Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

infected with trojan rustok


  • This topic is locked This topic is locked
2 replies to this topic

#1 Delmasto7

Delmasto7

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:44 AM

Posted 03 August 2009 - 03:11 PM

here are the 2 files I saved. I hope I did this right.


DDS (Ver_09-07-30.01) - NTFSx86
Run by Mykol at 16:03:46.79 on Mon 08/03/2009
Internet Explorer: 8.0.6001.18813
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2815.1464 [GMT -4:00]

AV: BitDefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
SP: BitDefender Antispyware *disabled* (Updated) {8B2012EC-32D4-494F-BC03-832DB3BDF911}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
FW: BitDefender Firewall *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}

============== Running Processes ===============

C:Windowssystem32wininit.exe
C:Windowssystem32lsm.exe
C:Windowssystem32svchost.exe -k DcomLaunch
C:Windowssystem32svchost.exe -k rpcss
C:WindowsSystem32svchost.exe -k NetworkService
C:Windowssystem32svchost.exe -k LocalService
C:WindowsSystem32svchost.exe -k secsvcs
C:Windowssystem32Ati2evxx.exe
C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted
C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted
C:Program FilesCommon FilesLogiShrdLVMVFMLVPrcSrv.exe
C:Windowssystem32svchost.exe -k netsvcs
C:Windowssystem32svchost.exe -k GPSvcGroup
C:Windowssystem32SLsvc.exe
C:Windowssystem32Ati2evxx.exe
C:WindowsSystem32spoolsv.exe
C:Windowssystem32svchost.exe -k LocalServiceNoNetwork
C:Program FilesAcer Arcade LiveAcer HomeMedia ConnectKernelDMSCLMSServer.exe
C:AcerEmpowering TechnologyePerformanceMemCheck.exe
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:Program FilesBonjourmDNSResponder.exe
C:Windowssystem32svchost.exe -k bthsvcs
C:Program FilesATICatalyst Media CenterKernelTVCLCapSvc.exe
C:Program FilesATICatalyst Media CenterKernelCLML_NTServiceCLMLServer.exe
C:AcerEmpowering TechnologyeDataSecurityeDSService.exe
C:Program FilesNeroNero8InCDInCDsrv.exe
C:Program FilesCommon FilesLightScribeLSSrvc.exe
C:Program FilesCommon FilesLogiShrdLVCOMSERLVComSer.exe
C:Program FilesNeroNero8Nero BackItUpNBService.exe
C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted
C:Program FilesCyberLinkShared FilesRichVideo.exe
C:Windowssystem32svchost.exe -k imgsvc
C:Program FilesViewpointCommonViewpointService.exe
C:WindowsSystem32svchost.exe -k WerSvcGroup
C:Windowssystem32SearchIndexer.exe
C:AcerEmpowering TechnologyeRecoveryeRecoveryService.exe
C:Windowssystem32WUDFHost.exe
C:Windowssystem32taskeng.exe
C:Program FilesCommon FilesLogiShrdLVCOMSERLVComSer.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Program FilesWindows DefenderMSASCui.exe
C:Windowssystem32taskeng.exe
C:AcerEmpowering TechnologySysMonitor.exe
C:AcerEmpowering TechnologyeDataSecurityeDSloader.exe
C:Program FilesMotorolaSMSERIALsm56hlpr.exe
C:WindowsRtHDVCpl.exe
C:Program FilesATICatalyst Media CenterCMCService.exe
C:Windowssystem32taskeng.exe
C:Program FilesCreativeCreative ZENZEN Media ExplorerCTCheck.exe
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe
C:Program FilesiTunesiTunesHelper.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Program FilesWindows Media Playerwmpnetwk.exe
C:Program FilesiPodbiniPodService.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Windowsehomeehsched.exe
C:WindowsehomeehRecvr.exe
C:Windowssystem32wuauclt.exe
C:Program FilesInternet Exploreriexplore.exe
C:Windowssystem32MacromedFlashFlashUtil10b.exe
C:Windowstemp3122110.tmp
C:Windowssystem32WUDFHost.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet ExplorerIELowutil.exe
C:Windowssystem32SearchFilterHost.exe
C:Windowssystem32rundll32.exe
C:Windowssystem32SearchProtocolHost.exe
C:Windowssystem32DllHost.exe
C:Windowssystem32DllHost.exe
C:Windowssystem32DllHost.exe
C:UsersMykolDocumentsTROJ RUSTOKdds.scr
C:Windowssystem32wbemwmiprvse.exe

