Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

dds report


  • This topic is locked This topic is locked
36 replies to this topic

#1 amhere

amhere

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 13 November 2009 - 02:28 PM

hxxp://my.earthlink.net/

DDS (Ver_09-10-26.01) - NTFSx86
Run by Bo at 1:48:11.64 on Fri 11/13/2009
Internet Explorer: 8.0.6001.18828 BrowserJavaVersion: 1.6.0_17
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6002.2.1252.1.1033.18.1526.510 [GMT -8:00]

AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Norton Internet Security *enabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\System32\mobsync.exe
DDS (Ver_09-10-26.01) - NTFSx86
Run by Bo at 1:24:19.37 on Fri 11/13/2009
Internet Explorer: 8.0.6001.18828 BrowserJavaVersion: 1.6.0_17
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6002.2.1252.1.1033.18.1526.573 [GMT -8:00]

AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Norton Internet Security *enabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\System32\mobsync.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
C:\Program Files\Wipe\wipetray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Vidalia Bundle\Tor\tor.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\hp\kbd\kbd.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Java\jre6\bin\jp2launcher.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Bo\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://my.earthlink.net
uSearch Bar = hxxp://start.earthlink.net/AL/Search
mStart Page = hxxp://www.yahoo.com/
mDefault_Page_URL = hxxp://www.yahoo.com/
mSearchAssistant = hxxp://start.earthlink.net/AL/Search
uURLSearchHooks: Live TV Toolbar: {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - c:\program files\live_tv\tbLive.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {1e8a6170-7264-4d0f-beae-d42a53123c75} - c:\program files\common files\symantec shared\coshared\browser\1.0\NppBho.dll
BHO: ElnkPubBHO Class: {512acf1b-64d9-4928-b382-a80556f28db4} - c:\program files\earthlink\toolbar\ElnkPuB.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: ElnkProtectionBHO Class: {9579d574-d4d8-4335-9560-fe8641a013bd} - c:\program files\earthlink\toolbar\ProtctIE.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: Live TV Toolbar: {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - c:\program files\live_tv\tbLive.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.1125.0\msneshellx.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: ElnkLegacyUninstBHO Class: {e713904c-df05-4c79-bbad-02db923253be} - c:\program files\earthlink\toolbar\uninsttb.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
TB: Show Norton Toolbar: {90222687-f593-4738-b738-fbee9c7b26df} - c:\program files\common files\symantec shared\coshared\browser\1.0\UIBHO.dll
TB: Live TV Toolbar: {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - c:\program files\live_tv\tbLive.dll
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.1125.0\msneshellx.dll
TB: EarthLink Toolbar: {c7768536-96f8-4001-b1a2-90ee21279187} - c:\program files\earthlink\toolbar\Toolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Vidalia] "c:\program files\vidalia bundle\vidalia\vidalia.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [CCUTRAYICON] FactoryMode
mRun: [HP Software Update] c:\program files\hewlett-packard\hp software update\HPWuSchd2.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [osCheck] "c:\program files\norton internet security\osCheck.exe"
mRun: [<NO NAME>]
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [hpqSRMon] c:\program files\hewlett-packard\digital imaging\bin\hpqSRMon.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\users\bo\appdata\roaming\micros~1\windows\startm~1\programs\startup\wipetr~1.lnk - c:\program files\wipe\wipetray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\privoxy.lnk - c:\program files\vidalia bundle\privoxy\privoxy.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: EarthLink Google Search - c:\program files\earthlink\toolbar\SearchUI.dll/search.html
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_A54B7D6FB1DA63EA.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} - hxxp://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\bo\appdata\roaming\mozilla\firefox\profiles\v6x80uwd.default\
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\idsdefs\20091110.002\IDSvix86.sys [2009-11-12 272432]
R2 DQLWinService;DQLWinService;c:\program files\common files\intel\inteldh\nms\adpplugins\DQLWinService.exe [2006-9-3 208896]
R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512]
R2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\common files\microsoft shared\windows live\WLIDSVC.EXE [2009-3-30 1533808]
R2 YahooAUService;Yahoo! Updater;c:\program files\yahoo!\softwareupdate\YahooAUService.exe [2008-11-9 602392]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-9-27 102448]
R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2009-8-3 38448]
S2 gupdate1ca4858648a64f4;Google Update Service (gupdate1ca4858648a64f4);c:\program files\google\update\GoogleUpdate.exe [2009-10-8 133104]
S2 IntelDHSvcConf;Intel DH Service;c:\program files\intel\inteldh\intel media server\tools\IntelDHSvcConf.exe [2006-5-10 29696]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-9-28 21504]

