Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vundo and/or Sheur variant


  • This topic is locked This topic is locked
2 replies to this topic

#1 dmsx3

dmsx3

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:58 PM

Posted 04 December 2009 - 06:25 AM

Problem started yesterday with drop of internet connectivity. Upon reboot, no desktop icons or windows start button or toolbar. The only thing that opened was Windows desktop folder. I was able to run avg and malwarebytes from my c drive. Came up with 2 possible trojans. They were quarantined and removed. I rebooted and my desktop returned. I believe Internet Explorer has been hijacked. I switched to Mozilla. I ran msconfig and killed some processes and start up items. Firewall was disabled but that is fixed now. I know these things are sneaky and like to hide...just need some further advice to make sure it's all gone.

I've been running RootRepeal so I can attach it but it looks like it keeps "hanging" at c:\windows\winsxs\manifests.

DDS (Ver_09-12-01.01) - NTFSx86
Run by ddlk at 3:28:37.07 on Fri 12/04/2009
Internet Explorer: 8.0.6001.18828 BrowserJavaVersion: 1.6.0_01
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.895.152 [GMT -6:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\taskeng.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\ddlk\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/ig
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
BHO: TwcToolbarBhoApp Class: {aa1f9ddb-e605-4ba6-81d4-e427dee012ad} - c:\windows\system32\TwcToolbarBho.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: The Weather Channel Toolbar: {2e5e800e-6ac0-411e-940a-369530a35e43} - c:\windows\system32\TwcToolbarIe7.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No File
TB: {A057A204-BACC-4D26-8087-36EE87E26986} - No File
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
uRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_02\bin\jusched.exe"
mRun: [DPService] "c:\program files\hp\dvdplay\DPService.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\yahoo!\Common/ycsms.htm
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
IE: {2E5E800E-6AC0-411E-940A-369530A35E43} - {A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EB}
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
LSP: c:\windows\system32\wpclsp.dll
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} - hxxps://access.jocogov.org/+CSCOL+/relayp.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} - hxxp://updates.lifescapeinc.com/installers/pinstall/pinstall.cab
DPF: {6F750202-1362-4815-A476-88533DE61D0C} - hxxp://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
DPF: {6F750203-1362-4815-A476-88533DE61D0C} - hxxp://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
DPF: {775879E2-7309-4619-BB02-AADE41F4B690} - hxxp://www.playfirst.com/play/game/dreamchronicles/dreamweb.1.0.0.9.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://www.gamehouse.com/realarcade-webgames/zylom/zylomplayer.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
AppInit_DLLs: avgrsstx.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\ddlk\appdata\roaming\mozilla\firefox\profiles\gs22wa1c.default\
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\ksolo\npAVX.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npraclient.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npracplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npzylomgamesplayer.dll
FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll
FF - plugin: c:\programdata\realarcade\npraclient.dll
FF - plugin: c:\programdata\zylom\zylomgamesplayer\npzylomgamesplayer.dll
FF - plugin: c:\users\ddlk\appdata\roaming\mozilla\firefox\profiles\gs22wa1c.default\extensions\npmozax@real.com\plugins\npmozax.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-12-3 207792]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-4-6 335240]
R1 AvgMfx86;AVG Minifilter x86 Resident Driver;c:\windows\system32\drivers\avgmfx86.sys [2007-5-28 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-4-6 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-6-16 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-4-6 297752]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-7-1 21504]
S4 Browser Defender Update Service;Browser Defender Update Service;c:\program files\spyware doctor\bdt\BDTUpdateService.exe [2009-12-3 112592]
S4 gupdate1c9c12bcad4031e;Google Update Service (gupdate1c9c12bcad4031e);c:\program files\google\update\GoogleUpdate.exe [2009-4-19 133104]
S4 iWinTrusted;iWinTrusted;c:\program files\iwin games\iWinTrusted.exe [2009-9-2 78104]

