Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot get rid of popups.


  • Please log in to reply
1 reply to this topic

#1 ImAndy

ImAndy

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:27 AM

Posted 01 November 2009 - 10:57 AM

Hey :( My brother downloaded Messenger Live plus! And the sponsor and I've been getting annoying popups on Internmet Explorer every 5 minutes or so. Casino, Games, phone ads..etc.

-


DDS (Ver_09-10-26.01) - NTFSx86
Run by tracey jane lynn at 15:25:16.99 on 01/11/2009
Internet Explorer: 8.0.6001.18828 BrowserJavaVersion: 1.6.0_16
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.955.137 [GMT 0:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Trend Micro\RUBotted\TMRUBotted.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Trend Micro\RUBotted\TMRUBottedTray.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Users\tracey jane lynn\Downloads\windows-kb890830-v3.0.exe
e:\92bd80a31eff8f04bb7685\mrtstub.exe
C:\Users\TRACEY~1\AppData\Local\Temp\MRT.exe
C:\Users\TRACEY~1\AppData\Local\Temp\MRT.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
c:\program files\avira\antivir desktop\avcenter.exe
C:\Program Files\Avira\AntiVir Desktop\update.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\Taskmgr.exe
C:\Users\tracey jane lynn\Downloads\HijackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\tracey jane lynn\Downloads\dds(2).scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = about:blank
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
mStart Page = about:blank
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [AxisDefy] "c:\programdata\globalmediamedia.zukj3"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [cfFncEnabler.exe] cfFncEnabler.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [Google EULA Launcher] c:\program files\google\google eula\GoogleEULALauncher.exe IE PA
mRun: [Toshiba TEMPO] c:\program files\toshiba tempro\Toshiba.Tempo.UI.TrayApplication.exe
mRun: [topi] c:\program files\toshiba\toshiba online product information\topi.exe -startup
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [jswtrayutil] "c:\program files\jumpstart\jswtrayutil.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [TMRUBottedTray] "c:\program files\trend micro\rubotted\TMRUBottedTray.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Search
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/710-44557-9400-3/4
IE: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redire...1&site=home
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\tracey~1\appdata\roaming\mozilla\firefox\profiles\ok4kdkc8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - MyWebSearch
FF - prefs.js: browser.startup.homepage - hxxp://en-GB.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-GB:official
FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZNxuk101YYGB&fl=0&ptb=n_1SptJGyNUl7y6PB6aNHg&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&si=41166&searchfor=
FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-10-31 64288]
R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\drivers\jswpslwf.sys [2009-5-29 20384]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-8-7 7168]
R3 TMPassthruMP;TMPassthruMP;c:\windows\system32\drivers\TMPassthru.sys [2009-11-1 206608]
S3 TMPassthru;Trend Micro Passthru Ndis Service;c:\windows\system32\drivers\TMPassthru.sys [2009-11-1 206608]

