Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My PC's new friends have been a baaaad influence


  • This topic is locked This topic is locked
4 replies to this topic

#1 DenverGroup

DenverGroup

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 16 October 2009 - 08:43 AM

Hi!

Symptoms:

-IEXPLORER.exe encountered a problem and has to close
-multiple IE windows pop up if I actually manage to open IE
-Security Update for SQL Server 2005 sp3 install FAILS
-Slow processing speeds
-My Active Desktop decided to die (too afraid to hit the restore button for fear of "tipping the first domino")

There have been a few other issues but none more noticeable than the ones mentioned above.

I downloaded AVG Free and CleanUp! I rebooted in safe mode, ran a system scan and was able to find/delete ~2150 files. That seemed to cure the major issues I was having.

I'm now up and running in regular XP mode. I like the functionality og AVG so I disabled my CA Security program (I think) and run it instead. I use the Windows XP Firewall for my, well, firewall service. In addition to those security applications I also run WinPatrol FREE to monitor what's going on. I saw a DLL in the IE Helpers tab that looked suspicious so I did a web search on the name and I didn't like what I saw. This got me worried that my PC issues are more than just skin deep. So, I ran a HijackThis Scan so I could post the log since I have no idea what I need to look for. Incidentally the DLL that prompted me to do this is DFRGUI32.dll .

Here's the DDS report:


DDS (Ver_09-10-13.01) - NTFSx86
Run by Garth Miles at 18:19:33.71 on Thu 10/15/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_15
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3311.2052 [GMT -6:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k eapsvcs
svchost.exe
C:\WINDOWS\System32\svchost.exe -k dot3svc
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
svchost.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
svchost.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
C:\WINDOWS\System32\snmp.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\tlntsvr.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\dmadmin.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CA\CA Internet Security Suite\casc.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Plaxo\3.23.0.11\PlaxoSysTray.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\UltraMon\UltraMon.exe
C:\Program Files\Plaxo\3.23.0.11\PlaxoHelper_en.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\UltraMon\UltraMonTaskbar.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRAM FILES\LOGITECH\QUICKCAM\QUICKCAM.EXE
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\PROGRAM FILES\MICROSOFT ACTIVESYNC\WCESCOMM.EXE
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\AVG\AVG9\avgui.exe
C:\Documents and Settings\Garth Miles\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Bar = hxxp://www.google.com/ie
uStart Page = hxxp://www.plaxo.com/events?src=logo
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: {01e4ea20-6cba-4f6a-ac60-8ce89642f721} - c:\windows\system32\dfrgui32.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\smart web printing\hpswp_printenhancer.dll
BHO: HP Print Clips: {053f9267-dc04-4294-a72c-58f732d338c0} - c:\program files\hp\smart web printing\hpswp_framework.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [PlaxoSysTray] c:\program files\plaxo\3.23.0.11\PlaxoSysTray.exe
uRun: [UltraMon] "c:\program files\ultramon\UltraMon.exe" /auto
uRun: [PlaxoUpdate] c:\program files\plaxo\3.23.0.11\PlaxoHelper_en.exe -a
uRun: [HijackThis startup scan] c:\program files\trend micro\hijackthis\HijackThis.exe /startupscan
mRun: [DiskeeperSystray] "c:\program files\executive software\diskeeper\DkIcon.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [Recguard] c:\windows\sminst\Recguard.exe
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\bluetooth.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: facebook.com\www
Trusted Zone: linkedin.com\www
Trusted Zone: metrolist.com\newmls
Trusted Zone: mymls.com\fourmymls
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1240954613781
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1229458140046
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://freetrial.webex.com/client/T27L/webex/ieatgpc.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: 6536000c687 - c:\windows\system32\DSKQUOTA32.DLL
Notify: avgrsstarter - avgrsstx.dll
Notify: PFW - UmxWnp.Dll
Notify: __c0048D6E - c:\windows\system32\__c0048D6E.dat
AppInit_DLLs: c:\windows\system32\dskquota32.dll c:\progra~1\google\google~2\goec62~1.dll,c:\windows\system32\dskquota32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath -
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 KmxStart;KmxStart;c:\windows\system32\drivers\KmxStart.sys [2008-10-21 107000]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-10-15 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-10-15 360584]
R1 KmxAgent;KmxAgent;c:\windows\system32\drivers\KmxAgent.sys [2008-8-6 72184]
R1 pelmouse;Mouse Suite Driver;c:\windows\system32\drivers\PELMouse.SYS [2009-9-3 17408]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2009-10-15 285392]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\pdf complete\pdfsvc.exe [2008-11-12 576024]
R2 PPCtlPriv;PPCtlPriv;c:\program files\ca\ca internet security suite\ca anti-spyware\PPCtlPriv.exe [2008-12-12 222448]
R2 UmxAgent;HIPS Event Manager;c:\program files\ca\sharedcomponents\hipsengine\UmxAgent.exe [2008-9-10 1141240]
R2 UmxCfg;HIPS Configuration Interpreter;c:\program files\ca\sharedcomponents\hipsengine\UmxCfg.exe [2008-10-21 801272]
R2 UmxPol;HIPS Policy Manager;c:\program files\ca\sharedcomponents\hipsengine\UmxPol.exe [2008-9-2 289272]
R3 KmxCfg;KmxCfg;c:\windows\system32\drivers\KmxCfg.sys [2008-10-21 203768]
R3 pelusblf;USB Mouse Low Filter Driver;c:\windows\system32\drivers\PELUSBLF.SYS [2009-9-3 9728]
R4 ccSchedulerSVC;CA Common Scheduler Service;c:\program files\ca\ca internet security suite\ccschedulersvc.exe [2008-12-12 128240]
S0 tclondrv;tclondrv; [x]
S2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2008-11-24 29263712]
S2 MSSQL$REA9;SQL Server (REA9);c:\program files\microsoft sql server\mssql.2\mssql\binn\sqlservr.exe [2008-11-24 29263712]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\magix\common\database\bin\fbserver.exe [2009-9-30 1527900]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-12-16 30192]
S3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [2009-1-7 23096]
S3 MusCVideo;MusCVideo;c:\windows\system32\drivers\MusCVideo.sys [2009-1-7 3768]