=============== Created Last 30 ================

2009-11-11 22:45:34 0 d-----w- c:\programdata\TEMP
2009-11-11 22:44:28 0 d-----w- c:\program files\LSoft Technologies
2009-11-09 23:48:34 0 d-----w- c:\program files\JRE
2009-11-09 23:48:18 0 d-----w- c:\program files\OpenOffice.org 3
2009-11-04 23:39:16 0 d-----w- c:\programdata\HP Product Assistant
2009-11-04 22:36:58 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-11-04 20:13:07 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2009-11-03 01:34:36 0 d-----w- c:\users\bo\appdata\roaming\WIPE
2009-11-03 01:34:30 172032 ----a-w- c:\windows\system32\temp.002
2009-11-03 01:34:30 1384479 ----a-w- c:\windows\system32\temp.003
2009-11-03 01:34:29 219136 ----a-w- c:\windows\sqlite3_engine.dll
2009-11-03 01:34:28 7168 ----a-w- c:\windows\system32\temp.001
2009-11-03 01:34:26 76288 ----a-w- c:\windows\system32\temp.000
2009-11-03 01:34:25 219136 ----a-w- c:\windows\system32\sqlite3_engine.dll
2009-11-03 01:34:25 139776 ----a-w- c:\windows\system32\dhSQLite.dll
2009-11-03 01:34:25 0 d-----w- c:\program files\Wipe
2009-10-30 22:10:09 118272 ----a-w- c:\windows\system32\hpz3l4x6.dll
2009-10-30 22:09:07 0 d-----w- c:\windows\marco
2009-10-30 22:08:09 423035 ------w- c:\windows\hpwins10.dat.temp
2009-10-30 22:08:09 1042 ------w- c:\windows\hpwmdl10.dat.temp
2009-10-30 22:08:06 892928 ----a-w- c:\windows\system32\hpwtiop2.dll
2009-10-30 22:08:06 675840 ----a-w- c:\windows\system32\hpwwiax2.dll
2009-10-30 22:08:06 364544 ----a-w- c:\windows\system32\hppldcoi.dll
2009-10-30 22:08:06 294912 ----a-w- c:\windows\system32\hpovst11.dll
2009-10-30 22:07:57 1269760 ----a-w- c:\windows\hpzshl01.exe
2009-10-30 22:07:56 1126400 ----a-w- c:\windows\hpzmsi01.exe
2009-10-30 22:07:50 1042 ----a-w- c:\windows\hpwmdl10.dat
2009-10-30 22:07:50 10376 ----a-w- c:\windows\hpwscr10.dat
2009-10-30 22:06:00 136350 ----a-w- c:\windows\hpwins10.dat
2009-10-30 10:14:19 0 d-----w- c:\program files\common files\Hewlett-Packard
2009-10-29 14:23:58 0 d-----w- c:\program files\Windows Portable Devices
2009-10-29 14:23:28 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-10-29 14:20:38 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-10-29 14:18:45 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-29 14:18:43 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-10-29 14:18:43 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-10-29 06:58:11 0 d-----w- c:\program files\common files\HP
2009-10-29 06:57:10 19548 ----a-w- c:\windows\hpqins13.dat
2009-10-29 06:57:09 0 d-----w- c:\programdata\HP
2009-10-29 03:54:48 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-29 03:54:27 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-10-29 03:54:10 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-10-29 03:54:10 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-10-27 22:47:21 310784 ----a-w- c:\windows\system32\unregmp2.exe
2009-10-27 22:47:08 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-10-15 21:54:40 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-15 21:54:29 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-10-15 21:54:29 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-10-15 21:51:59 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-10-15 21:51:56 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-10-15 21:51:52 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL

