2ecb7fb2-0333-416f-92fd-4904ad49252b} - c:\windows\system32\3DNATO~1.DLL
EB: {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - No File
EB: Media Band: {32683183-48a0-441b-a342-7c2a440a9478} - %SystemRoot%\System32\browseui.dll
EB: {9404901d-06da-4b23-a0ee-3ea4f64ec9b3} - MoneySide
uRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NVMCTRAY.DLL,NvTaskbarInit
uRun: [McAfee.InstantUpdate.Monitor] "c:\program files\mcafee\mcafee shared components\instant updater\RuLaunch.exe" /startmonitor
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Alogserv] c:\program files\mcafee\mcafee virusscan\alogserv.exe
mRun: [McAfee Guardian] "c:\program files\mcafee\mcafee shared components\guardian\CMGrdian.exe" /SU
dRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hws5a.lnk - c:\windows\Hws5a.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\MSMSGS.EXE
LSP: c:\program files\vcom\fix-it\MxAVLsp.dll
DPF: DirectAnimation Java Classes
DPF: Microsoft XML Parser for Java
DPF: {33564D57-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/wmv9dmo.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1113692058284
DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} - hxxp://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
DPF: {9CCE3B43-4DE0-4236-A84E-108CA848EE6A} - hxxp://webcamnow.com/broadcast/ActiveXWebCam.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37864.0124074074
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4416/mcfscan.cab
TCP: NameServer = 85.255.112.98,85.255.112.137
TCP: {24340704-C69A-4D2D-87B9-0A9E0A03EA26} = 85.255.112.98,85.255.112.137
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: g7ps - {9EACF0FB-4FC7-436E-989B-3197142AD979} - c:\progra~1\common~1\g7ps\shared~1\g7psdll\G7PS.dll
SEH: SpywareGuard.Handler: {81559c35-8464-49f7-bb0e-07a383bef910} - c:\program files\spywareguard\spywareguard.dll
SEH: SpySubtract Shell Extension: {fa010552-4a27-4cb1-a1bb-3e2d697f1639} - c:\program files\intermute\spysubtract\sshook.dll
SEH: HookRC Class: {a5780613-492e-4a2a-a7fd-549610edf6cc} - c:\program files\vcom\recovery commander\RCHOOK.DLL

============= SERVICES / DRIVERS ===============

R1 SSHDRV76;SSHDRV76;c:\windows\system32\drivers\SSHDRV76.sys [2005-8-11 53760]
R2 AvSynMgr;AVSync Manager;c:\program files\mcafee\mcafee virusscan\Avsynmgr.exe [2002-1-4 172049]
R2 tmpreflt;tmpreflt;c:\progra~1\vcom\fix-it\tmpreflt.sys [2005-7-28 25088]
R3 McShield;McShield;c:\program files\common files\network associates\mcshield\Mcshield.exe [2002-1-4 225375]
R3 NaiFiltr;NaiFiltr;c:\windows\system32\drivers\NaiFiltr.sys [2003-1-28 23296]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\tffsmon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\tfsysmon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?]
S1 Voodoo3;Voodoo3;c:\windows\system32\drivers\Voodoo3.sys [2003-5-19 82272]
S2 MustekMA1908Driver;MustekMA1908Driver;\??\c:\windows\system32\drivers\ma1908.sys --> c:\windows\system32\drivers\ma1908.sys [?]
S3 3dfxvs;3dfxvs;c:\windows\system32\drivers\3dfxvsm.sys [2003-4-19 148352]
S3 nenum13E;nenum13E;c:\docume~1\mark\locals~1\temp\nenum13E.sys [2003-2-17 31744]
S3 PID_0900_V;Logitech ClickSmart 310(PID_0900_V);c:\windows\system32\drivers\LV551AV.sys [2003-4-25 220079]
S3 SXVCEZDSLGX;SXVCEZDSLGX;c:\docume~1\mark\locals~1\temp\SXVCEZDSLGX.exe [2000-5-13 539520]
S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\tfnetmon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?]

