Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

am i sick?


  • This topic is locked This topic is locked
2 replies to this topic

#1 blink123

blink123

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 10 November 2009 - 03:18 PM

what may be problematic and can be removed?
our server is really bogged, sluggish... trying to clean it up

DDS (Ver_09-10-26.01) - NTFSx86
Run by administrator at 12:45:35.07 on Tue 11/10/2009
Internet Explorer: 6.0.2800.1106
Microsoft Windows 2000 Server 5.0.2195.4.1252.1.1033.18.2048.1140 [GMT -7:00]


============== Running Processes ===============

C:\WINNT\System32\termsrv.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\VERITAS\Backup Exec\NT\pvlsvr.exe
C:\Program Files\VERITAS\Backup Exec\NT\benser.exe
C:\Program Files\VERITAS\Backup Exec\NT\nsvr.exe
C:\WINNT\System32\cisvc.exe
C:\WINNT\System32\CPQNiMgt\CPQNIMGT.EXE
C:\WINNT\System32\CpqRcmc.exe
C:\WINNT\system32\cpqmgmt\CqMgServ\CqMgServ.EXE
C:\WINNT\system32\cpqmgmt\cqmgstor\cqmgstor.exe
C:\PROGRA~1\SAV\DefWatch.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\WINNT\System32\cba\pds.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINNT\System32\llssrv.exe
C:\PROGRA~1\SAV\Rtvscan.exe
C:\PROGRA~1\Symantec\SYMANT~1\NSCTOP.EXE
C:\WINNT\system32\ntfrs.exe
C:\WINNT\system32\pctspk.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\System32\locator.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\50\bin\OWSTIMER.EXE
C:\WINNT\system32\stisvc.exe
C:\compaq\survey\Surveyor.EXE
C:\WINNT\System32\sysdown.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\wins.exe
C:\Program Files\VERITAS\Backup Exec\NT\alertServer.exe
C:\WINNT\system32\cpqmgmt\CqMgHost\CQMGHOST.EXE
C:\WINNT\System32\dns.exe
C:\WINNT\system32\ams_ii\hndlrsvc.exe
C:\WINNT\system32\MsgSys.EXE
C:\WINNT\system32\ams_ii\iao.exe
C:\WINNT\system32\cba\xfr.exe
C:\WINNT\System32\ismserv.exe
C:\WINNT\System32\modemshr.exe
C:\WINNT\System32\msdtc.exe
C:\Program Files\Exchsrvr\bin\exmgmt.exe
C:\Program Files\Exchsrvr\bin\mad.exe
C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe
C:\Program Files\Microsoft Shared Fax\Bin\FXSSVC.exe
C:\Program Files\VERITAS\Backup Exec\NT\beserver.exe
C:\Program Files\Exchsrvr\bin\store.exe
C:\Program Files\Exchsrvr\bin\emsmta.exe
C:\Program Files\VERITAS\Backup Exec\NT\bengine.exe
C:\Program Files\VERITAS\Backup Exec\NT\benetns.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\CPQTEAM.EXE
C:\PROGRA~1\SAV\vptray.exe
C:\Program Files\NetMeeting\df\scvhot.exe
C:\Program Files\proxyhunter\ProxyHunter.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\LS3\LS3EXEC.EXE
C:\WINNT\system32\taskmgr.exe
C:\WINNT\System32\cidaemon.exe
C:\WINNT\System32\cidaemon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Documents and Settings\Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.comhelpdesk.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = CCI:8080
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
mWinlogon: Userinit=c:\winnt\system32\userinit.exe,c:\winnt\system32\syshlp.exe
EB: Media Band: {32683183-48a0-441b-a342-7c2a440a9478} - %SystemRoot%\System32\browseui.dll
uRun: [VAC] vac.exe
uRunServices: [VAC] vac.exe
mRun: [CPQTEAM] CPQTEAM.EXE
mRun: [vptray] c:\progra~1\sav\vptray.exe
mRun: [VAC] vac.exe
mRun: [CountrySelection] pctptt.exe
mRun: [Service Manager] c:\recycled\system\smss.exe -b c:\recycled\system\recycler
mRun: [CCProxy] c:\program files\netmeeting\df\scvhot.exe
mRun: [ProxyHunter] c:\program files\proxyhunter\ProxyHunter.exe
mRun: [WinVNC] "c:\program files\tightvnc\WinVNC.exe" -servicehelper
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"
mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"
mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\scansoft\paperport\11\config\ereg\Ereg.ini
mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun
mRun: [Interactive Northwest Installer] D:\Setup.exe
mRun: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRunServices: [VAC] vac.exe
dRunOnce: [^SetupICWDesktop] c:\program files\internet explorer\connection wizard\icwconn1.exe /desktop
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\firewa~1.lnk - c:\program files\microsoft firewall client\ISATRAY.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\lsiiie~1.lnk - c:\ls3\LS3EXEC.EXE
mPolicies-explorer: ShowSuperHidden = 1 (0x1)
LSP: c:\program files\microsoft firewall client\wspwsp.dll
DPF: DirectAnimation Java Classes - file://c:\winnt\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\winnt\java\classes\xmldso.cab
DPF: {0645D7F3-C20E-4E0B-A545-557527497C0B} - hxxp://a14.g.akamai.net/f/14/7141/1d/www.nielsennetpanel.com/netmeter4_6/NetMeter_preinstaller_activex_en_4.70.19.0_MEGAPANEL_USA.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - hxxps://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} - hxxps://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - hxxps://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9563.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1211906137671
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37679.5123148148
DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: {84D8ABEC-D775-4ED8-AF9C-71053B3B8871} = 192.168.10.3
Notify: NavLogon - c:\winnt\system32\\NavLogon.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, pwdssp.dll
LSA: Notification Packages = FPNWCLNT RASSFM KDCSVC scecli