==================== Find3M ====================

2009-11-03 04:42:06 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-30 22:11:23 86016 ----a-w- c:\windows\inf\infstor.dat
2009-10-30 10:13:10 51200 ----a-w- c:\windows\inf\infpub.dat
2009-10-30 10:13:10 143360 ----a-w- c:\windows\inf\infstrng.dat
2009-10-29 14:23:54 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-10-11 12:17:27 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-01 01:02:17 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02:05 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02:04 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02:00 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01:59 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01:59 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01:56 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01:56 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01:56 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01:56 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01:54 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys
2009-10-01 01:01:50 226816 ----a-w- c:\windows\system32\WpdMtp.dll
2009-10-01 01:01:49 61952 ----a-w- c:\windows\system32\WpdMtpUS.dll
2009-10-01 01:01:49 33280 ----a-w- c:\windows\system32\WpdConns.dll
2009-09-30 02:07:24 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-09-30 00:31:31 37665 ----a-w- c:\windows\fonts\GlobalUserInterface.CompositeFont
2009-09-28 23:54:31 174 --sha-w- c:\program files\desktop.ini
2009-09-28 23:16:51 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-09-28 23:16:44 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-09-28 21:52:33 0 ----a-w- c:\users\bo\appdata\roaming\wklnhst.dat
2009-09-28 03:59:51 37888 ----a-w- c:\windows\system32\printcom.dll
2009-09-28 03:59:29 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-09-28 03:59:27 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-09-28 03:59:27 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-09-28 03:52:56 1820 --sha-r- c:\windows\system32\drivers\103C_HP_CPC_RX886AA-ABA a6013w_YC_0Pavi_QMXF717_E72NAv3PrA2_49_ILEONITE_SASUSTek Computer INC._V5.00_B5.17_T070420_WUH0_L409_M1526_J320_7Intel_8Pentium D_93_#090928_N808627DC_Z14F12F20_G80862772.MRK
2009-09-28 03:21:40 2048 ----a-w- c:\windows\system32\tzres.dll
2009-09-28 03:20:04 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-09-28 03:20:04 272896 ----a-w- c:\windows\system32\polstore.dll
2009-09-28 03:14:34 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-09-28 03:14:34 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-09-28 03:14:34 17920 ----a-w- c:\windows\system32\netevent.dll
2009-09-28 03:14:34 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-09-28 03:14:33 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-09-28 03:14:33 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-09-28 03:14:33 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-09-28 03:14:33 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-09-28 03:14:33 10240 ----a-w- c:\windows\system32\finger.exe
2009-09-28 03:14:32 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-09-28 03:14:31 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-09-28 03:11:29 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-09-28 03:11:28 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2009-09-28 03:11:28 65024 ----a-w- c:\windows\system32\wlanapi.dll
2009-09-28 03:11:28 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-09-28 03:11:28 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-09-28 03:11:28 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-09-28 03:11:25 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2009-09-28 03:10:31 2034688 ----a-w- c:\windows\system32\win32k.sys
2009-09-28 03:09:38 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-09-28 03:09:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-09-28 03:09:37 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-09-28 03:09:37 34304 ----a-w- c:\windows\system32\atmlib.dll
2009-09-28 03:09:37 23552 ----a-w- c:\windows\system32\lpk.dll
2009-09-28 03:09:37 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-09-28 03:07:55 2868224 ----a-w- c:\windows\system32\mf.dll
2009-09-28 03:07:54 98816 ----a-w- c:\windows\system32\mfps.dll
2009-09-28 03:07:54 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2009-09-28 03:07:54 24576 ----a-w- c:\windows\system32\mfpmp.exe
2009-09-28 03:07:54 2048 ----a-w- c:\windows\system32\mferror.dll
2009-09-28 03:04:19 71680 ----a-w- c:\windows\system32\atl.dll
2009-09-28 02:55:44 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-09-28 02:54:53 136192 ----a-w- c:\windows\system32\aaclient.dll
2009-09-28 02:54:52 53248 ----a-w- c:\windows\system32\tsgqec.dll
2009-09-28 02:54:52 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-09-28 02:53:10 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-09-28 02:47:36 623616 ----a-w- c:\windows\system32\localspl.dll
2009-09-28 02:46:55 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-09-28 02:46:54 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-09-28 02:46:54 65024 ----a-w- c:\windows\system32\avicap32.dll
2009-09-28 02:46:54 31232 ----a-w- c:\windows\system32\msvidc32.dll
2009-09-28 02:46:54 12800 ----a-w- c:\windows\system32\msrle32.dll
2009-09-28 02:46:54 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-09-28 02:41:15 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-09-28 02:41:15 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-09-28 02:41:14 9728 ----a-w- c:\windows\system32\lsass.exe
2009-09-28 02:41:14 72704 ----a-w- c:\windows\system32\secur32.dll
2009-09-28 02:41:14 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-09-28 02:41:14 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2009-09-28 02:41:13 270848 ----a-w- c:\windows\system32\schannel.dll
2009-09-28 02:37:59 6014976 ----a-w- c:\windows\system32\NlsLexicons001a.dll
2009-09-28 02:35:26 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-09-28 02:29:21 14848 ----a-w- c:\windows\system32\wshrm.dll
2009-09-28 02:18:22 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-09-28 02:11:09 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-09-28 02:11:06 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dllhttp://www.bleepingcomputer.com/forums/index.php?showforum=22
2009-09-28 02:11:06 1696768 ----a-w- c:\windows\system32\gameux.dll
2009-09-28 02:10:21 84480 ----a-w- c:\windows\system32\INETRES.dll
2009-09-28 02:09:57 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-09-28 02:08:05 2048 ----a-w- c:\windows\system32\msxml6r.dll
2009-09-28 01:37:48 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-09-28 01:37:48 124464 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-09-28 01:37:48 10635 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-09-27 20:32:30 122938 ----a-r- c:\windows\HPCPCUninstaller-6.3.2.139-6811507.exe
2009-09-27 20:12:59 319456 ----a-w- c:\windows\DIFxAPI.dll