=============== Created Last 30 ================

2000-05-15 08:35 1,622 a------- C:\HijackThis.lnk
2000-05-15 08:35 <DIR> --d----- c:\program files\Trend Micro
2000-05-15 00:21 <DIR> --d----- c:\windows\system32\Res00
2000-05-15 00:21 <DIR> --d----- c:\windows\Vsw
2000-05-15 00:21 <DIR> --d----- c:\program files\common files\Network Associates
2000-05-15 00:09 37,452,296 a------- C:\Ad-AwareAE.exe
2000-05-14 23:19 1,470,537 a------- c:\windows\system32\nvwdmcpl.dll
2000-05-14 23:19 1,126,400 a------- c:\windows\system32\nview.dll
2000-05-14 23:19 741,376 a------- c:\windows\system32\nwiz.exe
2000-05-14 23:19 430,152 a------- c:\windows\system32\nvshell.dll
2000-05-14 23:19 393,216 a------- c:\windows\system32\nvappbar.exe
2000-05-14 23:19 290,816 a------- c:\windows\system32\keystone.exe
2000-05-14 23:19 73,728 a------- c:\windows\system32\nvtuicpl.cpl
2000-05-14 23:11 18,772 a------- c:\windows\system32\nvapps.xml
2000-05-14 23:09 446,464 a------- c:\windows\system32\NVUNINST.EXE
2000-05-14 23:09 <DIR> --d----- C:\NVIDIA
2000-05-14 22:33 13,976 a----r-- c:\windows\system32\drivers\videX32.sys
2000-05-14 22:33 27,904 a----r-- c:\windows\system32\drivers\VIAAGP1.SYS
2000-05-14 22:33 35,840 ac------ c:\windows\system32\dllcache\isapnp.sys
2000-05-14 22:33 35,840 a------- c:\windows\system32\drivers\isapnp.sys
2000-05-14 22:32 <DIR> --d----- c:\program files\VIA
2000-05-14 22:32 331,184 -------- c:\windows\system32\difxapi.dll
2000-05-14 22:27 130,432 a----r-- c:\windows\system32\drivers\Rtnicxp.sys
2000-05-14 22:27 73,728 a----r-- c:\windows\system32\RtNicProp32.dll
2000-05-14 22:27 <DIR> --d----- c:\program files\Realtek
2000-05-14 21:30 577,536 a------- c:\windows\soundman.exe
2000-05-14 21:30 4,122,368 a----r-- c:\windows\system32\drivers\alcxwdm.sys
2000-05-14 21:30 22,016 a------- c:\windows\system32\wdmaud.drv
2000-05-14 21:30 134,272 ac------ c:\windows\system32\dllcache\portcls.sys
2000-05-14 21:30 57,856 ac------ c:\windows\system32\dllcache\drmk.sys
2000-05-14 21:30 134,272 a------- c:\windows\system32\drivers\portcls.sys
2000-05-14 21:30 57,856 a------- c:\windows\system32\drivers\drmk.sys
2000-05-14 21:29 <DIR> --d----- c:\program files\Realtek AC97
2000-05-14 20:48 2,944 ac------ c:\windows\system32\dllcache\msmpu401.sys
2000-05-14 20:48 2,944 a------- c:\windows\system32\drivers\msmpu401.sys
2000-05-14 20:39 49,152 a------- c:\windows\system32\ChCfg.exe
2000-05-14 20:38 10,528,768 a------- c:\windows\system32\RTLCPL.exe
2000-05-14 20:38 141,016 a------- c:\windows\system32\alsndmgr.wav
2000-05-14 20:38 18,804,736 a------- c:\windows\system32\alsndmgr.cpl
2000-05-14 20:38 315,392 a------- c:\windows\alcupd.exe
2000-05-14 20:38 217,088 a------- c:\windows\Alcrmv.exe
2000-05-14 20:38 147,456 a------- c:\windows\system32\RtlCPAPI.dll
2000-05-14 17:27 <DIR> --d----- c:\temp\HP Deskjet 5700 Series
2000-05-14 17:27 <DIR> --d----- c:\temp\Intel PC Camera Pro#2
2000-05-14 17:27 <DIR> --d----- c:\temp\Intel PC Camera Pro#1
