Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser virus / Vundo / malware


  • This topic is locked This topic is locked
2 replies to this topic

#1 Levyn

Levyn

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:16 AM

Posted 08 December 2009 - 05:06 PM

Greetings!
I'm using an HP PC [ c. 2005 ] and lately I've been getting more and more viruses. I'm not even -using- the computer much, but it seems even on a morning when my countless programs say I have 0 infections, by nightfall there are 15-100! I know for a fact I have vundo and Malwarebytes has been helping a bit at finding it, but recently I can't upload anything [ to, say photobucket ] and my browser is constantly redirected to spam sites.


DDS (Ver_09-12-01.01) - NTFSx86
Run by HP_Administrator at 17:02:54.12 on Tue 12/08/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1382 [GMT -5:00]

FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
c:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdateMgr.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\DISC\DiscGui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\DISC\DiscStreamHub.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\HP_Administrator\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride = <local>
mSearchAssistant = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
mURLSearchHooks: SrchHook Class: {d3f669eb-57ce-4f45-8fbd-e245cbb46366} - c:\program files\stopzilla!\toolbar\SZIESearchHook.dll
mURLSearchHooks: SrchHook Class: {d3f669eb-57ce-4f45-8fbd-e245cbb46366} - c:\program files\stopzilla!\toolbar\SZIESearchHook.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: ZILLAbar Browser Helper Object: {1827766b-9f49-4854-8034-f6ee26fcb1ec} - c:\program files\stopzilla!\toolbar\SZSG.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.1125.0\msneshellx.dll
BHO: STOPzilla Browser Helper Object: {e3215f20-3212-11d6-9f8b-00d0b743919d} - c:\program files\stopzilla!\SZIEBHO.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.1125.0\msneshellx.dll
TB: STOPzilla: {98828ded-a591-462f-83ba-d2f62a68b8b8} - c:\program files\stopzilla!\toolbar\SZSG.dll
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [PlayNC Launcher]
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [AlwaysReady Power Message APP] ARPWRMSG.EXE
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [HPHUPD08] c:\program files\hp\digital imaging\{33d6cc28-9f75-4d1b-a11d-98895b3a3729}\hphupd08.exe
mRun: [DISCover] c:\program files\disc\DISCover.exe
mRun: [DiscUpdateManager] c:\program files\disc\DiscUpdateMgr.exe
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [<NO NAME>]
mRun: [PCDrProfiler]
mRun: [HP Software Update] c:\program files\hp\hp software update\HPwuSchd2.exe
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
dRun: [AntiVirus Plus] "c:\windows\system32\rundll32.exe" "c:\documents and settings\hp_administrator\application data\antivirus plus\AntiVirus Plus.70367.dll", start 70367
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: &Search
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
LSP: c:\program files\common files\is3\anti-spyware\iS3lsp.dll
Trusted Zone: trymedia.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
TCP: {5CC17855-6D45-41C1-A5AD-68A07FC7C277} = 193.104.110.38,4.2.2.1,192.168.1.1 192.168.1.1
TCP: {63411054-4BC7-42CA-A9C4-C7037380C7E7} = 193.104.110.38,4.2.2.1
AppInit_DLLs: dahihiwi.dll
SSODL: lerofavif - {09d5f1ba-34c6-47f0-91d9-b1e99d6ac248} - No File
SSODL: musuduzem - {a12925d6-717c-40d9-8970-3f213076d796} - No File
SSODL: wehofegot - {096dc0ce-c9a3-4515-aceb-0187d95c1870} - No File
SSODL: fipudumaf - {be4fcf97-ed29-4ca9-90d2-90f46b2f0199} - No File
SSODL: lalomakez - {9bbb3570-87a3-4fc8-b008-78580e7022f9} - c:\windows\system32\pelozeho.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: koputufoh - {2620f6c7-c2e1-4786-b6bf-faf502edc2c1} - c:\windows\system32\jekunaye.dll
STS: {09d5f1ba-34c6-47f0-91d9-b1e99d6ac248} - No File
STS: {a15583e8-05f8-4966-a226-c0e84626c520} - No File
STS: {a12925d6-717c-40d9-8970-3f213076d796} - No File
STS: {be4fcf97-ed29-4ca9-90d2-90f46b2f0199} - No File
STS: tokatiluy: {9bbb3570-87a3-4fc8-b008-78580e7022f9} - c:\windows\system32\pelozeho.dll
STS: jugezatag: {2620f6c7-c2e1-4786-b6bf-faf502edc2c1} - c:\windows\system32\jekunaye.dll
LSA: Notification Packages = scecli buvojeka.dll bigivofo.dll vafiyene.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\hp_adm~1\applic~1\mozilla\firefox\profiles\xk3t33l0.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://www.ask.com/web?&o=13048&l=dis&q=
FF - component: c:\program files\stopzilla!\toolbar\extension\components\SiteGuardFF.dll
FF - plugin: c:\documents and settings\hp_administrator\local settings\application data\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\download manager\npfpdlm.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 szkg5;szkg5;c:\windows\system32\drivers\SZKG.sys [2009-5-12 61328]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 MSSQL$BWDATOOLSET;SQL Server (BWDATOOLSET);c:\program files\dragon age\tools\toolssql\mssql.1\mssql\binn\sqlservr.exe [2008-11-24 29263712]
R3 SMC2208;SMC Compact USB to Ethernet converter;c:\windows\system32\drivers\SMC2208.SYS [2009-7-24 26525]
S0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [2009-5-12 61328]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\dragon age\bin_ship\daupdatersvc.service.exe [2009-11-3 25832]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]