============= FINISH: 1:25:44.46 ===============

C:\Windows\RtHDVCpl.exe
C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
C:\Program Files\Wipe\wipetray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Vidalia Bundle\Tor\tor.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\hp\kbd\kbd.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Java\jre6\bin\jp2launcher.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\wscript.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Bo\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://my.earthlink.net
uSearch Bar = hxxp://start.earthlink.net/AL/Search
mStart Page = hxxp://www.yahoo.com/
mDefault_Page_URL = hxxp://www.yahoo.com/
mSearchAssistant = hxxp://start.earthlink.net/AL/Search
uURLSearchHooks: Live TV Toolbar: {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - c:\program files\live_tv\tbLive.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {1e8a6170-7264-4d0f-beae-d42a53123c75} - c:\program files\common files\symantec shared\coshared\browser\1.0\NppBho.dll
BHO: ElnkPubBHO Class: {512acf1b-64d9-4928-b382-a80556f28db4} - c:\program files\earthlink\toolbar\ElnkPuB.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: ElnkProtectionBHO Class: {9579d574-d4d8-4335-9560-fe8641a013bd} - c:\program files\earthlink\toolbar\ProtctIE.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: Live TV Toolbar: {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - c:\program files\live_tv\tbLive.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.1125.0\msneshellx.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: ElnkLegacyUninstBHO Class: {e713904c-df05-4c79-bbad-02db923253be} - c:\program files\earthlink\toolbar\uninsttb.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
TB: Show Norton Toolbar: {90222687-f593-4738-b738-fbee9c7b26df} - c:\program files\common files\symantec shared\coshared\browser\1.0\UIBHO.dll
TB: Live TV Toolbar: {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - c:\program files\live_tv\tbLive.dll
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.1125.0\msneshellx.dll
TB: EarthLink Toolbar: {c7768536-96f8-4001-b1a2-90ee21279187} - c:\program files\earthlink\toolbar\Toolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Vidalia] "c:\program files\vidalia bundle\vidalia\vidalia.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [CCUTRAYICON] FactoryMode
mRun: [HP Software Update] c:\program files\hewlett-packard\hp software update\HPWuSchd2.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [osCheck] "c:\program files\norton internet security\osCheck.exe"
mRun: [<NO NAME>]
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [hpqSRMon] c:\program files\hewlett-packard\digital imaging\bin\hpqSRMon.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\users\bo\appdata\roaming\micros~1\windows\startm~1\programs\startup\wipetr~1.lnk - c:\program files\wipe\wipetray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\privoxy.lnk - c:\program files\vidalia bundle\privoxy\privoxy.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: EarthLink Google Search - c:\program files\earthlink\toolbar\SearchUI.dll/search.html
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_A54B7D6FB1DA63EA.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} - hxxp://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\bo\appdata\roaming\mozilla\firefox\profiles\v6x80uwd.default\
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\idsdefs\20091110.002\IDSvix86.sys [2009-11-12 272432]
R2 DQLWinService;DQLWinService;c:\program files\common files\intel\inteldh\nms\adpplugins\DQLWinService.exe [2006-9-3 208896]
R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512]
R2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\common files\microsoft shared\windows live\WLIDSVC.EXE [2009-3-30 1533808]
R2 YahooAUService;Yahoo! Updater;c:\program files\yahoo!\softwareupdate\YahooAUService.exe [2008-11-9 602392]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-9-27 102448]
R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2009-8-3 38448]
S2 gupdate1ca4858648a64f4;Google Update Service (gupdate1ca4858648a64f4);c:\program files\google\update\GoogleUpdate.exe [2009-10-8 133104]
S2 IntelDHSvcConf;Intel DH Service;c:\program files\intel\inteldh\intel media server\tools\IntelDHSvcConf.exe [2006-5-10 29696]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-9-28 21504]

