Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

pop-up ads hijacking internet explorer


  • This topic is locked This topic is locked
2 replies to this topic

#1 crouchingliger

crouchingliger

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 08 October 2009 - 04:17 AM

I am getting pop-up ads hijacking internet explorer. I have run Microsoft Security Essentials and Avast, neither of which has found anything.

Thank you so much for your help!

Here is the DDS log, and apparently, I'm not getting the option to attach the other files. Let me know if you'd like me to paste the text from the other files (attach and ark).

Edit: sorry, I was able to edit and attach the other files.

DDS (Ver_09-09-29.01) - NTFSx86
Run by R at 1:48:14.07 on Thu 10/08/2009
Internet Explorer: 8.0.6001.18813
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2046.897 [GMT -5:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Citrix\ICA Client\ssonsvr.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Windows\sttray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Windows\system32\Dwm.exe
C:\Users\Ryan\AppData\Local\Temp\Temp1_RootRepeal[1].zip\RootRepeal.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Ryan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0O5K4LSM\dds[1].scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://att.my.yahoo.com/
uWindow Title = Internet Explorer provided by Dell
mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3070528
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: OToolbarHelper Class: {ead3a971-6a23-4246-8691-c9244e858967} - c:\program files\paypal\paypal plug-in\PayPalHelper.dll
TB: PayPal Plug-In: {dc0f2f93-27fa-4f84-acaa-9416f90b9511} - c:\program files\paypal\paypal plug-in\OToolbar.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [tefebafub] Rundll32.exe "c:\progra~2\faluvalu\faluvalu.dll",a
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\CLIStart.exe"
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [<NO NAME>]
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SigmatelSysTrayApp] sttray.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\windows\installer\{7f0c4457-8e64-491b-8d7b-991504365d1e}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w2/pr02/resources/VistaMSNPUplden-us.cab
DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader.cab
DPF: {64CD313F-F079-4D93-959F-4D28B5519449} - hxxp://www.worldwinner.com/games/v56/jeopardy/jeopardy.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {B69F2A9C-E470-11D3-AFA3-525400DB7692} - hxxp://ib.dancik.com/ib/download/actimage8.0915.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} - hxxp://hgtv.view22.com/view22/app/view22rte.cab
DPF: {BCBC9371-9827-11DA-A72B-0800200C9A66} - hxxp://merillat.view22.com/release_3_9_177/View22RTEv4.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-10-7 114768]
R1 nipplpt2;Novell iCapture Lpt Redirector 2;c:\windows\system32\drivers\nipplpt.sys [2009-9-4 34592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-10-7 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-10-7 53328]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2009-6-18 42480]