============= SERVICES / DRIVERS ===============

R0 Cpq32fs2;Cpq32fs2;c:\winnt\system32\drivers\CPQ32FS2.SYS [2001-11-2 64496]
R0 DfsDriver;DfsDriver;c:\winnt\system32\drivers\dfs.sys [2000-7-26 74448]
R0 Lbd;Lbd;c:\winnt\system32\drivers\Lbd.sys [2009-10-20 64288]
R1 CPQDAEN;CPQDAEN;c:\winnt\system32\drivers\CPQDAEN.SYS [2001-11-2 69872]
R1 oreans32;oreans32;c:\winnt\system32\drivers\oreans32.sys [2006-11-3 33952]
R1 sysmgmt;Compaq System Management Interface Driver;c:\winnt\system32\drivers\sysmgmt.sys [2001-11-2 4816]
R2 CNMPROT;Compaq Network Management Protocol Driver;c:\winnt\system32\drivers\cnmprot.sys [2001-11-2 14800]
R2 csrss;csrss;c:\winnt\system\csrss.exe [2006-8-30 3392512]
R2 DNS;DNS Server;c:\winnt\system32\DNS.EXE [2001-11-2 335120]
R2 EXIFS;EXIFS;c:\winnt\system32\drivers\exifs.sys [2003-7-15 210688]
R2 GKSVC;Microsoft H.323 Gatekeeper;svchost.exe -k iptelsvcs --> svchost.exe [?]
R2 IMAP4Svc;Microsoft Exchange IMAP4;c:\winnt\system32\inetsrv\inetinfo.exe [2003-8-12 14608]
R2 IsmServ;Intersite Messaging;c:\winnt\system32\ismserv.exe [2003-8-12 25872]
R2 kdc;Kerberos Key Distribution Center;c:\winnt\system32\LSASS.EXE [2002-7-22 33552]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-9-24 1179232]
R2 ModemSharingDriver;Shared Modem Service Driver;c:\winnt\system32\drivers\modemshr.sys [2001-11-2 145920]
R2 ModemSharingServer;Shared Modem Services;c:\winnt\system32\modemshr.exe [2001-11-2 18272]
R2 MSExchangeIS;Microsoft Exchange Information Store;c:\program files\exchsrvr\bin\store.exe [2003-7-15 4718592]
R2 MSExchangeMGMT;Microsoft Exchange Management;c:\program files\exchsrvr\bin\EXMGMT.EXE [2003-7-15 1867776]
R2 MSExchangeMTA;Microsoft Exchange MTA Stacks;c:\program files\exchsrvr\bin\emsmta.exe [2003-7-15 1798144]
R2 MSExchangeSA;Microsoft Exchange System Attendant;c:\program files\exchsrvr\bin\mad.exe [2003-7-15 2973696]
R2 MspFltEx;ISA Server Packet Filter Extension Driver;c:\winnt\system32\drivers\MSPFLTEX.SYS [2000-12-15 41328]
R2 MspNAT;ISA Server Network Address Translation (NAT) Driver;c:\winnt\system32\drivers\MSPNAT.SYS [2000-12-15 24976]
R2 MSSEARCH;Microsoft Search;c:\program files\common files\system\mssearch\bin\mssearch.exe [2001-9-20 69632]
R2 NntpSvc;Network News Transport Protocol (NNTP);c:\winnt\system32\inetsrv\inetinfo.exe [2003-8-12 14608]
R2 NtFrs;File Replication Service;c:\winnt\system32\ntfrs.exe [2003-8-12 745232]
R2 POP3Svc;Microsoft Exchange POP3;c:\winnt\system32\inetsrv\inetinfo.exe [2003-8-12 14608]
R2 RESvc;Microsoft Exchange Routing Engine;c:\winnt\system32\inetsrv\inetinfo.exe [2003-8-12 14608]
R2 SharedFax;Microsoft Shared Fax;c:\program files\microsoft shared fax\bin\FXSSVC.exe [2000-12-17 676496]
