Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

954625898.exe


  • This topic is locked This topic is locked
2 replies to this topic

#1 teryaki

teryaki

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:46 PM

Posted 29 May 2009 - 02:15 PM

DDS (Ver_09-05-14.01) - FAT32x86
Run by xbox at 14:11:18.87 on Fri 05/29/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_05
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1470.739 [GMT -5:00]

AV: BitDefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: BitDefender Firewall *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
SVCHOST.EXE
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
SVCHOST.EXE
SVCHOST.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\DCPFLICS\dcpflics.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\DOCUME~1\XBOX~1.BED\LOCALS~1\Temp\954625898.exe
C:\Documents and Settings\xbox.BEDROOM\Desktop\dds.scr

============== Pseudo HJT Report ===============

mWinlogon: UIHost=c:\windows\system32\logonuiX.exe
BHO: c:\windows\system32\jkshfuiehi.dll: {c2ba40a1-74f3-42bd-f434-12345a2c8953} - c:\windows\system32\jkshfuiehi.dll
uRun: [PSP_Media_Server_3] "c:\program files\psp media server\XCom Media Server.exe" /background
uRun: [Diagnostic Manager] c:\docume~1\xbox~1.bed\locals~1\temp\954625898.exe
uPolicies-explorer: NoFolderOptions = 1 (0x1)
uPolicies-system: DisableRegistryTools = 1 (0x1)
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
Notify: AtiExtEvent - Ati2evxx.dll
Notify: WBSrv - c:\progra~1\stardock\object~2\window~1\wbsrv.dll
AppInit_DLLs: c:\windows\system32\rafomife.dll c:\windows\system32\sidikeyu.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\sidikeyu.dll
STS: STS: {ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} - c:\windows\system32\sidikeyu.dll
STS: c:\windows\system32\jkshfuiehi.dll: {c2ba40a1-74f3-42bd-f434-12345a2c8953} - c:\windows\system32\jkshfuiehi.dll
LSA: Notification Packages = scecli c:\windows\system32\rafomife.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\xbox~1.bed\applic~1\mozilla\firefox\profiles\kg0br8uv.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: c:\documents and settings\xbox.bedroom\application data\mozilla\firefox\profiles\kg0br8uv.default\extensions\{16f796dd-a279-4548-9b3a-393d1eef31df}\components\imageassistant.dll
FF - plugin: c:\documents and settings\all users.windows\application data\id software\quakelive\npquakezero.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nphssb.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPXStandard.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll

============= SERVICES / DRIVERS ===============

R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2009-1-2 100368]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2009-1-2 41680]
R2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [2009-5-12 2789672]
R3 amdtools;AMD Special Tools Driver;c:\windows\system32\drivers\AmdTools.sys [2007-9-10 29696]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2009-4-3 28672]
R3 padenum;Enumerador de dispositivos de NTPAD;c:\windows\system32\drivers\padenum.sys [2007-11-29 10624]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [2009-5-12 15656]
S3 MAC607;MAC607 Filter;c:\windows\system32\drivers\MAC607.sys [2007-9-24 22144]
S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys --> c:\windows\system32\drivers\NPF.sys [?]
S3 PsSdk30;PsSdk30;\??\c:\windows\system32\drivers\pssdk30.drv --> c:\windows\system32\drivers\PsSdk30.drv [?]
S3 samhid;samhid;c:\windows\system32\drivers\Samhid.sys [2007-9-2 7548]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\vboxnetflt.sys --> c:\windows\system32\drivers\VBoxNetFlt.sys [?]
S3 VBoxUSB;VirtualBox USB;c:\windows\system32\drivers\VBoxUSB.sys [2009-1-2 31824]
S3 VendorJoystickEnabler;Driver para joystick paralelo de consola;c:\windows\system32\drivers\NTPAD.sys [2007-11-29 20992]
S3 XBMemory;XBox Memory Card Module;c:\windows\system32\drivers\XBMemory.sys [2004-6-14 7168]
S3 XBox;XBox Filter;c:\windows\system32\drivers\Xbox.sys [2007-9-24 22528]
S3 xbreader;MaxDrive XBox Driver (xbreader.sys);c:\windows\system32\drivers\xbreader.sys [2001-1-2 19677]
S3 ZD1201U(ZyXEL);ZyAIR B-220 IEEE 802.11b Wireless LAN Driver (USB)(ZyXEL);c:\windows\system32\drivers\ZD1201U.sys [2007-8-30 55168]
S3 ZDNDIS5;ZDNDIS5 NDIS Protocol Driver;c:\windows\system32\ZDNDIS5.sys [2007-8-30 15872]
S4 CCProxy;CCProxy;c:\ccproxy\CCProxy.exe [2009-4-7 1040384]
S4 ccXgui;ccXgui;c:\program files\ccxgui\ccXservice.exe [2004-4-23 173568]
S4 FCI;FCI;c:\windows\system32\fci.exe.exe:ext.exe --> c:\windows\system32\fci.exe.exe:ext.exe [?]
S4 MediaMall Server;MediaMall Server;c:\program files\mediamall\MediaMallServer.exe [2009-4-4 2599424]
S4 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit;c:\program files\autodesk\3ds max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [2008-3-10 65536]
S4 VRaySpawner 90;VRaySpawner 90;c:\program files\autodesk\3ds max 9\vrayspawner90.exe [2007-9-3 118784]