2000-05-14 17:27 <DIR> --d----- c:\temp\Intel PC Camera Pro
2000-05-14 17:27 <DIR> --d----- c:\temp\Logitech WingMan Force 3D USB#2
2000-05-14 17:27 <DIR> --d----- c:\temp\Logitech WingMan Force 3D USB#1
2000-05-14 17:27 <DIR> --d----- c:\temp\Logitech WingMan Force 3D USB
2000-05-14 17:26 <DIR> --d----- c:\temp\Logitech ClickSmart 310 (Digital Camera)
2000-05-14 17:26 <DIR> --d----- c:\temp\Logitech USB Camera (ClickSmart 310)
2000-05-14 17:26 <DIR> --d----- c:\temp\Logitech ClickSmart 310
2000-05-14 17:26 <DIR> --d----- c:\temp\KODAK CX7300 Zoom Digital Camera#2
2000-05-14 17:26 <DIR> --d----- c:\temp\KODAK CX7300 Zoom Digital Camera#1
2000-05-14 17:26 <DIR> --d----- c:\temp\USB Printing Support
2000-05-14 17:26 <DIR> --d----- c:\temp\KODAK CX7300 Zoom Digital Camera
2000-05-14 17:26 <DIR> --d----- c:\temp\USB Root Hub#3
2000-05-14 17:26 <DIR> --d----- c:\temp\USB Root Hub#2
2000-05-14 17:26 <DIR> --d----- c:\temp\USB Root Hub#1
2000-05-14 17:26 <DIR> --d----- c:\temp\USB Root Hub
2000-05-14 17:26 <DIR> --d----- c:\temp\Microsoft WINMM WDM Audio Compatibility Driver
2000-05-14 17:26 <DIR> --d----- c:\temp\Microsoft Kernel System Audio Device
2000-05-14 17:26 <DIR> --d----- c:\temp\Generic volume
2000-05-14 17:26 <DIR> --d----- c:\temp\Terminal Server Mouse Driver
2000-05-14 17:26 <DIR> --d----- c:\temp\Terminal Server Keyboard Driver
2000-05-14 17:26 <DIR> --d----- c:\temp\Plug and Play Software Device Enumerator
2000-05-14 17:26 <DIR> --d----- c:\temp\Microcode Update Device
2000-05-14 17:26 <DIR> --d----- c:\temp\Logitech Virtual Bus Enumerator
2000-05-14 17:26 <DIR> --d----- c:\temp\WAN Miniport (PPTP)
2000-05-14 17:26 <DIR> --d----- c:\temp\WAN Miniport (PPPOE)
2000-05-14 17:26 <DIR> --d----- c:\temp\WAN Miniport (L2TP)
2000-05-14 17:26 <DIR> --d----- c:\temp\WAN Miniport (IP)
2000-05-14 17:26 <DIR> --d----- c:\temp\Volume Manager
2000-05-14 17:26 <DIR> --d----- c:\temp\Video Codecs
2000-05-14 17:26 <DIR> --d----- c:\temp\Packet Scheduler Miniport#1
2000-05-14 17:26 <DIR> --d----- c:\temp\Packet Scheduler Miniport
2000-05-14 17:26 <DIR> --d----- c:\temp\Media Control Devices
2000-05-14 17:26 <DIR> --d----- c:\temp\Legacy Video Capture Devices
2000-05-14 17:26 <DIR> --d----- c:\temp\Legacy Audio Drivers
2000-05-14 17:26 <DIR> --d----- c:\temp\Direct Parallel
2000-05-14 17:26 <DIR> --d----- c:\temp\Audio Codecs
2000-05-14 17:26 <DIR> --d----- c:\temp\Secondary IDE Channel
2000-05-14 17:26 <DIR> --d----- c:\temp\Primary IDE Channel
2000-05-14 17:26 <DIR> --d----- c:\temp\ACPI Uniprocessor PC
2000-05-14 17:25 <DIR> --d----- c:\temp\VIA Standard PCI to ISA Bridge
2000-05-14 17:25 <DIR> --d----- c:\temp\VIA Standard CPU to PCI Bridge
2000-05-14 17:25 <DIR> --d----- c:\temp\VIA CPU to AGP Controller
2000-05-14 17:25 <DIR> --d----- c:\temp\Standard Enhanced PCI to USB Host Controller
2000-05-14 17:25 <DIR> --d----- c:\temp\VIA Rev 5 or later USB Universal Host Controller#2