R2 SPTimer;SharePoint Timer Service;c:\program files\common files\microsoft shared\web server extensions\50\bin\OWSTIMER.EXE [2001-2-16 345504]
R2 TrkSvr;Distributed Link Tracking Server;c:\winnt\system32\SERVICES.EXE [2000-7-26 92944]
R2 WINS;Windows Internet Name Service (WINS);c:\winnt\system32\WINS.EXE [2009-5-28 153360]
R3 4mmdat;4mmdat;c:\winnt\system32\drivers\4mmdat.sys [2001-11-2 10928]
R3 atirage;atirage;c:\winnt\system32\drivers\ati2mpah.sys [2001-11-2 74304]
R3 cpqasm;Compaq Advanced System Management Controller;c:\winnt\system32\drivers\cpqasm.sys [2001-11-2 274608]
R3 N100;HP Ethernet or Fast Ethernet NIC Driver;c:\winnt\system32\drivers\n100nt5.sys [2001-11-2 160306]
R3 spud;Special Purpose Utility Driver;c:\winnt\system32\drivers\spud.sys [2001-11-2 12336]
S1 SCSIChanger;SCSIChanger;c:\winnt\system32\drivers\scsichng.sys [2001-11-2 10112]
S2 AppToService_WebManager;WebManager;c:\winnt\system32\drivers\etc\nhcv32.exe [2006-7-6 24576]
S2 isactrl;Microsoft ISA Server Control;c:\program files\microsoft isa server\MSPADMIN.EXE [2000-12-15 172816]
S2 tcpsys;WinNT System Host;c:\winnt\system32\taskgmr.exe --> c:\winnt\system32\taskgmr.exe [?]
S2 W3Proxy;Microsoft Web Proxy;c:\program files\microsoft isa server\W3PROXY.EXE [2000-12-15 367888]
S2 w3schdwn;Microsoft Scheduled Cache Content Download;c:\program files\microsoft isa server\W3PREFCH.EXE [2000-12-15 34064]
S2 win32;win32;c:\winnt\svchost.exe --> c:\winnt\svchost.exe [?]
S3 CPQTeam;Compaq Network Teaming and Configuration;c:\winnt\system32\drivers\cpqteam.sys [2001-5-2 26928]
S3 DHCPServer;DHCP Server;c:\winnt\system32\tcpsvcs.exe [2000-7-26 25360]
S3 Fwsrv;Microsoft Firewall;c:\program files\microsoft isa server\WSPSRV.EXE [2000-12-15 292112]
S3 MSExchangeES;Microsoft Exchange Event;c:\program files\exchsrvr\bin\EVENTS.EXE [2002-6-18 106496]
S3 MSPOP3Connector;Microsoft Connector for POP3 Mailboxes;c:\program files\microsoft backoffice\connectivity\pop3 connector\vmimb.exe [2001-11-2 265488]
S3 TDASYNC;TDASYNC;c:\winnt\system32\drivers\tdasync.sys [2001-11-2 12664]
S3 TDIPX;TDIPX;c:\winnt\system32\drivers\tdipx.sys [2001-11-2 20760]
S3 TDNETB;TDNETB;c:\winnt\system32\drivers\tdnetb.sys [2001-11-2 18392]
S3 TDSPX;TDSPX;c:\winnt\system32\drivers\tdspx.sys [2001-11-2 18264]
S3 Winacisa;Winacisa;c:\winnt\system32\drivers\Winacisa.sys [2006-8-24 771824]
S4 CpqWebMgmt;Compaq Web Agent;c:\winnt\system32\cpqmgmt\cpqwmgmt.exe [2001-11-2 20752]
S4 GrayPigeon_Hacker;GrayPigeon_Hacker;c:\winnt\hacker.exe --> c:\winnt\Hacker.exe [?]
S4 LanSafe III PM;LanSafe III Power Monitor;c:\ls3\LS3SVC.EXE [1999-11-29 82432]
S4 MSExchangeSRS;Microsoft Exchange Site Replication Service;c:\program files\exchsrvr\bin\SRSMAIN.exe [2003-7-15 401408]

