Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

winbluesoft hjt logs


  • This topic is locked This topic is locked
2 replies to this topic

#1 kylebrooks

kylebrooks

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:49 PM

Posted 11 June 2009 - 07:54 PM

This is the hjt/dds logs that came up. Any and all help is greatly appreciated. It's winbluesoft. the program itself is deleted was sent here from another post


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-05-14.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 3/18/2009 12:48:19 AM
System Uptime: 6/11/2009 7:14:03 PM (0 hours ago)

Motherboard: Quanta | | 30D1
Processor: AMD Turion™ 64 X2 Mobile Technology TL-58 | Socket S1 | 1900/200mhz
Processor: AMD Turion™ 64 X2 Mobile Technology TL-58 | Socket S1 | 1900/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 298 GiB total, 286.989 GiB free.
D: is FIXED (NTFS) - 149 GiB total, 40.451 GiB free.
E: is CDROM ()
F: is FIXED (NTFS) - 149 GiB total, 148.956 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP47: 3/20/2009 7:36:59 PM - Update to an unsigned driver
RP48: 3/20/2009 7:58:29 PM - Installed Windows XP KB888111WXPSP2.
RP49: 3/23/2009 9:34:02 PM - Installed Microsoft Office Outlook Connector
RP50: 3/24/2009 7:11:50 AM - Installed RICOH R5C853 Driver Ver.1.00.02
RP51: 3/24/2009 5:06:24 AM - System Checkpoint
RP52: 3/26/2009 12:57:44 AM - Avg8 Update
RP53: 3/31/2009 9:38:15 AM - System Checkpoint
RP54: 4/1/2009 9:39:00 AM - System Checkpoint
RP55: 4/2/2009 10:07:26 AM - System Checkpoint
RP56: 4/2/2009 10:47:20 PM - Removed Microsoft Office Outlook Connector
RP57: 4/2/2009 10:47:31 PM - Installed Microsoft Office Outlook Connector
RP58: 4/3/2009 10:02:29 AM - Installed Windows Media Player Firefox Plugin
RP59: 4/6/2009 9:34:53 PM - System Checkpoint
RP60: 4/8/2009 3:08:48 PM - System Checkpoint
RP61: 4/9/2009 3:32:53 PM - System Checkpoint
RP62: 4/14/2009 8:16:01 AM - System Checkpoint
RP63: 4/15/2009 8:22:54 AM - System Checkpoint
RP64: 4/16/2009 8:44:58 AM - System Checkpoint
RP65: 4/16/2009 8:47:52 AM - Avg8 Update
RP66: 4/16/2009 9:05:49 AM - Installed Compatibility Pack for the 2007 Office system
RP67: 4/18/2009 6:00:03 PM - System Checkpoint
RP68: 4/20/2009 9:03:50 AM - System Checkpoint
RP69: 4/21/2009 9:11:35 AM - System Checkpoint
RP70: 4/23/2009 11:38:04 AM - System Checkpoint
RP71: 4/27/2009 12:37:27 PM - System Checkpoint
RP72: 4/29/2009 9:46:04 AM - System Checkpoint
RP73: 4/30/2009 2:53:27 PM - System Checkpoint
RP74: 5/2/2009 2:47:08 PM - System Checkpoint
RP75: 5/5/2009 12:19:00 PM - System Checkpoint
RP76: 5/10/2009 1:38:47 PM - System Checkpoint
RP77: 5/13/2009 10:36:06 AM - Avg8 Update
RP78: 5/13/2009 10:37:52 AM - Avg8 Update
RP79: 5/18/2009 5:20:00 PM - Avg8 Update
RP80: 5/18/2009 5:20:47 PM - Avg8 Update
RP81: 5/22/2009 6:21:15 PM - System Checkpoint
RP82: 5/23/2009 12:55:18 PM - Installed RICOH R5C853 Driver Ver.1.00.02
RP83: 5/24/2009 1:03:18 PM - System Checkpoint
RP84: 5/25/2009 1:07:06 PM - System Checkpoint
RP85: 5/26/2009 1:15:18 PM - System Checkpoint
RP86: 5/27/2009 2:03:17 PM - System Checkpoint
RP87: 5/28/2009 8:00:49 PM - System Checkpoint
RP88: 5/29/2009 8:59:04 PM - System Checkpoint
RP89: 5/31/2009 10:33:37 AM - System Checkpoint
RP90: 6/1/2009 10:58:22 AM - System Checkpoint
RP91: 6/2/2009 12:18:06 PM - System Checkpoint