=============== Created Last 30 ================

2009-11-01 15:15:19 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-11-01 15:15:12 0 d-----w- c:\programdata\Avira
2009-11-01 15:15:12 0 d-----w- c:\program files\Avira
2009-11-01 14:57:36 0 d-----w- c:\users\tracey jane lynn\.housecall6.6
2009-11-01 14:56:03 411368 ----a-w- c:\windows\system32\RENC16B.tmp
2009-11-01 13:56:21 206608 ----a-w- c:\windows\system32\drivers\TMPassthru.sys
2009-11-01 13:56:11 0 d-----w- c:\program files\Trend Micro
2009-10-31 23:37:35 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-10-31 22:21:15 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-10-31 22:20:18 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-10-31 22:17:21 0 dc-h--w- c:\programdata\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-10-31 22:16:30 0 d-----w- c:\programdata\Lavasoft
2009-10-31 22:16:30 0 d-----w- c:\program files\Lavasoft
2009-10-31 13:11:57 0 d-----w- c:\programdata\Messenger Plus!
2009-10-31 01:58:02 0 d-----w- c:\programdata\Second Atom Okay Proxy
2009-10-31 01:57:42 0 d-----w- c:\programdata\Pingprogrampile
2009-10-31 01:56:44 0 d-----w- c:\program files\Circe Developement
2009-10-28 15:23:11 0 d-----w- c:\windows\system32\eu-ES
2009-10-28 15:23:11 0 d-----w- c:\windows\system32\ca-ES
2009-10-28 15:23:10 0 d-----w- c:\windows\system32\vi-VN
2009-10-28 14:39:48 0 d-----w- c:\windows\system32\EventProviders
2009-10-28 14:18:07 72704 ----a-w- c:\windows\system32\admparse.dll
2009-10-28 14:16:34 0 d-----w- c:\windows\pss
2009-10-28 13:35:43 0 d-----w- c:\users\tracey~1\appdata\roaming\Malwarebytes
2009-10-28 13:35:31 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-28 13:35:30 0 d-----w- c:\programdata\Malwarebytes
2009-10-28 13:34:41 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-28 13:34:41 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-28 12:03:43 0 d-----w- c:\program files\CCleaner
2009-10-28 10:09:59 310784 ----a-w- c:\windows\system32\unregmp2.exe
2009-10-28 10:09:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-10-20 18:30:59 167936 ----a-w- c:\windows\system32\drivers\portcls.sys
2009-10-20 18:29:59 67584 ----a-w- c:\windows\system32\regapi.dll
2009-10-20 18:28:59 378368 ----a-w- c:\windows\system32\devmgr.dll
2009-10-20 18:27:59 94720 ----a-w- c:\windows\system32\logagent.exe
2009-10-20 18:26:59 391680 ----a-w- c:\windows\system32\mscms.dll
2009-10-20 18:25:58 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2009-10-20 18:24:54 757248 ----a-w- c:\windows\system32\azroles.dll
2009-10-20 18:23:54 265688 ----a-w- c:\windows\system32\drivers\acpi.sys
2009-10-19 20:18:23 110 ----a-w- c:\windows\GMouse.ini
2009-10-19 20:09:08 283648 ----a-w- c:\windows\uninst.exe
2009-10-14 12:08:39 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-14 12:08:00 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-10-14 12:07:59 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-10-14 12:07:39 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-10-14 12:07:33 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-10-14 12:06:54 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-10-09 12:59:59 32592 ----a-w- c:\windows\system32\msonpmon.dll
2009-10-09 12:33:00 0 d-----w- c:\program files\HotPotatoes6
2009-10-07 16:44:00 0 d-----w- C:\StateUpdate
2009-10-07 14:41:53 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-07 14:41:17 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-10-07 14:41:04 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-10-07 14:41:04 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-10-07 14:30:04 0 d-----w- c:\users\tracey~1\appdata\roaming\Acapela Group
2009-10-07 14:20:25 0 d-----w- c:\program files\Xtranormal
2009-10-07 14:18:09 0 d-----w- c:\users\tracey~1\appdata\roaming\Xtranormal
2009-10-06 21:41:38 0 d-----w- C:\Es_E3
2009-10-03 13:45:05 0 d-----w- c:\users\tracey jane lynn\eyetoy_namtai_driver
2009-10-03 13:40:32 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-10-02 17:38:51 0 d-----w- c:\programdata\Kaspersky Lab

==================== Find3M ====================

2009-11-01 14:26:17 86016 ----a-w- c:\windows\inf\infstor.dat
2009-11-01 14:26:17 51200 ----a-w- c:\windows\inf\infpub.dat
2009-11-01 14:26:17 143360 ----a-w- c:\windows\inf\infstrng.dat
2009-11-01 09:30:06 63 ----a-w- c:\users\tracey jane lynn\jagex_runescape_preferences2.dat
2009-11-01 09:18:56 38 ----a-w- c:\users\tracey jane lynn\jagex_runescape_preferences.dat
2009-10-28 15:23:04 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-10-28 15:12:27 37665 ----a-w- c:\windows\fonts\GlobalUserInterface.CompositeFont
2009-08-29 16:45:28 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-29 00:27:49 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-27 05:22:28 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-27 05:17:43 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-08-27 05:17:43 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-08-27 03:42:29 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-08-17 22:33:52 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-14 15:53:34 17920 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 13:49:20 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 13:49:18 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 13:49:18 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 13:49:15 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 13:49:14 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 13:49:14 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 13:49:13 10240 ----a-w- c:\windows\system32\finger.exe
2009-08-14 13:48:02 105984 ----a-w- c:\windows\system32\netiohlp.dll
2008-01-21 02:43:21 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2003-03-21 12:45:22 250544 ----a-w- c:\program files\common files\keyhelp.ocx

============= FINISH: 15:31:03.93 ===============

Thanks, andy.

Attached Files



BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,651 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:02:27 AM

Posted 07 November 2009 - 10:17 PM

hi ImAndy,

Your log is a few days old. If you still need help simply reply to my post.

How Can I Reduce My Risk to Malware?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users