=============== Created Last 30 ================

2009-12-04 08:59:20 0 d-----w- c:\program files\Trend Micro
2009-12-04 00:13:39 882 ----a-w- c:\windows\RegSDImport.xml
2009-12-04 00:13:39 767952 ----a-w- c:\windows\BDTSupport.dll
2009-12-04 00:13:38 880 ----a-w- c:\windows\RegISSImport.xml
2009-12-04 00:13:38 165840 ----a-w- c:\windows\PCTBDRes.dll
2009-12-04 00:13:38 1640400 ----a-w- c:\windows\PCTBDCore.dll
2009-12-04 00:13:38 149456 ----a-w- c:\windows\SGDetectionTool.dll
2009-12-04 00:13:38 131 ----a-w- c:\windows\IDB.zip
2009-12-04 00:13:38 1152444 ----a-w- c:\windows\UDB.zip
2009-12-04 00:08:56 7387 ----a-w- c:\windows\system32\drivers\pctgntdi.cat
2009-12-04 00:08:56 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-12-04 00:08:55 98600 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2009-12-04 00:08:18 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-12-04 00:08:18 7412 ----a-w- c:\windows\system32\drivers\PCTAppEvent.cat
2009-12-04 00:08:18 7383 ----a-w- c:\windows\system32\drivers\pctcore.cat
2009-12-04 00:08:18 207792 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-12-04 00:07:49 7383 ----a-w- c:\windows\system32\drivers\pctplsg.cat
2009-12-04 00:07:49 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-12-04 00:07:21 0 d-----w- c:\users\ddlk\appdata\roaming\PC Tools
2009-12-04 00:07:21 0 d-----w- c:\programdata\PC Tools
2009-12-04 00:07:21 0 d-----w- c:\program files\Spyware Doctor
2009-12-04 00:07:21 0 d-----w- c:\program files\common files\PC Tools
2009-11-25 09:03:59 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-25 08:11:38 1401856 ----a-w- c:\windows\system32\msxml6.dll
2009-11-25 08:11:38 1248768 ----a-w- c:\windows\system32\msxml3.dll
2009-11-25 08:11:32 714240 ----a-w- c:\windows\system32\timedate.cpl
2009-11-18 09:26:33 0 d-----w- c:\program files\Windows Portable Devices
2009-11-18 09:25:46 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-11-18 09:24:12 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-18 09:06:43 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-11-18 09:06:43 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-11-18 09:06:42 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2009-11-18 09:04:46 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-11-18 09:02:03 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-11-18 09:02:02 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-11-18 09:02:01 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-11-15 16:23:45 0 d-----w- c:\users\ddlk\appdata\roaming\PeerNetworking
2009-11-12 23:14:52 0 d-----w- c:\programdata\McAfee
2009-11-12 23:12:51 0 d-----w- c:\programdata\McAfee Security Scan
2009-11-12 23:12:46 0 d-----w- c:\program files\McAfee Security Scan
2009-11-12 23:12:00 0 d-----w- c:\programdata\NOS
2009-11-11 03:05:13 355328 ----a-w- c:\windows\system32\WSDApi.dll
2009-11-11 03:05:09 2036736 ----a-w- c:\windows\system32\win32k.sys
2009-11-05 18:43:56 0 d-----w- c:\users\ddlk\appdata\roaming\AVG8
2009-11-04 23:30:41 632 --sha-r- c:\users\ddlk\ntuser.pol

==================== Find3M ====================

2009-12-03 22:14:06 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-03 22:13:56 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-18 09:26:18 51200 ----a-w- c:\windows\inf\infpub.dat
2009-11-18 09:26:17 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-18 09:26:15 86016 ----a-w- c:\windows\inf\infstor.dat
2009-11-18 09:26:14 143360 ----a-w- c:\windows\inf\infstrng.dat
2009-11-03 02:42:06 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-12 01:38:02 37665 ----a-w- c:\windows\fonts\GlobalUserInterface.CompositeFont
2009-10-01 01:02:17 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02:05 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02:04 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02:00 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01:59 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01:59 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01:56 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01:56 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01:56 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01:56 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01:50 226816 ----a-w- c:\windows\system32\WpdMtp.dll
2009-10-01 01:01:49 61952 ----a-w- c:\windows\system32\WpdMtpUS.dll
2009-10-01 01:01:49 33280 ----a-w- c:\windows\system32\WpdConns.dll
2009-09-25 02:10:10 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:07:08 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:04:32 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 01:49:22 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2009-09-25 01:48:08 351232 ----a-w- c:\windows\system32\XpsPrint.dll
2009-09-25 01:38:29 847360 ----a-w- c:\windows\system32\OpcServices.dll
2009-09-25 01:36:13 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:35:31 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2009-09-25 01:33:25 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2009-09-25 01:33:15 829440 ----a-w- c:\windows\system32\d3d10warp.dll
2009-09-25 01:33:01 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2009-09-25 01:32:59 252928 ----a-w- c:\windows\system32\dxdiag.exe
2009-09-25 01:31:53 519680 ----a-w- c:\windows\system32\d3d11.dll
2009-09-25 01:31:26 486912 ----a-w- c:\windows\system32\d3d10level9.dll
2009-09-25 01:31:21 161280 ----a-w- c:\windows\system32\d3d10_1.dll
2009-09-25 01:31:19 218112 ----a-w- c:\windows\system32\d3d10_1core.dll
2009-09-25 01:31:16 1030144 ----a-w- c:\windows\system32\d3d10.dll
2009-09-25 01:31:15 828928 ----a-w- c:\windows\system32\d2d1.dll
2009-09-25 01:30:23 481792 ----a-w- c:\windows\system32\dxgi.dll
2009-09-25 01:30:23 190464 ----a-w- c:\windows\system32\d3d10core.dll
2009-09-25 01:27:04 793088 ----a-w- c:\windows\system32\FntCache.dll
2009-09-25 01:27:04 37888 ----a-w- c:\windows\system32\cdd.dll
2009-09-25 01:27:04 1064448 ----a-w- c:\windows\system32\DWrite.dll
2009-09-24 22:54:55 258048 ----a-w- c:\windows\system32\winspool.drv
2009-09-24 22:54:53 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2009-09-24 22:54:52 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2009-09-10 16:48:01 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-10 14:59:26 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-09-10 14:58:28 310784 ----a-w- c:\windows\system32\unregmp2.exe
2008-07-06 15:00:52 174 --sha-w- c:\program files\desktop.ini
2007-04-08 18:06:22 774144 ----a-w- c:\program files\RngInterstitial.dll
2006-11-02 12:39:34 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:39:34 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:39:34 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:39:34 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 3:32:32.44 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 dmsx3

dmsx3
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:58 PM

Posted 04 December 2009 - 09:55 PM

I believe I have fixed this myself. Thanks!! :(

#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,805 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:02:58 PM

Posted 06 December 2009 - 10:36 PM

Hello

Thank you for letting us know. I'm glad that your computer problems have been fixed. Since this issue seems to be resolved, this thread will now be closed.

In case you experience any problems with the computer, please start a new topic.

Happy computing,

Orange Blossom :(
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users