==== Installed Programs ======================

Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.0
Ask Toolbar
AVG Free 8.5
Compatibility Pack for the 2007 Office system
Conexant HD Audio
Crystal Eye Webcam
DAO 3.5
Design & Print, Business Edition
DriverAgent by eSupport.com
DriverAgent Installer by eSupport.com
DVDConv
EMS Free Surfer Companion 1.3.0.0
GoToMeeting 4.1.0.366
HDAUDIO Soft Data Fax Modem with SmartCP
HP Quick Launch Buttons 6.40 F1
HP Update
HP Wireless Assistant
J2SE Runtime Environment 5.0 Update 4
Java™ 6 Update 11
LightScribe System Software 1.10.19.1
LimeWire PRO 5.1.2
LiveReg (Symantec Corporation)
LiveUpdate 1.80 (Symantec Corporation)
Logitech Harmony Remote Software 7
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office Outlook Connector
Microsoft Office Professional Edition 2003
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.0.10)
MySoftware Fonts
NetWaiting
Norton CleanSweep
Norton Speed Disk 7.0 for Windows NT
Norton SystemWorks 2003
Norton Utilities 2003 for Windows
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
Personal License Update Wizard for Windows Media Player
Quicken Basic 2000
Remote Control USB Driver
RICOH R5C853 Driver Ver.1.00.02
Spyware Doctor 6.0
Synaptics Pointing Device Driver
Update for Windows XP (KB911164)
WebFldrs XP
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player Firefox Plugin

==== Event Viewer Messages From Past Week ========

6/9/2009 9:16:31 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
6/9/2009 9:15:25 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AvgLdx86 AvgMfx86 Fips Processor
6/9/2009 9:14:21 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
6/5/2009 6:40:43 PM, error: Disk [11] - The driver detected a controller error on \Device\Harddisk0\D.
6/5/2009 12:33:04 AM, error: Service Control Manager [7000] - The XAudioService service failed to start due to the following error: %1 is not a valid Win32 application.
6/11/2009 7:12:53 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AvgLdx86 AvgMfx86 AvgTdiX Fips IPSec MRxSmb NetBIOS NetBT Processor RasAcd Rdbss Tcpip WS2IFSL
6/11/2009 7:12:53 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
6/11/2009 7:12:53 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
6/11/2009 7:12:53 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
6/11/2009 7:12:53 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
6/11/2009 7:11:47 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

==== End Of File ===========================



DDS (Ver_09-05-14.01) - NTFSx86
Run by at 19:41:23.57 on Thu 06/11/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3263.2764 [GMT -5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\Kyle\Desktop\bleep.scr

============== Pseudo HJT Report ===============

uURLSearchHooks: N/A: {9cb65206-89c4-402c-ba80-02d8c59f9b1d} - c:\program files\asktbar\srchastt\1.bin\A5SRCHAS.DLL
mURLSearchHooks: N/A: {9cb65206-89c4-402c-ba80-02d8c59f9b1d} - c:\program files\asktbar\srchastt\1.bin\A5SRCHAS.DLL
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Ask Search Assistant BHO: {9cb65201-89c4-402c-ba80-02d8c59f9b1d} - c:\program files\asktbar\srchastt\1.bin\A5SRCHAS.DLL
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Ask Toolbar BHO: {fe063db1-4ec0-403e-8dd8-394c54984b2c} - c:\program files\asktbar\bar\1.bin\ASKTBAR.DLL
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: Ask Toolbar: {fe063db9-4ec0-403e-8dd8-394c54984b2c} - c:\program files\asktbar\bar\1.bin\ASKTBAR.DLL
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Loaris Trojan Remover] "c:\program files\loaris trojan remover\TrojanRemover.exe" 0
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [PLFSetL] c:\windows\PLFSetL.exe
mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
dRun: [tempo-setup2.exe] c:\windows\system32\tempo-setup2.exe
uPolicies-system: NoDispBackgroundPage = 1 (0x1)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: NoDispBackgroundPage = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Get siteinfo data (fsc) - c:\program files\ems free surfer companion\fslauncher.htm
IE: {AFC3FA82-AD07-45cd-8B57-983435B9899E} - c:\program files\ems free surfer companion\FS30.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
LSP: %SYSTEMROOT%\system32\nvLsp.dll
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
AppInit_DLLs: blocker.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\kyle\applic~1\mozilla\firefox\profiles\i3rmsrq0.default\
FF - prefs.js: browser.startup.homepage - www.google.com