2000-05-14 17:25 <DIR> --d----- c:\temp\VIA Rev 5 or later USB Universal Host Controller#1
2000-05-14 17:25 <DIR> --d----- c:\temp\VIA Rev 5 or later USB Universal Host Controller
2000-05-14 17:25 <DIR> --d----- c:\temp\VIA Bus Master IDE Controller
2000-05-14 17:25 <DIR> --d----- c:\temp\Realtek RTL8139 810x Family Fast Ethernet NIC
2000-05-14 17:24 <DIR> --d----- c:\temp\Unimodem Half-Duplex Audio Device
2000-05-14 17:24 <DIR> --d----- c:\temp\Printer Port Logical Interface
2000-05-14 17:24 <DIR> --d----- c:\temp\NVIDIA GeForce FX 5200 Ultra
2000-05-14 17:24 <DIR> --d----- c:\temp\56Kbps Internal Modem
2000-05-14 17:24 <DIR> --d----- c:\temp\Logitech Virtual Hid Device#1
2000-05-14 17:24 <DIR> --d----- c:\temp\Logitech Virtual Hid Device
2000-05-14 17:24 <DIR> --d----- c:\temp\ISAPNP Read Data Port
2000-05-14 17:24 <DIR> --d----- c:\temp\Disk drive
2000-05-14 17:24 <DIR> --d----- c:\temp\CD-ROM Drive
2000-05-14 17:24 <DIR> --d----- c:\temp\Logitech WingMan Force 3D USB (HID)#2
2000-05-14 17:24 <DIR> --d----- c:\temp\Logitech WingMan Force 3D USB (HID)#1
2000-05-14 17:23 <DIR> --d----- c:\temp\PS 2 Compatible Mouse
2000-05-14 17:23 <DIR> --d----- c:\temp\Plug and Play Monitor
2000-05-14 17:23 <DIR> --d----- c:\temp\Numeric data processor
2000-05-14 17:23 <DIR> --d----- c:\temp\Motherboard resources#1
2000-05-14 17:23 <DIR> --d----- c:\temp\Microsoft ACPI-Compliant System
2000-05-14 17:23 <DIR> --d----- c:\temp\Logitech WingMan Force 3D USB (HID)
2000-05-14 17:23 <DIR> --d----- c:\temp\Floppy disk drive
2000-05-14 17:23 <DIR> --d----- c:\temp\ACPI Thermal Zone
2000-05-14 17:23 <DIR> --d----- c:\temp\ACPI Power Button
2000-05-14 17:23 <DIR> --d----- c:\temp\ACPI Fan
2000-05-14 17:23 <DIR> --d----- c:\temp\System timer
2000-05-14 17:23 <DIR> --d----- c:\temp\System speaker
2000-05-14 17:23 <DIR> --d----- c:\temp\System CMOS real time clock
2000-05-14 17:23 <DIR> --d----- c:\temp\System board
2000-05-14 17:23 <DIR> --d----- c:\temp\Standard floppy disk controller
2000-05-14 17:23 <DIR> --d----- c:\temp\Standard 101 102-Key or Microsoft Natural PS 2 Keyboard
2000-05-14 17:23 <DIR> --d----- c:\temp\Programmable interrupt controller
2000-05-14 17:23 <DIR> --d----- c:\temp\PCI bus
2000-05-14 17:23 <DIR> --d----- c:\temp\Motherboard resources
2000-05-14 17:23 <DIR> --d----- c:\temp\ECP Printer Port
2000-05-14 17:23 <DIR> --d----- c:\temp\Direct memory access controller
2000-05-14 17:23 <DIR> --d----- c:\temp\Communications Port
2000-05-14 17:23 <DIR> --d----- c:\temp\ACPI Fixed Feature Button
2000-05-14 17:23 <DIR> --d----- c:\temp\AMD K7 Processor
2000-05-14 17:15 427,864 a------- c:\windows\system32\XceedZip.dll
2000-05-14 17:15 <DIR> --d----- c:\program files\Driver-Soft
2000-05-14 07:01 <DIR> --d----- c:\docume~1\alluse~1\applic~1\semasowa
2000-05-14 07:01 <DIR> --d----- c:\docume~1\alluse~1\applic~1\gijiyeli
2000-05-13 21:16 0 a------- c:\windows\system32\YBZRSIIPCV
2000-05-13 17:18 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Drivers HeadQuarters