============== Pseudo HJT Report ===============

uSEARCH PAGE = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
uLocal Page = blank.htm
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://en.us.acer.yahoo.com
mDefault_Page_URL = hxxp://en.us.acer.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:program filescommon filesadobeacrobatactivexAcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:program filesrealrealplayerrpbrowserrecordplugin.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:windowssystem32ActiveToolBand.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:program filescommon filesmicrosoft sharedwindows liveWindowsLiveLogin.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:windowssystem32eDStoolbar.dll
uRun: [Sidebar] c:program fileswindows sidebarsidebar.exe /autoRun
uRun: [Aim6]
uRun: [WMPNSCFG] c:program fileswindows media playerWMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
mRun: [Acer Tour]
mRun: [Acer Empowering Technology Monitor] c:acerempowering technologySysMonitor.exe
mRun: [eDataSecurity Loader] c:acerempowering technologyedatasecurityeDSloader.exe
mRun: [SMSERIAL] c:program filesmotorolasmserialsm56hlpr.exe
mRun: [Acer Product Registration] "c:program filesacer registrationACE1.exe" /startup
mRun: [eRecoveryService]
mRun: [Service Host] c:usersmykolappdatalocaltempsvchost.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [CMCService] "c:program filesaticatalyst media centerCMCService.exe"
mRun: [CTCheck] c:program filescreativecreative zenzen media explorerCTCheck.exe
mRun: [Adobe Reader Speed Launcher] "c:program filesadobereader 8.0readerReader_sl.exe"
mRun: [QuickTime Task] "c:program filesquicktimeQTTask.exe" -atboottime
mRun: [TkBellExe] "c:program filescommon filesrealupdate_obrealsched.exe" -osboot
mRun: [iTunesHelper] "c:program filesitunesiTunesHelper.exe"
mRun: [SBRegRebootCleaner] c:program filessunbelt softwarevipreSBRC.exe
dRun: [<NO NAME>]
dRun: [StartCCC] c:program filesati technologiesati.acecore-staticCLIStart.exe
dRun: [Acer Tour Reminder] c:aceracertourReminder.exe
dRun: [MySpaceIM] c:program filesmyspaceimMySpaceIM.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:progra~1micros~2office12EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:progra~1micros~2office12ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:progra~1micros~2office12REFIEBAR.DLL
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:program filesyahoo!commonYinsthelper.dll
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUplden-us.cab
DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - hxxp://www.mpix.com/Customer/Uploading/activex/ImageUploader4.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {A30FBBDC-FA29-4606-8565-14AADCCA6708} - hxxps://photos.riteaid.com/control/RiteAidOneHourPhotoOnline.cab
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://www.adobe.com/products/acrobat/nos/gp.cab
TCP: NameServer = 85.255.112.70,85.255.112.127
TCP: {9199CF87-68A5-48BD-B517-F116EBE2E8FA} = 85.255.112.70,85.255.112.127

============= SERVICES / DRIVERS ===============

R1 sbtis;sbtis;c:windowssystem32driverssbtis.sys [2009-8-1 202928]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:program filesacer arcade liveacer homemedia connectkerneldmsCLMSServer.exe [2007-4-16 266343]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:program filesviewpointcommonViewpointService.exe [2007-11-6 24652]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:windowssystem32driversnetaapl.sys [2009-6-5 17408]
S3 btnetBUs;Bluetooth PAN Bus Service;c:windowssystem32driversbtnetBus.sys [2008-12-7 30088]
S3 dc3d;USBCCGP filter driver (dc3d);c:windowssystem32driversdc3d.sys [2009-1-15 15360]