=============== Created Last 30 ================

2009-11-11 22:45:34 0 d-----w- c:\programdata\TEMP
2009-11-11 22:44:28 0 d-----w- c:\program files\LSoft Technologies
2009-11-09 23:48:34 0 d-----w- c:\program files\JRE
2009-11-09 23:48:18 0 d-----w- c:\program files\OpenOffice.org 3
2009-11-04 23:39:16 0 d-----w- c:\programdata\HP Product Assistant
2009-11-04 22:36:58 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-11-04 20:13:07 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2009-11-03 01:34:36 0 d-----w- c:\users\bo\appdata\roaming\WIPE
2009-11-03 01:34:30 172032 ----a-w- c:\windows\system32\temp.002
2009-11-03 01:34:30 1384479 ----a-w- c:\windows\system32\temp.003
2009-11-03 01:34:29 219136 ----a-w- c:\windows\sqlite3_engine.dll
2009-11-03 01:34:28 7168 ----a-w- c:\windows\system32\temp.001
2009-11-03 01:34:26 76288 ----a-w- c:\windows\system32\temp.000
2009-11-03 01:34:25 219136 ----a-w- c:\windows\system32\sqlite3_engine.dll
2009-11-03 01:34:25 139776 ----a-w- c:\windows\system32\dhSQLite.dll
2009-11-03 01:34:25 0 d-----w- c:\program files\Wipe
2009-10-30 22:10:09 118272 ----a-w- c:\windows\system32\hpz3l4x6.dll
2009-10-30 22:09:07 0 d-----w- c:\windows\marco
2009-10-30 22:08:09 423035 ------w- c:\windows\hpwins10.dat.temp
2009-10-30 22:08:09 1042 ------w- c:\windows\hpwmdl10.dat.temp
2009-10-30 22:08:06 892928 ----a-w- c:\windows\system32\hpwtiop2.dll
2009-10-30 22:08:06 675840 ----a-w- c:\windows\system32\hpwwiax2.dll
2009-10-30 22:08:06 364544 ----a-w- c:\windows\system32\hppldcoi.dll
2009-10-30 22:08:06 294912 ----a-w- c:\windows\system32\hpovst11.dll
2009-10-30 22:07:57 1269760 ----a-w- c:\windows\hpzshl01.exe
2009-10-30 22:07:56 1126400 ----a-w- c:\windows\hpzmsi01.exe
2009-10-30 22:07:50 1042 ----a-w- c:\windows\hpwmdl10.dat
2009-10-30 22:07:50 10376 ----a-w- c:\windows\hpwscr10.dat
2009-10-30 22:06:00 136350 ----a-w- c:\windows\hpwins10.dat
2009-10-30 10:14:19 0 d-----w- c:\program files\common files\Hewlett-Packard
2009-10-29 14:23:58 0 d-----w- c:\program files\Windows Portable Devices
2009-10-29 14:23:28 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-10-29 14:20:38 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-10-29 14:18:45 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-29 14:18:43 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-10-29 14:18:43 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-10-29 06:58:11 0 d-----w- c:\program files\common files\HP
2009-10-29 06:57:10 19548 ----a-w- c:\windows\hpqins13.dat
2009-10-29 06:57:09 0 d-----w- c:\programdata\HP
2009-10-29 03:54:48 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-29 03:54:27 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-10-29 03:54:10 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-10-29 03:54:10 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-10-27 22:47:21 310784 ----a-w- c:\windows\system32\unregmp2.exe
2009-10-27 22:47:08 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-10-15 21:54:40 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-15 21:54:29 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-10-15 21:54:29 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-10-15 21:51:59 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-10-15 21:51:56 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-10-15 21:51:52 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL