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-6-8 130936]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-3-18 325896]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-3-18 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-3-18 108552]
R1 GhPciScan;GhostPciScanner;c:\program files\norton systemworks\norton ghost\GhPciScan.sys [2002-8-14 5632]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-3-18 908568]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-3-19 298776]
R2 mrtRate;mrtRate;c:\windows\system32\drivers\MrtRate.sys [2009-3-19 34916]
R2 NProtectService;Norton Unerase Protection;c:\program files\norton systemworks\norton utilities\NPROTECT.EXE [2009-3-19 135168]
S3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2009-3-19 193840]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-6-8 348752]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2009-6-8 1095560]

=============== Created Last 30 ================

2009-06-11 14:27 13,280 a------- c:\windows\system32\529bdownloader22z65.exe
2009-06-11 06:43 9,702 a------- c:\windows\system32\35ccd9wnloader96z.dll
2009-06-09 21:23 40,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-09 21:23 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-06-09 21:23 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-06-09 08:20 11,957 a------- c:\windows\system32\990z5teal609.cpl
2009-06-09 00:12 <DIR> --d----- c:\program files\Loaris Trojan Remover
2009-06-08 23:31 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-06-08 21:30 159,600 a------- c:\windows\system32\drivers\pctgntdi.sys
2009-06-08 21:30 130,936 a------- c:\windows\system32\drivers\PCTCore.sys
2009-06-08 21:30 73,840 a------- c:\windows\system32\drivers\PCTAppEvent.sys
2009-06-08 21:30 64,392 a------- c:\windows\system32\drivers\pctplsg.sys
2009-06-08 21:30 <DIR> --d----- c:\program files\common files\PC Tools
2009-06-08 21:30 <DIR> --d----- c:\program files\Spyware Doctor
2009-06-08 21:30 <DIR> --d----- c:\docume~1\kyle\applic~1\PC Tools
2009-06-08 21:30 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Tools
2009-06-07 01:24 10,609 a------- c:\windows\system32\za4spy9ar52109.bin
2009-06-06 17:49 17,496 a------- c:\windows\1b5dst9alz196.bin
2009-06-03 04:32 6,102 a------- c:\windows\3zc5spywa9e1684.bin
2009-06-03 00:23 3,214 a------- c:\windows\7d59ad5waze16129.ocx
2009-06-02 01:55 16,387 a------- c:\windows\9a89backdoor5z18.cpl
2009-06-01 18:55 14,275 a------- c:\windows\system32\6037downloa9e5z548.dll
2009-06-01 02:11 2,894 a------- c:\windows\z19725irus603.ocx
2009-05-31 09:57 <DIR> --d----- c:\program files\DVDConv
2009-05-31 09:57 283 ---shr-- C:\autorun.inf
2009-05-28 11:51 9,926 a------- c:\windows\95zdvir418.exe
2009-05-27 16:51 7,057 a------- c:\windows\5449stealz026.bin
2009-05-27 07:49 2,972 a------- c:\windows\system32\82edz5nloader2797.dll
2009-05-27 02:32 17,170 a------- c:\windows\4c59sparse204z.exe
2009-05-26 10:23 7,272 a------- c:\windows\system32\8262ha9ktooz6c5.ocx
2009-05-24 07:49 8,119 a------- c:\windows\system32\z145hac9tool530.exe
2009-05-23 16:28 18,217 a------- c:\windows\555zvir29859.ocx
2009-05-23 12:08 17,535 a------- c:\windows\555cadd9are2510z.ocx
2009-05-20 11:21 17,721 a------- c:\windows\system32\775zs9a5se1255.dll
2009-05-19 23:12 12,382 a------- c:\windows\925z9eal1565.bin
2009-05-19 14:01 6,910 a------- c:\windows\system32\3312h5ck9ooz393.dll
2009-05-18 05:19 4,918 a------- c:\windows\system32\27ac5zief2695.exe
2009-05-17 05:01 13,988 a------- c:\windows\system32\29145spamboz5f5.bin
2009-05-13 23:12 10,594 a------- c:\windows\system32\z45b5te9l231.ocx
2009-05-13 12:43 4,480 a------- c:\windows\921ztroj549.exe

