Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DDS Log


  • This topic is locked This topic is locked
3 replies to this topic

#1 zilegati

zilegati

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:48 PM

Posted 02 July 2009 - 04:03 PM

Hi folks. Just joined the forum. Hope you are able to help me. I've been working on a friend's computer. where he had some variation of the Antivirus 2009 trojan/malware. I was able to remove most of the problems with Malwarebytes, but am still having problems with his browser not being able to get to some sites, mostly security-related ones. Per instructions on this forum, I am posting my DDS log. Thanks so much in advance for the help!


DDS (Ver_09-06-26.01) - NTFSx86
Run by Owner at 15:54:23.29 on Thu 07/02/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.22 [GMT -5:00]

AV: CA Anti-Virus *On-access scanning enabled* (Outdated) {17CFD1EA-56CF-40B5-A06B-BD3A27397C93}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\sstray.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\CA\eTrust Internet Security Suite\cctray\cctray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\WDBtnMgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\SB Wireless Music\Media Server\SBWMsvr.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\CA\eTrust Internet Security Suite\ccprovsp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\BMX8G6VG\dds[1].scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uWindow Title = Windows Internet Explorer provided by Yahoo!
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=yie7c
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://www.emachines.com
mSearch Page =
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: eBay Toolbar Helper: {22d8e815-4a5e-4dfb-845e-aab64207f5bd} - c:\program files\ebay\ebay toolbar2\eBayTB.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: ALOT Toolbar: {5aa2ba46-9913-4dc7-9620-69ab0fa17ae7} - c:\program files\alot\bin\alot.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.15642\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File
TB: eBay Toolbar: {92085ad4-f48a-450d-bd93-b28cc7df67ce} - c:\program files\ebay\ebay toolbar2\eBayTB.dll
TB: ALOT Toolbar: {5aa2ba46-9913-4dc7-9620-69ab0fa17ae7} - c:\program files\alot\bin\alot.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - No File
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SB Wireless Music] c:\program files\creative\sb wireless music\media server\SBWMsvr.exe startup
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [nForce Tray Options] sstray.exe /r
mRun: [CHotkey] zHotkey.exe
mRun: [ShowWnd] ShowWnd.exe
mRun: [SunKistEM] c:\program files\digital media reader\shwiconem.exe
mRun: [RoxioAudioCentral] "c:\program files\roxio\easy cd creator 6\audiocentral\RxMon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [CAVRID] "c:\program files\ca\etrust internet security suite\etrust ez antivirus\CAVRID.exe"
mRun: [eBayToolbar] c:\program files\ebay\ebay toolbar2\eBayTBDaemon.exe
mRun: [cctray] "c:\program files\ca\etrust internet security suite\cctray\cctray.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [WD Button Manager] WDBtnMgr.exe
mRun: [VetStart] "c:\program files\ca\etrust internet security suite\etrust ez antivirus\vetmsg.exe" -r
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpimag~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
uPolicies-explorer: NoWindowsUpdate = 0 (0x0)
IE: &AOL Toolbar search - c:\program files\aol toolbar\toolbar.dll/SEARCH.HTML
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office10\EXCEL.EXE/3000
IE: eBay Search - c:\program files\ebay\ebay toolbar2\eBayTb.dll/RCSearch.html
IE: {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - c:\documents and settings\all users\start menu\programs\absolutepoker net\AbsolutePoker NET.lnk
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\PartyPoker.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {EFFF8D47-D060-4108-B761-E8EC86622E56} - c:\documents and settings\all users\start menu\programs\absolute poker\Absolute Poker.lnk
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
LSP: c:\windows\system32\VetRedir.dll
DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} - hxxp://zone.msn.com/binFrameWork/v10/StagingUI.cab53083.cab
DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - hxxp://static.windupdates.com/cab/WebsiteAccess/ie/Bridge-c139.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} - hxxp://zone.msn.com/BinFrameWork/v10/ZBuddy.cab53083.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {4788DE0A-3552-49EA-AC8C-233DA52523B9} - hxxp://www.blackberry.com/devicesoftware/AxLoader.cab
DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} - hxxp://zone.msn.com/binframework/v10/ZPAChat.cab53083.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1147241747150
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab53083.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} - hxxp://zone.msn.com/binframework/v10/StProxy.cab53852.cab
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
AppInit_DLLs: c:\progra~1\google\google~3\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R0 adwarealert;adwarealert;c:\windows\system32\drivers\adwarealert.sys [2008-3-3 22512]
R0 MrFilter;EasyWrite Driver;c:\windows\system32\drivers\MRFilter.sys [2005-9-3 12384]
R1 VET-FILT;VET File System Filter;c:\windows\system32\drivers\vet-filt.sys [2007-10-17 26352]
R1 VET-REC;VET File System Recognizer;c:\windows\system32\drivers\vet-rec.sys [2007-10-17 21104]
R1 VETEFILE;VET File Scan Engine;c:\windows\system32\drivers\vetefile.sys [2007-10-17 880560]
R1 VETFDDNT;VET Floppy Boot Sector Monitor;c:\windows\system32\drivers\vetfddnt.sys [2007-10-17 21488]
R1 VETMONNT;VET File Monitor;c:\windows\system32\drivers\vetmonnt.sys [2007-10-17 161008]
R2 CAISafe;CAISafe;c:\program files\ca\etrust internet security suite\etrust ez antivirus\isafe.exe [2007-1-9 144696]
R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512]
R2 VETMSGNT;VET Message Service;c:\program files\ca\etrust internet security suite\etrust ez antivirus\vetmsg.exe [2007-1-9 255216]
R3 VETEBOOT;VET Boot Scan Engine;c:\windows\system32\drivers\veteboot.sys [2007-10-17 108368]
S2 jiasu;Driver Server;c:\windows\system32\svchost.exe -k netsvcs [2003-1-3 14336]
S2 mpiwl;Windows Center;c:\windows\system32\svchost.exe -k netsvcs [2003-1-3 14336]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-1-13 29744]
S3 kwcxbus;Kyocera USB Composite Device driver (WDM);c:\windows\system32\drivers\kwcxbus.sys [2007-2-16 52480]
S3 kwcxser;Kyocera High-Speed Wireless Modem Drivers;c:\windows\system32\drivers\kwcxser.sys [2007-2-16 87104]