==================== Find3M ====================

2009-11-03 04:42:06 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-30 22:11:23 86016 ----a-w- c:\windows\inf\infstor.dat
2009-10-30 10:13:10 51200 ----a-w- c:\windows\inf\infpub.dat
2009-10-30 10:13:10 143360 ----a-w- c:\windows\inf\infstrng.dat
2009-10-29 14:23:54 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-10-11 12:17:27 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-01 01:02:17 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02:05 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02:04 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02:00 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01:59 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01:59 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01:56 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01:56 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01:56 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01:56 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01:54 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys
2009-10-01 01:01:50 226816 ----a-w- c:\windows\system32\WpdMtp.dll
2009-10-01 01:01:49 61952 ----a-w- c:\windows\system32\WpdMtpUS.dll
2009-10-01 01:01:49 33280 ----a-w- c:\windows\system32\WpdConns.dll
2009-09-30 02:07:24 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-09-30 00:31:31 37665 ----a-w- c:\windows\fonts\GlobalUserInterface.CompositeFont
2009-09-28 23:54:31 174 --sha-w- c:\program files\desktop.ini
2009-09-28 23:16:51 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-09-28 23:16:44 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-09-28 21:52:33 0 ----a-w- c:\users\bo\appdata\roaming\wklnhst.dat
2009-09-28 03:59:51 37888 ----a-w- c:\windows\system32\printcom.dll
2009-09-28 03:59:29 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-09-28 03:59:27 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-09-28 03:59:27 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-09-28 03:52:56 1820 --sha-r- c:\windows\system32\drivers\103C_HP_CPC_RX886AA-ABA a6013w_YC_0Pavi_QMXF717_E72NAv3PrA2_49_ILEONITE_SASUSTek Computer INC._V5.00_B5.17_T070420_WUH0_L409_M1526_J320_7Intel_8Pentium D_93_#090928_N808627DC_Z14F12F20_G80862772.MRK
2009-09-28 03:21:40 2048 ----a-w- c:\windows\system32\tzres.dll
2009-09-28 03:20:04 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-09-28 03:20:04 272896 ----a-w- c:\windows\system32\polstore.dll
2009-09-28 03:14:34 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-09-28 03:14:34 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-09-28 03:14:34 17920 ----a-w- c:\windows\system32\netevent.dll
2009-09-28 03:14:34 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-09-28 03:14:33 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-09-28 03:14:33 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-09-28 03:14:33 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-09-28 03:14:33 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-09-28 03:14:33 10240 ----a-w- c:\windows\system32\finger.exe
2009-09-28 03:14:32 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-09-28 03:14:31 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-09-28 03:11:29 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-09-28 03:11:28 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2009-09-28 03:11:28 65024 ----a-w- c:\windows\system32\wlanapi.dll
2009-09-28 03:11:28 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-09-28 03:11:28 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-09-28 03:11:28 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-09-28 03:11:25 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2009-09-28 03:10:31 2034688 ----a-w- c:\windows\system32\win32k.sys