=============== Created Last 30 ================

2009-10-08 00:37 0 a------- c:\windows\system32\settings.dat
2009-10-07 23:47 <DIR> --d----- c:\program files\Trend Micro
2009-10-07 23:40 <DIR> --d----- c:\programdata\IObit
2009-10-07 23:40 <DIR> --d----- c:\progra~2\IObit
2009-10-07 23:40 <DIR> --d----- c:\program files\IObit
2009-10-07 19:49 53,328 a------- c:\windows\system32\drivers\aswMonFlt.sys
2009-10-07 19:27 <DIR> --d----- c:\users\ryan\appdata\roaming\WinPatrol
2009-10-07 19:26 <DIR> --d----- c:\program files\BillP Studios
2009-10-07 16:30 <DIR> --d----- c:\users\ryan\appdata\roaming\Malwarebytes
2009-10-07 16:30 <DIR> --d----- c:\programdata\Malwarebytes
2009-10-07 16:30 <DIR> --d----- c:\progra~2\Malwarebytes
2009-10-07 12:57 <DIR> --d----- c:\programdata\tusudivi
2009-10-07 12:57 <DIR> --d----- c:\programdata\pazohehi
2009-10-07 12:57 <DIR> --d----- c:\programdata\faluvalu
2009-10-07 12:57 <DIR> --d----- c:\progra~2\tusudivi
2009-10-07 12:57 <DIR> --d----- c:\progra~2\pazohehi
2009-10-07 12:57 <DIR> --d----- c:\progra~2\faluvalu
2009-10-06 12:51 <DIR> --d----- c:\programdata\wezujelo
2009-10-06 12:51 <DIR> --d----- c:\programdata\wahemoyu
2009-10-06 12:51 <DIR> --d----- c:\programdata\suyihaju
2009-10-06 12:51 <DIR> --d----- c:\progra~2\wezujelo
2009-10-06 12:51 <DIR> --d----- c:\progra~2\wahemoyu
2009-10-06 12:51 <DIR> --d----- c:\progra~2\suyihaju
2009-10-02 08:37 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2009-10-02 08:37 28,672 a------- c:\windows\system32\Apphlpdm.dll
2009-10-02 06:35 2,421,760 a------- c:\windows\system32\wucltux.dll
2009-10-02 06:34 87,552 a------- c:\windows\system32\wudriver.dll
2009-10-02 06:34 171,608 a------- c:\windows\system32\wuwebv.dll
2009-10-02 06:34 33,792 a------- c:\windows\system32\wuapp.exe
2009-09-29 14:00 195,440 -------- c:\windows\system32\MpSigStub.exe
2009-09-29 13:58 <DIR> --d----- c:\program files\Microsoft Security Essentials
2009-09-24 17:11 <DIR> --d----- c:\program files\iPod
2009-09-24 17:11 <DIR> --d----- c:\program files\iTunes
2009-09-18 13:43 <DIR> --d----- c:\windows\system32\vi-VN
2009-09-18 13:43 <DIR> --d----- c:\windows\system32\eu-ES
2009-09-18 13:43 <DIR> --d----- c:\windows\system32\ca-ES
2009-09-18 11:27 <DIR> --d----- c:\windows\system32\EventProviders
2009-09-17 22:18 12,240,896 a------- c:\windows\system32\NlsLexicons0007.dll
2009-09-17 22:18 11,967,524 a------- c:\windows\system32\korwbrkr.lex
2009-09-17 22:18 1,081,344 a------- c:\windows\system32\SLCExt.dll
2009-09-17 22:18 3,408,896 a------- c:\windows\system32\SLsvc.exe
2009-09-17 22:18 2,134,528 a------- c:\windows\system32\FunctionDiscoveryFolder.dll
2009-09-17 22:18 65,536 a------- c:\windows\system32\DevicePairingWizard.exe
2009-09-17 22:16 807,424 a------- c:\windows\system32\msctf.dll
2009-09-17 22:15 1,689,600 a------- c:\windows\system32\wscui.cpl
2009-09-17 22:14 744,448 a------- c:\windows\system32\wbem\wbemcore.dll
2009-09-17 22:14 705,536 a------- c:\windows\system32\SmiEngine.dll
2009-09-17 22:14 614,912 a------- c:\windows\system32\wbem\fastprox.dll
2009-09-17 22:14 265,728 a------- c:\windows\system32\wbem\repdrvfs.dll
2009-09-17 22:14 265,728 a------- c:\windows\system32\wbem\esscli.dll
2009-09-17 22:14 189,440 a------- c:\windows\system32\wbem\mofd.dll
2009-09-17 22:14 83,968 a------- c:\windows\system32\wbem\wmiutils.dll
2009-09-17 22:14 30,208 a------- c:\windows\system32\wbem\wbemprox.dll
2009-09-17 22:14 218,624 a------- c:\windows\system32\wdscore.dll
2009-09-17 22:14 130,560 a------- c:\windows\system32\PkgMgr.exe
2009-09-17 22:14 247,808 a------- c:\windows\system32\drvstore.dll
2009-09-15 00:24 56 a---h--- c:\programdata\ezsidmv.dat
2009-09-15 00:24 56 a---h--- c:\progra~2\ezsidmv.dat
2009-09-15 00:21 <DIR> --d--r-- c:\program files\Skype
2009-09-15 00:21 <DIR> --d----- c:\programdata\Skype
2009-09-10 17:38 99,176 a------- c:\windows\system32\drivers\DRVMCDB.SYS
2009-09-10 17:38 92,920 a------- c:\windows\DLA.EXE
2009-09-10 17:38 56,056 a------- c:\windows\system32\DLAAPI_W.DLL
2009-09-10 17:38 51,768 a------- c:\windows\system32\drivers\DRVNDDM.SYS
2009-09-10 17:38 28,120 a------- c:\windows\system32\drivers\DLARTL_M.SYS
2009-09-10 17:38 12,856 a------- c:\windows\system32\drivers\DLACDBHM.SYS
2009-09-10 17:38 120 a------- c:\windows\wininit.ini
2009-09-10 17:38 <DIR> --d----- c:\windows\system32\DLA
2009-09-10 17:36 15,604,597 a------- c:\temp\DD3250bP_ESD.zip
2009-09-10 17:33 15,086,968 a------- c:\temp\R157449_MediaDirect_3_Patch.exe
2009-09-10 10:21 <DIR> --d----- c:\programdata\SafeNet Sentinel
2009-09-10 10:21 <DIR> --d----- c:\progra~2\SafeNet Sentinel
2009-09-10 10:14 1,025 a------- c:\windows\system32\sysprs7.tgz
2009-09-10 10:14 1,025 a------- c:\windows\system32\sysprs7.dll
2009-09-10 10:14 219 a------- c:\windows\system32\lsprst7.tgz
2009-09-10 10:14 205 a------- c:\windows\system32\lsprst7.dll
2009-09-10 10:14 16 ----h--- c:\windows\system32\servdat.slm
2009-09-09 21:05 <DIR> --d----- c:\program files\iPhone Configuration Utility
2009-09-09 21:04 107,368 a------- c:\windows\system32\GEARAspi.dll
2009-09-09 21:04 26,600 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-09-09 21:03 <DIR> --d----- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-09 21:03 <DIR> --d----- c:\progra~2\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-09 19:07 2,501,921 a------- c:\windows\system32\wlan.tmf
2009-09-09 19:07 513,536 a------- c:\windows\system32\wlansvc.dll
2009-09-09 19:07 302,592 a------- c:\windows\system32\wlansec.dll
2009-09-09 19:07 293,376 a------- c:\windows\system32\wlanmsm.dll
2009-09-09 19:07 68,096 a------- c:\windows\system32\wlanhlp.dll
2009-09-09 19:07 65,024 a------- c:\windows\system32\wlanapi.dll
2009-09-09 19:07 127,488 a------- c:\windows\system32\L2SecHC.dll
2009-09-09 19:07 904,776 a------- c:\windows\system32\drivers\tcpip.sys