=============== Created Last 30 ================

2009-07-02 15:38 410,984 a------- c:\windows\system32\deploytk.dll
2009-07-02 15:38 73,728 a------- c:\windows\system32\javacpl.cpl
2009-07-02 13:22 771,581 ac------ c:\windows\system32\dllcache\winacisa.sys
2009-07-02 13:21 440,576 ac------ c:\windows\system32\dllcache\tridkb.dll
2009-07-02 13:20 6,912 ac------ c:\windows\system32\dllcache\smbclass.sys
2009-07-02 13:19 29,696 ac------ c:\windows\system32\dllcache\rw450ext.dll
2009-07-02 13:18 27,296 ac------ c:\windows\system32\dllcache\perc2.sys
2009-07-02 13:17 22,016 ac------ c:\windows\system32\dllcache\msircomm.sys
2009-07-02 13:16 18,432 ac------ c:\windows\system32\dllcache\jupiw.dll
2009-07-02 13:15 57,471 ac------ c:\windows\system32\dllcache\hsf_samp.sys
2009-07-02 13:14 25,856 ac------ c:\windows\system32\dllcache\et4000.sys
2009-07-02 13:13 42,432 ac------ c:\windows\system32\dllcache\digirlpt.sys
2009-07-02 13:12 45,696 ac------ c:\windows\system32\dllcache\cirrus.sys
2009-07-02 13:11 173,602 ac------ c:\windows\system32\dllcache\c_20002.nls
2009-07-02 13:10 49,920 ac------ c:\windows\system32\dllcache\atirtcap.sys
2009-07-02 13:09 66,048 ac------ c:\windows\system32\dllcache\s3legacy.dll
2009-07-02 12:36 <DIR> --d----- c:\program files\CCleaner
2009-07-02 12:36 <DIR> --d----- c:\program files\Defraggler
2009-07-02 12:05 <DIR> --dsh--- C:\$RECYCLE.BIN
2009-07-02 09:10 <DIR> --d----- c:\program files\Trend Micro
2009-07-02 06:31 664 a------- c:\windows\system32\d3d9caps.dat
2009-07-02 06:19 <DIR> --d----- c:\docume~1\owner\applic~1\Malwarebytes
2009-07-02 06:19 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-02 06:19 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-07-02 06:19 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-07-02 06:19 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-07-02 06:17 14,592 ac------ c:\windows\system32\dllcache\kbdhid.sys
2009-07-02 06:17 14,592 a------- c:\windows\system32\drivers\kbdhid.sys
2009-07-01 18:14 12,160 ac------ c:\windows\system32\dllcache\mouhid.sys
2009-07-01 18:14 12,160 a------- c:\windows\system32\drivers\mouhid.sys
2009-06-28 19:15 <DIR> --d----- c:\program files\common files\xing shared
2009-06-13 15:34 <DIR> --d----- c:\docume~1\owner\applic~1\DriverCure
2009-06-13 15:34 <DIR> --d----- c:\docume~1\alluse~1\applic~1\ParetoLogic
2009-06-13 15:34 <DIR> --d----- c:\docume~1\alluse~1\applic~1\DriverCure