=============== Created Last 30 ================

2009-10-15 16:13 <DIR> --d----- c:\program files\Trend Micro
2009-10-15 15:59 12 a------- c:\windows\bthservsdp.dat
2009-10-15 15:35 <DIR> --d----- C:\$AVG
2009-10-15 15:35 360,584 a------- c:\windows\system32\drivers\avgtdix.sys
2009-10-15 15:35 12,464 a------- c:\windows\system32\avgrsstx.dll
2009-10-15 15:35 333,192 a------- c:\windows\system32\drivers\avgldx86.sys
2009-10-15 15:35 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-10-15 15:35 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AVG Security Toolbar
2009-10-15 11:09 <DIR> --d----- c:\program files\AVG
2009-10-15 11:09 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg9
2009-10-15 09:05 <DIR> --d----- c:\program files\CleanUp!
2009-10-15 08:10 28,672 a------- c:\windows\system32\__c00D5DE4.dat
2009-10-15 08:09 615 a------- c:\windows\system32\3fbeM.vbs
2009-10-14 18:21 <DIR> --d----- c:\windows\SQLTools9_KB970892_ENU
2009-10-14 18:21 <DIR> --d----- c:\windows\SQL9_KB970892_ENU
2009-10-13 16:46 <DIR> --d----- c:\docume~1\garthm~1\applic~1\WinPatrol
2009-10-13 16:45 <DIR> --d----- c:\program files\BillP Studios
2009-10-13 13:52 615 a------- c:\windows\system32\YehNOom.vbs
2009-10-13 09:55 3,369 a------- c:\windows\GnuHashes.ini
2009-10-13 09:54 615 a------- c:\windows\system32\7JDB6FXY8RBb7SL.vbs
2009-10-13 09:54 615 a------- c:\windows\system32\auEHj.vbs
2009-10-13 09:53 615 a------- c:\windows\system32\AFDPyr9rMSK4nYs.vbs
2009-10-13 09:53 615 a------- c:\windows\system32\dE1jrlb.vbs
2009-10-13 09:50 25,600 a------- c:\windows\system32\__c0048D6E.dat
2009-10-13 09:49 615 a------- c:\windows\system32\EzThP.vbs
2009-10-13 09:47 1,695 a--sh--- c:\windows\system32\GroupPolicy000.dat
2009-10-13 09:47 <DIR> --dsh--- c:\windows\system32\LocalService
2009-10-13 09:47 615 a------- c:\windows\system32\4bH0TIavFeDFLLs.vbs
2009-10-09 09:06 <DIR> --d----- c:\docume~1\garthm~1\applic~1\Realtime Soft
2009-10-09 09:06 <DIR> --d----- c:\program files\UltraMon
2009-09-30 16:39 440 a------- c:\windows\BeatBox.INI
2009-09-30 16:25 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Magix Shared
2009-09-30 16:16 420,240 a------- c:\windows\system32\mpg4c32.dll
2009-09-30 16:16 309,616 a------- c:\windows\system32\wmv8dmod.dll
2009-09-30 16:16 245,760 a------- c:\windows\system32\mp4sds32.ax
2009-09-30 16:16 <DIR> --d----- c:\docume~1\alluse~1\applic~1\MAGIX
2009-09-30 16:15 <DIR> --d----- c:\program files\MAGIX
2009-09-30 16:13 700,416 a------- c:\windows\system32\mgxoschk.dll
2009-09-30 16:13 6,211 a------- c:\windows\mgxoschk.ini
2009-09-30 16:13 <DIR> --d----- c:\windows\system32\MAGIX
2009-09-23 10:14 <DIR> --d----- c:\windows\system32\wbem\Repository
2009-09-21 09:39 189,103 a------- c:\windows\system32\nvapps.nvb
2009-09-21 09:38 26,759 a------- c:\windows\system32\nvwsapps.nvb