=============== Created Last 30 ================

2009-05-26 19:01 <DIR> --d----- c:\docume~1\xbox~1.bed\applic~1\Aston
2009-05-21 15:15 <DIR> --d----- c:\program files\AliveMedia
2009-05-20 16:52 <DIR> --d----- c:\program files\PiMPWare
2009-05-16 20:26 <DIR> --ds---- c:\documents and settings\xbox.bedroom\UserData
2009-05-16 16:04 <DIR> --d----- c:\program files\Key Server
2009-05-15 16:05 <DIR> --d----- c:\program files\Disk Heal
2009-05-14 21:32 <DIR> --d----- c:\program files\PSP Pandora Deluxe
2009-05-14 19:38 <DIR> --d-h--- c:\windows\system32\GroupPolicy
2009-05-14 19:37 <DIR> --d----- c:\windows\system32\Group Policy
2009-05-14 19:36 566,784 a------- c:\windows\system32\gpedit.dll
2009-05-14 19:36 295,936 a------- c:\windows\system32\appmgr.dll
2009-05-14 19:36 199,680 a------- c:\windows\system32\gptext.dll
2009-05-14 19:36 167,936 a------- c:\windows\system32\appmgmts.dll
2009-05-14 19:36 124,928 a------- c:\windows\system32\fde.dll
2009-05-14 19:36 73,728 a------- c:\windows\system32\fdeploy.dll
2009-05-14 19:36 34,871 a------- c:\windows\system32\gpedit.msc
2009-05-14 17:52 <DIR> --d----- c:\docume~1\xbox~1.bed\applic~1\Azureus
2009-05-13 20:22 102,664 a------- c:\windows\system32\drivers\tmcomm.sys
2009-05-13 20:21 <DIR> --d----- c:\documents and settings\xbox.bedroom\.housecall6.6
2009-05-12 15:46 <DIR> --d----- c:\docume~1\xbox~1.bed\applic~1\WTablet
2009-05-12 15:46 6,561,064 a------- c:\windows\system32\WacomTablet.cpl
2009-05-12 15:46 1,651,768 a------- c:\windows\system32\WacomTablet.znc
2009-05-12 15:45 11,440 a------- c:\windows\system32\drivers\WacomVKHid.sys
2009-05-12 15:45 13,352 a------- c:\windows\system32\drivers\wacomvhid.sys
2009-05-12 15:45 11,312 a------- c:\windows\system32\drivers\wacommousefilter.sys
2009-05-12 15:45 15,656 a------- c:\windows\system32\drivers\wacmoumonitor.sys
2009-05-12 15:45 <DIR> --d----- c:\windows\system32\WTablet
2009-05-12 15:45 2,789,672 a------- c:\windows\system32\Wacom_Tablet.exe
2009-05-12 15:45 213,288 a------- c:\windows\system32\Wacom_Tablet.dll
2009-05-12 15:45 172,840 a------- c:\windows\system32\Wintab32.dll
2009-05-12 15:44 <DIR> --d----- c:\program files\Tablet
2009-05-10 18:23 <DIR> --d----- c:\program files\common files\Hewlett-Packard
2009-05-10 18:13 102,262 a------- c:\windows\hpoins05.dat
2009-05-10 18:13 17,505 -------- c:\windows\hpomdl07.dat
2009-05-10 17:49 278,584 a------- c:\windows\system32\HPZidr12.dll
2009-05-10 17:49 204,800 a------- c:\windows\system32\HPZipr12.dll
2009-05-10 17:49 94,208 a------- c:\windows\system32\HPZipt12.dll
2009-05-10 17:49 69,632 a------- c:\windows\system32\HPZipm12.exe
2009-05-10 17:49 61,440 a------- c:\windows\system32\HPZinw12.exe
2009-05-10 17:49 57,344 a------- c:\windows\system32\HPZisn12.dll
2009-05-10 17:43 <DIR> --d----- c:\program files\HP
2009-05-10 17:43 51,120 a------- c:\windows\system32\drivers\HPZid412.sys