==================== Find3M ====================

2009-05-22 04:01 161,008 a------- c:\windows\system32\drivers\vetmonnt.sys
2009-05-22 04:01 26,352 a------- c:\windows\system32\drivers\vet-filt.sys
2009-05-22 04:01 21,488 a------- c:\windows\system32\drivers\vetfddnt.sys
2009-05-22 04:01 21,104 a------- c:\windows\system32\drivers\vet-rec.sys
2009-05-10 16:53 20,992 a------- c:\windows\jestertb.dll
2009-05-10 16:38 70,728 a------- c:\docume~1\owner\applic~1\GDIPFONTCACHEV1.DAT
2009-05-07 10:32 345,600 a------- c:\windows\system32\localspl.dll
2009-05-01 13:30 3,366,912 a------- c:\windows\system32\GPhotos.scr
2009-04-28 23:56 827,392 a------- c:\windows\system32\wininet.dll
2009-04-28 23:55 78,336 a------- c:\windows\system32\ieencode.dll
2009-04-17 07:26 1,847,168 a------- c:\windows\system32\win32k.sys
2009-04-15 09:51 585,216 a------- c:\windows\system32\rpcrt4.dll
2005-10-24 20:00 0 ac------ c:\docume~1\owner\applic~1\wklnhst.dat
2009-03-21 09:06 164,746 a--shr-- c:\windows\system32\yqlkimck.dll
2008-09-03 01:25 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090320080904\index.dat

============= FINISH: 15:55:21.03 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 aommaster

aommaster

    I !<3 malware


  • Malware Response Team
  • 5,289 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dubai
  • Local time:05:48 AM

Posted 08 July 2009 - 07:56 AM

Hello, zilegati.
My name is aommaster and I will be helping you with your log.

I apologize for the delay in response we get overwhelmed at times but we are trying our best to keep up.
If you have since resolved the original problem you were having would appreciate you letting us know. If not please perform the following below so I can have a look at the current condition of your machine.

Thanks

Please note that I am in the process of my training so it may take a while for me to get back to you, as each of my fixes need to be checked by a coach first.

We need to run RSIT
  • Download random's system information tool (RSIT) by random/random and save it to your desktop.
  • Double click on RSIT.exe.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
In your next reply, please include the following:
  • Log.txt
  • info.txt

My website: http://aommaster.com
unite_blue.png
Please do not send me PM's requesting for help. The forums are there for a reason : )
If I am helping you and do not respond to your thread for 48 hours, please send me a PM


#3 zilegati

zilegati
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:48 PM

Posted 08 July 2009 - 08:01 AM

Thanks so much for the response. I have managed to solve the problem.

#4 Shaba

Shaba

    Koutsi


  • Members
  • 7,872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:03:48 AM

Posted 08 July 2009 - 08:04 AM

Since this issue appears resolved ... this Topic is closed. Glad I could help.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Microsoft MVP Consumer Security
Posted Image

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users