=============== Created Last 30 ================

2009-08-03 15:42 <DIR> --d----- c:programdataMcAfee
2009-08-03 11:49 <DIR> --d----- c:programdataMalwarebytes
2009-08-03 11:49 <DIR> --d----- c:program filesMalwarebytes' Anti-Malware
2009-08-03 11:49 <DIR> --d----- c:progra~2Malwarebytes
2009-08-02 17:46 104 a------- c:windowssystem32SBRC.dat
2009-08-01 23:20 <DIR> --d----- c:usersmykolappdataroamingSunbelt
2009-08-01 23:10 <DIR> --d----- c:programdataSunbelt
2009-08-01 23:10 <DIR> --d----- c:progra~2Sunbelt
2009-08-01 23:01 202,928 a------- c:windowssystem32driverssbtis.sys
2009-08-01 23:00 <DIR> --d----- c:program filesSunbelt Software
2009-07-22 05:03 <DIR> --d----- c:program filesiPhoneBrowser
2009-07-20 16:45 <DIR> --d----- c:programdataPC Suite
2009-07-16 13:17 <DIR> --d----- c:program filesiPod
2009-07-16 13:17 <DIR> --d----- c:program filesiTunes
2009-07-16 11:43 289,792 a------- c:windowssystem32atmfd.dll
2009-07-16 11:43 156,672 a------- c:windowssystem32t2embed.dll
2009-07-16 11:43 72,704 a------- c:windowssystem32fontsub.dll
2009-07-16 11:43 10,240 a------- c:windowssystem32dciman32.dll
2009-07-15 23:43 <DIR> --d----- c:windowssystem32ivtMobCache
2009-07-15 23:33 32 a------- c:windows0
2009-07-15 23:33 0 a------- c:windowssystem320
2009-07-15 23:31 90,624 a------- c:windowssystem32nmwcdcls.dll
2009-07-15 23:31 <DIR> --d----- c:program filesNokia
2009-07-15 23:31 18,816 a------- c:windowssystem32driverspccsmcfd.sys
2009-07-15 23:30 <DIR> --d----- c:program filesPC Connectivity Solution
2009-07-15 23:30 <DIR> --d----- c:programdataInstallations
2009-07-15 16:24 <DIR> --d----- c:programdataBluetooth
2009-07-15 16:12 12 a------- c:windowsbthservsdp.dat
2009-07-15 15:14 <DIR> --d----- c:program filesIVT Corporation

==================== Find3M ====================

2009-08-03 11:54 0 a------- c:windowssystem32driverslvuvc.hs
2009-08-02 22:24 143,360 a------- c:windowsinfinfstrng.dat
2009-08-02 22:24 143,360 a------- c:windowsinfinfstor.dat
2009-08-02 22:24 86,016 a------- c:windowsinfinfpub.dat
2009-07-21 17:52 915,456 a------- c:windowssystem32wininet.dll
2009-07-21 17:47 109,056 a------- c:windowssystem32iesysprep.dll
2009-07-21 17:47 71,680 a------- c:windowssystem32iesetup.dll
2009-07-21 16:13 133,632 a------- c:windowssystem32ieUnatt.exe
2009-06-30 01:59 0 a---h--- c:windowssystem32driversMsft_Kernel_netaapl_01005.Wdf
2009-06-05 11:42 2,060,288 a------- c:windowssystem32usbaaplrc.dll
2009-06-05 11:42 39,424 a------- c:windowssystem32driversusbaapl.sys
2009-06-05 11:42 1,419,232 a------- c:windowssystem32wdfcoinstaller01005.dll
2009-06-05 11:42 17,408 a------- c:windowssystem32driversnetaapl.sys
2009-05-26 17:38 719,360 a------- c:windowssystem32bmutil.dll
2009-05-26 17:38 471,040 a------- c:windowssystem32bmnet.dll
2009-05-26 17:38 126,976 a------- c:windowssystem32bmdumpd.bin
2008-06-11 10:50 665,600 a------- c:windowsinfdrvindex.dat
2008-04-18 07:52 174 a--sh--- c:program filesdesktop.ini
2008-02-20 04:23 32 a------- c:programdataezsid.dat
2008-02-20 04:23 32 a------- c:progra~2ezsid.dat
2007-12-01 14:45 0 a------- c:usersmykolappdataroamingwklnhst.dat
2006-11-02 08:42 287,440 a------- c:windowsinfperflib0409perfi.dat
2006-11-02 08:42 287,440 a------- c:windowsinfperflib0409perfh.dat
2006-11-02 08:42 30,674 a------- c:windowsinfperflib0409perfd.dat
2006-11-02 08:42 30,674 a------- c:windowsinfperflib0409perfc.dat
2006-11-02 05:20 287,440 a------- c:windowsinfperflib0000perfi.dat
2006-11-02 05:20 287,440 a------- c:windowsinfperflib0000perfh.dat
2006-11-02 05:20 30,674 a------- c:windowsinfperflib0000perfd.dat
2006-11-02 05:20 30,674 a------- c:windowsinfperflib0000perfc.dat

============= FINISH: 16:03:58.60 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-07-30.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: DeviceHarddiskVolume2
Install Date: 8/27/2007 1:45:12 PM
System Uptime: 8/3/2009 11:54:32 AM (5 hours ago)