==================== Find3M ====================

2009-10-02 08:39 51,200 a------- c:\windows\inf\infpub.dat
2009-10-02 08:39 143,360 a------- c:\windows\inf\infstrng.dat
2009-10-02 08:38 143,360 a------- c:\windows\inf\infstor.dat
2009-09-18 13:43 665,600 a------- c:\windows\inf\drvindex.dat
2009-08-28 21:30 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2009-08-28 21:30 458,752 a------- c:\windows\apppatch\AcSpecfc.dll
2009-08-28 21:30 2,159,616 a------- c:\windows\apppatch\AcGenral.dll
2009-08-28 21:30 542,720 a------- c:\windows\apppatch\AcLayers.dll
2009-08-28 19:42 2,065,696 a------- c:\windows\system32\usbaaplrc.dll
2009-08-28 19:42 40,448 a------- c:\windows\system32\drivers\usbaapl.sys
2009-08-14 10:53 17,920 a------- c:\windows\system32\netevent.dll
2009-08-14 08:49 9,728 a------- c:\windows\system32\TCPSVCS.EXE
2009-08-14 08:49 17,920 a------- c:\windows\system32\ROUTE.EXE
2009-08-14 08:49 11,264 a------- c:\windows\system32\MRINFO.EXE
2009-08-14 08:49 27,136 a------- c:\windows\system32\NETSTAT.EXE
2009-08-14 08:49 19,968 a------- c:\windows\system32\ARP.EXE
2009-08-14 08:49 8,704 a------- c:\windows\system32\HOSTNAME.EXE
2009-08-14 08:49 10,240 a------- c:\windows\system32\finger.exe
2009-08-14 08:48 30,720 a------- c:\windows\system32\drivers\tcpipreg.sys
2009-08-14 08:48 105,984 a------- c:\windows\system32\netiohlp.dll
2009-08-03 15:07 403,816 a------- c:\windows\system32\OGACheckControl.dll
2009-08-03 15:07 322,928 a------- c:\windows\system32\OGAAddin.dll
2009-08-03 15:07 230,768 a------- c:\windows\system32\OGAEXEC.exe
2009-07-21 16:52 915,456 a------- c:\windows\system32\wininet.dll
2009-07-21 16:47 109,056 a------- c:\windows\system32\iesysprep.dll
2009-07-21 16:47 71,680 a------- c:\windows\system32\iesetup.dll
2009-07-21 15:13 133,632 a------- c:\windows\system32\ieUnatt.exe
2009-07-17 08:54 71,680 a------- c:\windows\system32\atl.dll
2009-07-15 07:40 8,147,456 a------- c:\windows\system32\wmploc.DLL
2009-07-15 07:39 313,344 a------- c:\windows\system32\wmpdxm.dll
2009-07-15 07:39 4,096 a------- c:\windows\system32\dxmasf.dll
2009-07-15 07:39 7,680 a------- c:\windows\system32\spwmp.dll
2009-07-13 19:17 129,784 -------- c:\windows\system32\PxAFS.DLL
2009-07-13 19:15 90,112 a------- c:\windows\system32\dpl100.dll
2009-07-13 19:15 823,296 a------- c:\windows\system32\divx_xx0c.dll
2009-07-13 19:15 823,296 a------- c:\windows\system32\divx_xx07.dll
2009-07-13 19:15 815,104 a------- c:\windows\system32\divx_xx0a.dll
2009-07-13 19:15 811,008 a------- c:\windows\system32\divx_xx16.dll
2009-07-13 19:15 802,816 a------- c:\windows\system32\divx_xx11.dll
2009-07-13 19:15 685,056 a------- c:\windows\system32\DivX.dll
2008-10-03 23:18 174 a--sh--- c:\program files\desktop.ini
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2007-05-28 15:35 8,192 a--sh--- c:\windows\users\default\NTUSER.DAT

============= FINISH: 1:48:50.46 ===============

Attached Files


Edited by crouchingliger, 08 October 2009 - 12:20 PM.


BC AdBot (Login to Remove)

 


#2 crouchingliger

crouchingliger
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 08 October 2009 - 06:45 PM

I was able to update Microsoft Security Essentials, and it looks like it got rid of it. Said it was Vundo. Interestingly, Avast didn't ever pick up on it.

#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,946 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:09:24 AM

Posted 24 October 2009 - 12:19 AM

Hello

Thank you for letting us know. I'm glad that your computer problems have been fixed. Since this issue seems to be resolved, this thread will now be closed.

In case you experience any problems with the computer, please start a new topic.

Happy computing,

Orange Blossom :(
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users