==================== Find3M ====================

2009-10-15 16:01 0 a------- c:\windows\system32\drivers\lvuvc.hs
2009-10-15 16:01 0 a------- c:\windows\system32\drivers\logiflt.iad
2009-10-15 08:36 8,461,312 a------- c:\windows\system32\dllcache\shell32.dll
2009-09-21 08:59 1,984 a------- c:\windows\system32\d3d9caps.dat
2009-09-11 13:24 1,615,732 a------- c:\program files\ProcessExplorer[1].zip
2009-09-11 08:18 136,192 a------- c:\windows\system32\msv1_0.dll
2009-09-11 08:18 136,192 -------- c:\windows\system32\dllcache\msv1_0.dll
2009-09-04 15:03 58,880 a------- c:\windows\system32\msasn1.dll
2009-09-04 15:03 58,880 -------- c:\windows\system32\dllcache\msasn1.dll
2009-08-28 04:28 70,656 -------- c:\windows\system32\dllcache\ie4uinit.exe
2009-08-28 04:28 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2009-08-26 23:18 634,648 -------- c:\windows\system32\dllcache\iexplore.exe
2009-08-26 23:18 161,792 -------- c:\windows\system32\dllcache\ieakui.dll
2009-08-26 02:00 247,326 -------- c:\windows\system32\strmdll.dll
2009-08-26 02:00 247,326 -------- c:\windows\system32\dllcache\strmdll.dll
2009-08-17 23:33 1,193,832 a------- c:\windows\system32\FM20.DLL
2009-08-13 09:16 512,000 -------- c:\windows\system32\dllcache\jscript.dll
2009-08-06 19:24 327,896 a------- c:\windows\system32\dllcache\wucltui.dll
2009-08-06 19:24 209,632 a------- c:\windows\system32\dllcache\wuweb.dll
2009-08-06 19:24 35,552 a------- c:\windows\system32\dllcache\wups.dll
2009-08-06 19:24 53,472 a------- c:\windows\system32\dllcache\wuauclt.exe
2009-08-06 19:24 96,480 a------- c:\windows\system32\dllcache\cdm.dll
2009-08-06 19:23 575,704 a------- c:\windows\system32\dllcache\wuapi.dll
2009-08-06 19:23 1,929,952 a------- c:\windows\system32\dllcache\wuaueng.dll
2009-08-06 19:23 274,288 a------- c:\windows\system32\mucltui.dll
2009-08-06 19:23 215,920 a------- c:\windows\system32\muweb.dll
2009-08-05 03:01 204,800 -------- c:\windows\system32\mswebdvd.dll
2009-08-05 03:01 204,800 -------- c:\windows\system32\dllcache\mswebdvd.dll
2009-08-04 20:44 2,189,184 -------- c:\windows\system32\dllcache\ntoskrnl.exe
2009-08-04 09:13 2,145,280 a------- c:\windows\system32\ntoskrnl.exe
2009-08-04 09:13 2,145,280 -------- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-08-04 08:20 2,023,936 a------- c:\windows\system32\ntkrnlpa.exe
2009-08-04 08:20 2,023,936 -------- c:\windows\system32\dllcache\ntkrpamp.exe
2009-08-04 08:20 2,066,048 -------- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-07-25 05:23 411,368 a------- c:\windows\system32\deploytk.dll

============= FINISH: 18:19:49.05 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 DenverGroup

DenverGroup
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 19 October 2009 - 09:51 AM

PLEASE HELP!!!!!! COULD SOMEONE READ MY POST? SORRY FOR BEING PUSHY.

#3 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,639 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:05:33 AM

Posted 22 October 2009 - 09:31 AM

Please visit the following link and use the instructions there to post a ComboFix log as a reply to this topic:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

After running ComboFix, please post the ComboFix log as a reply to this

#4 DenverGroup

DenverGroup
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 28 October 2009 - 12:24 PM

I apologize for the delayed response. I've been out of town. Anyway, I think I've fixed those problems.

#5 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,639 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:05:33 AM

Posted 28 October 2009 - 04:32 PM

Ok...i will close this topic then.

Thanks




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users