2009-09-28 03:09:38 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-09-28 03:09:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-09-28 03:09:37 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-09-28 03:09:37 34304 ----a-w- c:\windows\system32\atmlib.dll
2009-09-28 03:09:37 23552 ----a-w- c:\windows\system32\lpk.dll
2009-09-28 03:09:37 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-09-28 03:07:55 2868224 ----a-w- c:\windows\system32\mf.dll
2009-09-28 03:07:54 98816 ----a-w- c:\windows\system32\mfps.dll
2009-09-28 03:07:54 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2009-09-28 03:07:54 24576 ----a-w- c:\windows\system32\mfpmp.exe
2009-09-28 03:07:54 2048 ----a-w- c:\windows\system32\mferror.dll
2009-09-28 03:04:19 71680 ----a-w- c:\windows\system32\atl.dll
2009-09-28 02:55:44 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-09-28 02:54:53 136192 ----a-w- c:\windows\system32\aaclient.dll
2009-09-28 02:54:52 53248 ----a-w- c:\windows\system32\tsgqec.dll
2009-09-28 02:54:52 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-09-28 02:53:10 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-09-28 02:47:36 623616 ----a-w- c:\windows\system32\localspl.dll
2009-09-28 02:46:55 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-09-28 02:46:54 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-09-28 02:46:54 65024 ----a-w- c:\windows\system32\avicap32.dll
2009-09-28 02:46:54 31232 ----a-w- c:\windows\system32\msvidc32.dll
2009-09-28 02:46:54 12800 ----a-w- c:\windows\system32\msrle32.dll
2009-09-28 02:46:54 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-09-28 02:41:15 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-09-28 02:41:15 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-09-28 02:41:14 9728 ----a-w- c:\windows\system32\lsass.exe
2009-09-28 02:41:14 72704 ----a-w- c:\windows\system32\secur32.dll
2009-09-28 02:41:14 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-09-28 02:41:14 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2009-09-28 02:41:13 270848 ----a-w- c:\windows\system32\schannel.dll
2009-09-28 02:37:59 6014976 ----a-w- c:\windows\system32\NlsLexicons001a.dll
2009-09-28 02:35:26 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-09-28 02:29:21 14848 ----a-w- c:\windows\system32\wshrm.dll
2009-09-28 02:18:22 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-09-28 02:11:09 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-09-28 02:11:06 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-09-28 02:11:06 1696768 ----a-w- c:\windows\system32\gameux.dll
2009-09-28 02:10:21 84480 ----a-w- c:\windows\system32\INETRES.dll
2009-09-28 02:09:57 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-09-28 02:08:05 2048 ----a-w- c:\windows\system32\msxml6r.dll
2009-09-28 01:37:48 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-09-28 01:37:48 124464 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-09-28 01:37:48 10635 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-09-27 20:32:30 122938 ----a-r- c:\windows\HPCPCUninstaller-6.3.2.139-6811507.exe
2009-09-27 20:12:59 319456 ----a-w- c:\windows\DIFxAPI.dll

============= FINISH: 1:48:37.84 ===============

Edited by Orange Blossom, 13 November 2009 - 02:53 PM.
Deactivate link. ~ OB


BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:07 AM

Posted 13 November 2009 - 02:39 PM

Hello amhere,

And :( to the Bleeping Computer Malware Removal Forum
, My name is Elise. I'll be glad to help you with your computer problems.