2009-05-10 17:43 21,744 a------- c:\windows\system32\drivers\HPZius12.sys
2009-05-10 17:43 16,496 a------- c:\windows\system32\drivers\HPZipr12.sys
2009-05-10 17:42 606,208 a------- c:\windows\system32\hpotscl.dll
2009-05-10 17:42 278,528 a------- c:\windows\system32\hpgwiamd.dll
2009-05-10 17:42 274,432 a------- c:\windows\system32\HPZc3212.dll
2009-05-10 17:42 258,122 a------- c:\windows\system32\hpovst08.dll
2009-05-10 17:42 98,304 a------- c:\windows\system32\hpzjsn01.dll
2009-05-10 17:42 393,216 a------- c:\windows\system32\hpzcon12.dll
2009-05-10 17:42 196,608 a------- c:\windows\system32\hpzcoi12.dll
2009-05-10 17:42 180,315 a------- c:\windows\system32\hpzsnt12.dll
2009-05-10 17:42 <DIR> --d----- c:\temp\HP_WebRelease
2009-05-09 21:45 <DIR> --d----- c:\program files\Windows Resource Kits
2009-05-06 08:36 2,098 ---sh--- c:\windows\system32\wuyowoli.exe
2009-05-05 18:02 698,368 a------- C:\ZsnexBox 3.5.7z
2009-05-05 18:00 4,490,164 a------- C:\mednafenx_nes_v10.zip
2009-05-05 18:00 2,581,886 a------- C:\Nester-X.0.23.rar
2009-05-05 17:51 4,986,701 a------- C:\neogenesis_v23.zip
2009-05-05 17:43 <DIR> --d----- c:\docume~1\xbox~1.bed\applic~1\Xbins
2009-05-05 14:35 0 a------- c:\windows\mqcd.dbt
2009-05-05 14:34 28,672 a------- c:\windows\system32\inqby.sr
2009-05-05 14:34 32,768 a------- c:\windows\system32\ferryl.cbv
2009-05-05 14:34 32,768 a------- c:\windows\system32\fairy.an
2009-05-05 14:34 28,672 a------- c:\windows\system32\dolman.zt
2009-05-05 14:34 79,360 a------- c:\windows\system32\ashl.nq
2009-05-05 14:34 262,144 a------- c:\windows\system32\nvrsk.dll
2009-05-05 14:33 <DIR> --d----- c:\windows\system32\lowsec
2009-05-05 14:33 15,000 a------- c:\windows\system32\jkshfuiehi.dll
2009-05-05 00:12 2,098 ---sh--- c:\windows\system32\puroyeki.exe
2009-05-02 20:14 <DIR> --d----- c:\docume~1\xbox~1.bed\applic~1\PSPDocMaker
2009-05-02 20:10 1,875,110 a------- c:\windows\system\cygwin1.dll
2009-05-02 20:10 66,048 a------- c:\windows\system\cygz.dll
2009-05-02 16:44 32,768 a------- C:\mspformat.exe
2009-05-02 16:44 32,768 a------- C:\msinst.exe
2009-05-01 03:27 <DIR> --d----- C:\Mac OS X Leopard
2009-05-01 03:16 <DIR> --d----- c:\program files\Cricut Software
2009-05-01 01:50 <DIR> --d----- c:\program files\Craft Edge
2009-05-01 01:49 202,048 a------- c:\windows\system32\ftd2xx.dll
2009-05-01 01:49 111,936 a------- c:\windows\system32\ftbusui.dll
2009-05-01 01:49 107,840 a------- c:\windows\system32\FTLang.dll
2009-05-01 01:49 71,488 a------- c:\windows\system32\drivers\ftser2k.sys
2009-05-01 01:49 53,184 a------- c:\windows\system32\drivers\ftdibus.sys
2009-05-01 01:49 47,432 a------- c:\windows\system32\ftserui2.dll
2009-05-01 01:05 1,024 a------- C:\.rnd
2009-04-30 22:26 <DIR> --d----- c:\program files\FontLab
2009-04-30 18:10 <DIR> --d----- c:\program files\CCleaner