2000-05-13 15:48 <DIR> --d----- c:\docume~1\alluse~1\applic~1\seretisa
2000-05-13 15:48 <DIR> --d----- c:\docume~1\alluse~1\applic~1\hovolile
2000-05-13 15:48 <DIR> --d----- c:\docume~1\alluse~1\applic~1\hofalobu
2000-05-13 15:47 <DIR> --d----- c:\docume~1\alluse~1\applic~1\vujigami
2000-05-13 15:47 <DIR> --d----- c:\docume~1\alluse~1\applic~1\memezori
2000-05-13 15:47 <DIR> --d----- c:\docume~1\alluse~1\applic~1\boliraka
2000-05-13 15:47 <DIR> --d----- c:\docume~1\alluse~1\applic~1\yuhodose
2000-05-13 15:47 <DIR> --d----- c:\docume~1\alluse~1\applic~1\rezizafo
2000-05-13 15:47 <DIR> --d----- c:\docume~1\alluse~1\applic~1\jinuyeju
2000-05-12 00:16 0 a------- c:\windows\Setup32.INI
2000-05-12 00:16 0 a------- c:\windows\PowerReg.dat
2000-05-12 00:16 0 a------- c:\windows\MSDraw.ini
2000-05-12 00:16 0 a------- c:\windows\Mailmark.ini
2000-05-12 00:16 0 a------- c:\windows\iPlayer.INI
2000-05-12 00:16 0 a------- c:\windows\control.ini
2000-05-12 00:16 0 a------- c:\windows\CONTROL.CNM
2000-05-12 00:16 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Tools
2000-05-11 22:57 248 a------- c:\windows\system.ini
2000-05-11 22:43 <DIR> --dshr-- C:\_Backup.RC
2000-05-11 22:40 <DIR> --d----- c:\windows\81EF33FEAEA4463D9CC1188B32023ADF.TMP
2000-05-11 20:12 23,600 a------- c:\windows\system32\drivers\TVICHW32.SYS
2000-05-11 19:26 56,832 a------- c:\windows\system32\drivers\SETD2.tmp
2000-05-11 19:14 56,832 a------- c:\windows\system32\drivers\SET2E.tmp
2000-05-11 19:13 56,832 a------- c:\windows\system32\drivers\SET2C.tmp
2000-05-11 19:13 56,832 a------- c:\windows\system32\drivers\SET2A.tmp
2000-05-11 19:13 56,832 a------- c:\windows\system32\drivers\SET28.tmp
2000-05-11 19:12 56,832 a------- c:\windows\system32\drivers\SET26.tmp
2000-05-11 19:12 56,832 a------- c:\windows\system32\drivers\SET24.tmp
2000-05-10 20:49 <DIR> --d----- c:\docume~1\alluse~1\applic~1\yihazuso
2000-05-10 20:49 <DIR> --d----- c:\docume~1\alluse~1\applic~1\wuyamoba
2000-05-10 20:49 <DIR> --d----- c:\docume~1\alluse~1\applic~1\nefuwipi
2000-05-10 20:49 <DIR> --d----- c:\docume~1\alluse~1\applic~1\kesekepe
2000-05-10 20:49 <DIR> --d----- c:\docume~1\alluse~1\applic~1\jezemimu
2000-05-10 20:49 <DIR> --d----- c:\docume~1\alluse~1\applic~1\jejobadi
2000-05-05 19:17 <DIR> --d----- c:\docume~1\alluse~1\applic~1\wohupuda
2000-05-05 19:17 <DIR> --d----- c:\docume~1\alluse~1\applic~1\runivito
2000-05-05 19:17 <DIR> --d----- c:\docume~1\alluse~1\applic~1\hobavana
2000-05-03 15:37 <DIR> --d----- c:\docume~1\alluse~1\applic~1\tehomake
2000-05-03 15:37 <DIR> --d----- c:\docume~1\alluse~1\applic~1\mulifadu
2000-05-03 15:37 <DIR> --d----- c:\docume~1\alluse~1\applic~1\luyehije
2000-05-03 15:36 <DIR> --d----- c:\docume~1\alluse~1\applic~1\yiwuyipa
2000-05-03 15:36 <DIR> --d----- c:\docume~1\alluse~1\applic~1\sehajiwi
2000-05-03 15:36 <DIR> --d----- c:\docume~1\alluse~1\applic~1\ketedoti
2000-05-03 15:36 <DIR> --d----- c:\docume~1\alluse~1\applic~1\delidubu