I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.

You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.
-----------------------------------------------------------
Please be patient and I'd be grateful if you would note the following:
  • The cleaning process is not instant. DDS logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.
In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem.


COMBOFIX
---------------
Please download ComboFix from one of these locations:Bleepingcomputer
ForoSpyware
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.


In your next reply, please include the following:
  • Combofix.txt

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#3 amhere

amhere
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 13 November 2009 - 07:20 PM

Hi Elise i did I do all that you needed to work on my PC ?

#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:07 AM

Posted 14 November 2009 - 03:13 AM

Hello amhere, I need to see your Combofix log.

You can find that by opening My Computer and double-clicking on your C drive.

In the C drive, look for combofix.txt

When you find it, double-click on it, it will open in Notepad. Copy all text you find there (press Ctrl + A and then Ctrl + C, this will copy all text).

Click here in the topic on the Fast reply button, click in the big empty box and press Ctrl + V (this will paste the copied combofix.txt in the reply. Click the Add Reply button.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#5 amhere

amhere
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 14 November 2009 - 01:13 PM

HI Elise, I dont know how to go into your PC. Can you tell me how to do it? Thanks so much

#6 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:07 AM

Posted 14 November 2009 - 01:19 PM

Click the Start button (left bottom on your desktop) and in the Start menu, click on Run

A small box will open. Type c:\combofix.txt and press enter.

This should open the Combofix log.

Copy all text you find there (press Ctrl + A and then Ctrl + C, this will copy all text).

Click here in the topic on the Fast reply button, click in the big empty box and press Ctrl + V (this will paste the copied combofix.txt in the reply. Click the Add Reply button.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#7 amhere

amhere
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 14 November 2009 - 01:34 PM

Hi Elise I did not find a run in my start menu?????

#8 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:07 AM

Posted 14 November 2009 - 01:40 PM

In the Start menu is a searchbox, type run there and press enter. You can continue with the second line from my previous post after that :(

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#9 amhere

amhere
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 14 November 2009 - 01:46 PM

Hi Elise, when i did that it said windows cannot find combotxt. Am sorry Elise I know this is taking up alot of your time.

#10 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:07 AM

Posted 14 November 2009 - 01:55 PM

Its no problem :( I am here to help you.

Did you download Combofix.exe and run it as I instructed in my first post?

If not, what was the problem?

Edited by elise025, 14 November 2009 - 01:55 PM.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#11 amhere

amhere
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 14 November 2009 - 03:53 PM

Hi Elise it keep saying I cannot use combofix as combofix1 how to i get that right?? right now i turned off the security

#12 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:07 AM

Posted 14 November 2009 - 04:12 PM

Try clicking one time on the Combofix pictogram and pressing enter. What does it say when you do that?

If it runs that way, just follow the instructions.


Its getting late here, I will be back online tomorrow :(

Edited by elise025, 14 November 2009 - 04:13 PM.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#13 amhere

amhere
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 14 November 2009 - 04:32 PM

ok Elise thanks so much for your help, I will be home from church about noon time. Thanks so much

#14 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:07 AM

Posted 15 November 2009 - 02:36 AM

Okay, when you get back at your computer, please try running Combofix as I instructed you. If that does not work, please let me know exactly what you tried and what happened.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#15 amhere

amhere
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:07 AM

Posted 15 November 2009 - 01:38 PM

Hi Elise,I tried to download it and then it will say you cannot use combofix1 I tried to download the other one too. It seems like it did but i see no place saying it downloaded. I am sorry i am causing you alot of problems with it. I have probally done something wrong when i downloaded it
thanks for your help




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users