==================== Find3M ====================

2009-05-13 10:37 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-05-13 10:37 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-13 10:37 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-05-11 07:24 4,781 a------- c:\windows\system32\54499spy63z.dll
2009-05-11 03:45 17,874 a------- c:\windows\system32\39dadowzloader1059.bin
2009-05-10 18:07 5,277 a------- c:\windows\system32\79cas9azs51375.bin
2009-05-02 03:55 3,385 a------- c:\windows\system32\9897ziru5c2.bin
2009-04-28 03:01 12,081 a------- c:\windows\z219195y444.bin
2009-04-27 11:22 410,984 a------- c:\windows\system32\deploytk.dll
2009-04-25 18:43 3,219 a------- c:\windows\system32\3z675spam9ot6db.dll
2009-04-25 06:58 13,149 a------- c:\windows\system32\7635v9r1004z.bin
2009-04-18 21:58 6,387 a------- c:\windows\system32\3599threat99z35.bin
2009-04-17 04:21 9,282 a------- c:\windows\3195znot-a-virus1a75.exe
2009-04-15 19:41 18,151 a------- c:\windows\system32\3bc55pzrse2918.bin
2009-04-15 03:15 4,971 a------- c:\windows\system32\156905ot-azvirus41.exe
2009-04-15 02:32 4,780 a------- c:\windows\859z9roj1555.dll
2009-04-13 18:14 9,725 a------- c:\windows\system32\13968zorm1145.dll
2009-04-12 23:41 11,696 a------- c:\windows\system32\6949ste9z955.bin
2009-04-11 19:45 8,163 a------- c:\windows\system32\314435a9ztool11.bin
2009-04-10 03:49 6,699 a------- c:\windows\system32\555fadd9zre692.bin
2009-04-09 00:54 4,227 a------- c:\windows\5f949hie5z75.bin
2009-04-07 18:39 10,969 a------- c:\windows\1e3ste9l2550z.bin
2009-04-06 20:29 70,984 a------- c:\documents and settings\kyle\g2mdlhlpx.exe
2009-04-04 12:29 8,421 a------- c:\windows\798zspamb595db.exe
2009-04-03 00:14 4,057 a------- c:\windows\system32\7579vir5z4.dll
2009-04-01 21:19 10,461 a------- c:\windows\system32\6367zack95ol2c.exe
2009-03-27 04:01 9,023 a------- c:\windows\z613worm25a9.dll
2009-03-27 02:23 9,031 a------- c:\windows\system32\17245w9r55cz.exe
2009-03-20 07:59 8,163 a------- c:\windows\6d9faddz5re209.dll
2009-03-19 19:32 2,682,880 a------- c:\windows\system32\vcredist_x86.exe
2009-03-19 19:32 87,328 a------- c:\windows\system32\bcmwlcoi.dll
2009-03-19 16:27 16,793 a------- c:\windows\5fb2bac5dzo92617.exe
2009-03-19 00:52 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-03-18 18:20 3,417 a------- c:\windows\2z945acktool264.dll
2009-03-18 01:42 21,640 a------- c:\windows\system32\emptyregdb.dat
2009-03-16 18:53 9,367 a------- c:\windows\system32\57z9thr5at17762.dll
2009-03-14 23:42 5,076 a------- c:\windows\6093wzr5627.exe

============= FINISH: 19:41:35.79 ===============

BC AdBot (Login to Remove)

 


#2 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:04:49 AM

Posted 20 June 2009 - 05:52 PM

Hello and welcome to Bleeping Computer. Sorry for the delay the forums here at BC are always
very busy and we do are best to keep up. If you no longer require any help could you let me no
please, so this topic can be closed.

My name is Syler, I will be helping you to solve your Malware issues. Whilst I am helping you, I would
be grateful if you would note the following:
  • Please do not run other tools or scans unless I ask you to and follow all the steps I give you, in order.
  • Copy and paste all logs requested in you reply, Do not attach them unless asked too.
  • If you don't know or understand something, please don't hesitate to say or ask before you proceed with my instructions.
  • Please continue to work with me, until I tell you your machine appears to be clean. Absence of symptoms does not mean that everything is clear.
  • If I do not hear back from you within 5 days of my last post, then this topic will be closed.
First I would like to see a new log since alot could have changed since your origional post.
  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
Thanks

unite.jpg


#3 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:04:49 AM

Posted 24 June 2009 - 06:20 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending me a PM
with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

unite.jpg





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users