==================== Find3M ====================

2009-05-28 14:31 512,632 a------- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-05-16 17:06 5,889,536 a------- c:\windows\system32\logonuiX.exe
2009-05-09 21:46 79,111 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-05-05 14:34 577,536 a------- c:\windows\system32\user32.DLL
2009-05-05 14:34 577,536 a------- c:\windows\system32\dllcache\user32.dll
2009-05-02 18:09 50,688 a--sh--- c:\windows\system32\kugakedu.exe
2009-05-02 06:08 52,224 a--sh--- c:\windows\system32\lonayemu.exe
2009-05-01 18:09 52,224 a--sh--- c:\windows\system32\kiyajeru.exe
2009-04-30 17:46 51,712 a--sh--- c:\windows\system32\ziyojozi.exe
2009-03-05 23:59 1,900,544 a------- c:\windows\system32\usbaaplrc.dll
2009-02-28 17:21 107,832 a------- c:\windows\system32\PnkBstrB.exe
2009-02-28 17:20 2,246,144 a------- c:\windows\system32\pbsvc.exe
2009-02-28 17:20 66,872 a------- c:\windows\system32\PnkBstrA.exe
2009-01-31 18:41 123,976 a------- c:\program files\KrakatoaTempLog.log
2007-09-09 05:56 411,248 a------- c:\program files\FLV PlayerRCSetup.exe
2007-08-30 16:37 278,927,592 a------- c:\program files\WindowsXP-KB835935-SP2-ENU.exe
2007-08-04 11:26 10,302,976 a------- c:\program files\CJXP600LE.exe
2007-05-13 14:17 21,888 a------- c:\windows\inf\hopperp.sys
2007-03-09 00:12 27,648 a--sh--- c:\windows\system32\AVSredirect.dll

============= FINISH: 14:11:42.21 ===============

BC AdBot (Login to Remove)

 


#2 teryaki

teryaki
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:46 PM

Posted 29 May 2009 - 07:38 PM

:thumbup2: Combofix took care of it thx anyway. CLOSE ME.

#3 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Members
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the &quot;Logic Free Zone&quot;, in Md, USA
  • Local time:02:46 PM

Posted 29 May 2009 - 07:40 PM

Thanks for informing us.

Good luck.

This Topic is closed.

Should you need it reopened, please contact a Forum Moderator. Include the address of this thread in your request.

If you have a new issue, please start a New Topic.

This applies only to the original poster. Everyone else please begin a New Topic.

R,
K
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users