Motherboard: Acer | | F690GVM
Processor: AMD Athlon™ 64 X2 Dual Core Processor 5600+ | Socket AM2 | 2800/199mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 228 GiB total, 114.669 GiB free.
D: is FIXED (NTFS) - 228 GiB total, 125.628 GiB free.
E: is CDROM (CDFS)
G: is Removable
H: is Removable
I: is Removable
J: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
Device ID: PCIVEN_11AB&DEV_4364&SUBSYS_0E0A105B&REV_204&1B8A4F40&0&0038
Manufacturer: Marvell
Name: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
PNP Device ID: PCIVEN_11AB&DEV_4364&SUBSYS_0E0A105B&REV_204&1B8A4F40&0&0038
Service: yukonwlh

Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: PS/2 Compatible Mouse
Device ID: ACPIPNP0F133&18D45AA6&0
Manufacturer: Microsoft
Name: PS/2 Compatible Mouse
PNP Device ID: ACPIPNP0F133&18D45AA6&0
Service: i8042prt

==== System Restore Points ===================


==== Installed Programs ======================

µTorrent
Acer Arcade Live Main Page
Acer Assist
Acer DV Magician
Acer DVDivine
Acer eDataSecurity Management
Acer Empowering Technology
Acer ePerformance Management
Acer HomeMedia
Acer HomeMedia Connect
Acer Registration
Acer ScreenSaver
Acer SlideShow DVD
Acer Tour
Acer VideoMagician
Activation Assistant for the 2007 Microsoft Office suites
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Photoshop Elements 2.0
Adobe Reader 8.1.6
Adobe Setup
Adobe Shockwave Player 11.5
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
AIM 6
AOL Mail and AIM Gadget
AOL Registration
AOL Uninstaller (Choose which Products to Remove)
Apple Mobile Device Support
Apple Software Update
ATI AVIVO Codecs
ATI Catalyst Install Manager
Axis & Allies
Bonjour
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization Dutch
Catalyst Control Center Localization Finnish
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Greek
Catalyst Control Center Localization Hungarian
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Norwegian
Catalyst Control Center Localization Polish
Catalyst Control Center Localization Portuguese
Catalyst Control Center Localization Russian
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Swedish
Catalyst Control Center Localization Thai
Catalyst Control Center Localization Turkish
Catalyst Media Center
Catalyst Media Center DVD Authoring Module
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Creative System Information
Creative ZEN
DVD Decrypter (Remove Only)
DVD Shrink 3.2
Galactic Civilizations II
GalCiv II - Dark Avatar
GalCiv II - Twilight of the Arnor
GearDrvs
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Impulse
iPhoneBrowser
iTunes
LightScribe 1.4.142.1
Logitech QuickCam
Logitech QuickCam Driver Package
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB929729)
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft XML Parser
Monopoly
Motorola SM56 Speakerphone Modem
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MVision
My Sirius Studio
MySpaceIM
Nero 8
Nero PhotoShow Deluxe 5
neroxml
Nokia Connectivity Cable Driver
Norton 360
NTI Backup NOW! 4.7
NTI CD & DVD-Maker
Octoshape add-in for Adobe Flash Player
PC Connectivity Solution
PDF Settings
PowerISO
QuickTime
RealPlayer
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969679)
Security Update for Microsoft Office Excel 2007 (KB969682)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office Word 2007 (KB969604)
Sid Meier's Civilization 4
Sid Meier's Civilization 4 - Warlords
Skype™ 3.6
Spelling Dictionaries Support For Adobe Reader 8
The KMPlayer (remove only)
The Rosetta Stone
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
USB Video Driver
VCRedistSetup
Viewpoint Media Player
Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA (04/27/2007 5.7.0427.0)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
WinRAR archiver
Xfire (remove only)
Yahoo! Messenger
ZENcast Organizer

==== End Of File ===========================

p.s. - I tried using malwarebyte's antimalware. It wouldn't open. I can download it, but when I open the file, nothing happens. I even tried renaming it like i saw in older posts.

Merged posts. ~ OB

Edited by Orange Blossom, 13 August 2009 - 04:15 PM.


BC AdBot (Login to Remove)

 


#2 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:44 AM

Posted 13 August 2009 - 05:38 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#3 Billy O'Neal

Billy O'Neal

    Visual C++ STL Maintainer


  • Malware Response Team
  • 12,304 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Redmond, Washington
  • Local time:03:44 AM

Posted 20 August 2009 - 08:51 PM

Due to lack of feedback, this topic has been closed.
Twitter - My statements do not establish the official position of Microsoft Corporation, and are my own personal opinion. (But you already knew that, right?)
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users