=============== Created Last 30 ================

2009-11-10 19:16:21 0 d-----w- c:\program files\Trend Micro
2009-11-10 17:43:14 16384 ----atw- c:\winnt\system32\Perflib_Perfdata_7a0.dat
2009-10-30 15:58:59 93360 ----a-w- c:\winnt\system32\drivers\SBREDrv.sys
2009-10-28 14:12:29 831336 ---h--w- c:\winnt\ShellIconCache
2009-10-20 15:56:56 64288 ----a-w- c:\winnt\system32\drivers\Lbd.sys
2009-10-20 15:52:16 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-10-16 22:30:56 0 d-----w- c:\docume~1\admini~1\applic~1\TeamViewer
2009-10-16 22:30:00 0 d-----w- c:\program files\TeamViewer
2009-10-16 22:29:17 0 d-----w- c:\documents and settings\administrator\temp

==================== Find3M ====================

2009-11-10 17:51:22 6125514 ----a-w- c:\program files\Document.rtf
2009-10-20 17:49:48 5211 ----a-w- c:\winnt\system32\tcpsystemadxv86.dll
2009-10-20 17:49:44 2004 ----a-w- c:\winnt\system32\iosystemngr.dll
2009-10-19 18:09:52 2708992 ------w- c:\winnt\system32\dllcache\MSHTML.DLL
2009-09-05 06:36:22 55056 ------w- c:\winnt\system32\msasn1.dll
2009-09-05 06:36:22 55056 ------w- c:\winnt\system32\dllcache\msasn1.dll
2009-09-05 06:35:58 118544 ------w- c:\winnt\system32\dllcache\ftpsvc2.dll
2009-09-03 09:17:47 15688 ----a-w- c:\winnt\system32\lsdelete.exe
2009-08-27 21:53:52 132096 ------w- c:\winnt\system32\dllcache\MSRATING.DLL
2009-08-27 21:53:30 143360 ------w- c:\winnt\system32\dllcache\CDFVIEW.DLL
2009-08-27 21:53:18 1018368 ------w- c:\winnt\system32\dllcache\BROWSEUI.DLL
2009-08-27 21:53:10 1352192 ------w- c:\winnt\system32\dllcache\SHDOCVW.DLL
2009-08-27 21:53:00 402944 ------w- c:\winnt\system32\dllcache\SHLWAPI.DLL
2009-08-27 21:51:14 576512 ----a-w- c:\winnt\system32\WININET.DLL
2009-08-27 21:51:14 576512 ------w- c:\winnt\system32\dllcache\WININET.DLL
2009-08-27 21:51:10 471040 ------w- c:\winnt\system32\dllcache\URLMON.DLL
2009-08-27 21:51:10 12288 ------w- c:\winnt\system32\dllcache\JSPROXY.DLL
2009-08-27 21:50:54 69632 ------w- c:\winnt\system32\dllcache\INSENG.DLL
2009-08-27 21:50:52 236032 ------w- c:\winnt\system32\dllcache\IEPEERS.DLL
2009-08-27 21:50:50 34816 ------w- c:\winnt\system32\dllcache\PNGFILT.DLL
2009-08-27 21:50:46 351744 ------w- c:\winnt\system32\dllcache\DXTMSFT.DLL
2009-08-27 21:50:42 192512 ------w- c:\winnt\system32\dllcache\DXTRANS.DLL
2009-08-27 21:50:40 498176 ------w- c:\winnt\system32\dllcache\MSTIME.DLL
2009-08-21 23:06:52 247326 ------w- c:\winnt\system32\strmdll.dll