==================== Find3M ====================

2000-05-11 18:18 65,536 a------- c:\windows\DUMPb594.tmp
2000-05-05 16:07 65,536 a------- c:\windows\DUMPcda0.tmp
2000-04-25 10:10 19,968 -------- c:\windows\system32\Cpuinf32.dll
2000-04-14 12:24 133,120 a------- c:\windows\system32\sprof32.dll
2000-04-14 12:23 197,632 a------- c:\windows\system32\kpcp32.dll
2000-04-14 12:23 37,376 a------- c:\windows\system32\kpsys32.dll
2000-04-14 12:23 19,456 a------- c:\windows\system32\kcm2sp.dll
2000-04-12 12:25 118,784 a------- c:\windows\ShowBmp.exe

============= FINISH: 9:30:19.06 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 SifuMike

SifuMike

    malware expert


  • Staff Emeritus
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:02:23 AM

Posted 24 May 2009 - 04:04 PM

Hello Stressed2,


I see Viewpoint installed.
Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad".

This will change from what we know in 2006 read this article: http://www.clickz.com/news/article.php/3561546

I suggest you remove the program now, if you did not install it.

Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present.

Viewpoint
Viewpoint Manager
Viewpoint Media Player


If you uninstalled, please navigate to and delete the following folders
C:\Program Files\Viewpoint



Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

Updating Java:
  • Download the latest version of Java SE Runtime Environment (JRE) 6 Update 13.
  • Click the "Download" button to the right.
  • At the Select Platform and Language for your download drop down box
    Select Windows and Mult-Language
  • Check the box that says: "Accept License Agreement" then press Continue ( Selecting Windows will give you the 32 bit version. )
  • The page will refresh.
  • Click on the link to download Windows Offline Installation, Multi-language jre-6u13-windows-i586-p.exe and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
    Examples of older versions in Add or Remove Programs:
    Java 2 Runtime Environment Standard Edition v1.3.1_02
    Java 2 Runtime Environment, SE v1.4.2
    J2SE Runtime Environment 5.0
    J2SE Runtime Environment 5.0 Update 6
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u13-windows-i586-p.exe to install the newest version.


Download Security Check by screen317 from here or here.
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt.
Please post the contents of that document.



Please download Malwarebytes' Anti-Malware from one of these places:
http://download.cnet.com/Malwarebytes-Anti...&tag=button
http://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.html
http://www.besttechie.net/mbam/mbam-setup.exe

Double Click mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform Quick Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy&Paste the entire MBAM report (even if it does not find anything) in your next reply along with a fresh HijackThis log.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

Edited by SifuMike, 24 May 2009 - 04:07 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 SifuMike

SifuMike

    malware expert


  • Staff Emeritus
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:02:23 AM

Posted 30 May 2009 - 01:50 PM

This thread will now be closed due to lack of feedback.
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users