2009-08-21 23:06:52 247326 ------w- c:\winnt\system32\dllcache\strmdll.dll
2009-08-18 19:08:52 2360832 ------w- c:\winnt\system32\dllcache\VGX.DLL
2009-08-16 17:03:01 16384 -----tw- c:\winnt\system32\Perflib_Perfdata_1ec.dat
2009-08-16 16:44:34 16384 -----tw- c:\winnt\system32\Perflib_Perfdata_1d0.dat
2009-08-14 21:20:53 16384 -----tw- c:\winnt\system32\Perflib_Perfdata_7d8.dat
2009-03-10 20:54:40 66048 ------w- c:\program files\dsperms.doc
2009-03-10 19:41:54 493 ------w- c:\program files\dsacls cn.doc
2009-03-10 19:31:21 24064 ------w- c:\program files\ldifde.doc
2009-03-10 16:41:15 145016 ------w- c:\program files\Q815062_W2K_spl_X86_EN.exe
2009-03-10 16:16:26 4753538 ------w- c:\program files\195974_ENU_i386_zip.exe
2009-03-05 23:47:59 1277736 ------w- c:\program files\ProcessMonitor.zip
2009-02-25 01:30:16 308046968 ------w- c:\program files\SBSSP1a.exe
2008-11-18 23:43:38 336896 ------w- c:\program files\UPHClean-Setup.msi
2008-11-18 23:36:58 7085568 ------w- c:\program files\ExBPA.msi
2008-11-18 23:12:01 118424 ------w- c:\program files\ifmember_setup.exe
2008-11-18 23:11:03 313344 ------w- c:\program files\delprof.msi
2008-11-18 23:09:50 403456 ------w- c:\program files\frsdiag.msi
2008-11-18 23:08:32 1061456 ------w- c:\program files\sonar_setup.exe
2008-11-18 23:06:50 155232 ------w- c:\program files\wntipcfg_setup.exe
2008-11-18 23:05:37 790144 ------w- c:\program files\rpings.exe
2008-11-18 23:05:21 667264 ------w- c:\program files\rpcdump.exe
2008-11-18 23:05:05 170592 ------w- c:\program files\rpccfg_setup.exe
2008-11-18 23:04:22 263264 ------w- c:\program files\netdiag_setup.exe
2008-11-18 23:03:46 785560 ------w- c:\program files\gpresult.exe
2008-11-18 23:03:29 752280 ------w- c:\program files\gpotool.exe
2004-09-08 21:40:44 2624460 ------w- c:\program files\aawsepersonal.exe
2001-11-02 20:51:14 271 ---h--w- c:\program files\desktop.ini
2001-11-02 20:51:14 21952 ---h--w- c:\program files\folder.htt
2000-07-26 12:00:00 32528 ------w- c:\winnt\inf\wbfirdma.sys

============= FINISH: 12:46:07.28 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:41 AM

Posted 16 November 2009 - 07:14 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :(
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:41 AM

Posted 20 November 2009 - 06:27 PM

Since this issue appears to be resolved ... this topic has been closed. Glad we could help. :(

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users