=============== Created Last 30 ================

2009-12-08 21:57:45 0 d-----w- c:\program files\Trend Micro
2009-12-08 21:44:00 560 ----a-w- c:\windows\system32\drivers\kgpcpy.cfg
2009-12-08 05:50:51 116736 ----a-w- c:\windows\system32\drivers\mcdbus.sys
2009-12-08 05:50:50 0 d-----w- c:\program files\MagicDisc
2009-12-07 23:51:34 39424 --sh--w- c:\windows\system32\pukozedi.dll
2009-12-06 23:52:10 2713 --sh--w- c:\windows\system32\nuyowayi.dll
2009-12-06 23:51:57 2713 --sh--w- c:\windows\system32\nadejota.exe
2009-12-06 23:51:57 2713 --sh--w- c:\windows\system32\feliwete.dll
2009-12-06 23:51:56 2713 --sh--w- c:\windows\system32\sahakenu.dll
2009-12-06 23:51:56 2713 --sh--w- c:\windows\system32\gujowude.exe
2009-12-05 11:51:37 2713 --sh--w- c:\windows\system32\wejenule.exe
2009-12-05 11:51:37 2713 --sh--w- c:\windows\system32\jopafuyi.exe
2009-12-03 18:49:31 2713 --sh--w- c:\windows\system32\bejowaku.dll
2009-12-03 18:49:16 2713 --sh--w- c:\windows\system32\zavubeve.dll
2009-12-03 18:49:16 2713 --sh--w- c:\windows\system32\helitemo.exe
2009-12-03 18:49:15 2713 --sh--w- c:\windows\system32\vifiride.exe
2009-12-02 06:49:03 2713 --sh--w- c:\windows\system32\zusewonu.dll
2009-12-02 06:48:55 2713 --sh--w- c:\windows\system32\yufadade.exe
2009-12-02 06:48:55 2713 --sh--w- c:\windows\system32\repevumo.exe
2009-12-02 06:48:55 2713 --sh--w- c:\windows\system32\kubetole.dll
2009-12-02 06:48:55 2713 --sh--w- c:\windows\system32\hakodame.dll
2009-11-27 18:48:22 2713 --sh--w- c:\windows\system32\pivefoji.dll
2009-11-26 16:07:52 0 d-----w- c:\program files\common files\DivX Shared
2009-11-26 16:07:51 0 d-----w- c:\program files\DivX
2009-11-26 06:48:39 2713 --sh--w- c:\windows\system32\honadagu.dll
2009-11-26 06:48:20 2713 --sh--w- c:\windows\system32\bunuyuza.dll
2009-11-26 06:48:19 2713 --sh--w- c:\windows\system32\pomunazo.dll
2009-11-20 16:55:02 37 ----a-w- c:\windows\marscam.ini
2009-11-20 16:53:19 73 ----a-w- c:\windows\APOapp.INI
2009-11-20 16:52:21 0 d-----w- C:\Photo2Album
2009-11-20 16:40:34 0 d-----w- C:\8c7a0507a92fb83a79e6997cea
2009-11-20 16:30:05 77824 ----a-w- c:\windows\system32\mr310ifc.dll
2009-11-20 16:30:05 352256 ----a-w- c:\windows\system32\ijl15.dll
2009-11-20 16:30:05 205824 ----a-w- c:\windows\system32\VIC32.DLL
2009-11-20 16:30:05 15164 ----a-w- c:\windows\mr310twc.ini
2009-11-20 16:30:05 147456 ----a-w- c:\windows\system32\mr310ipc.dll
2009-11-20 16:30:05 12106 ----a-w- c:\windows\mr310twc.src
2009-11-20 16:30:05 0 d-----w- c:\program files\MARS
2009-11-20 16:29:48 0 d-----w- c:\program files\AvailaSoft
2009-11-16 08:55:37 0 d-----w- c:\program files\Windows Media Connect 2
2009-11-16 08:52:17 0 d-----w- c:\program files\Paint.NET
2009-11-15 03:19:15 112 ----a-w- c:\windows\cdplayer.ini
2009-11-13 16:37:03 0 d-----w- c:\docume~1\hp_adm~1\applic~1\Malwarebytes

==================== Find3M ====================

2009-11-03 06:07:51 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2009-10-30 23:09:04 3620 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-10-30 23:09:04 27424 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-10-30 23:09:03 71108 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-10-30 23:09:03 5229088 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-10-27 15:08:16 545424 ----a-r- c:\windows\system32\SZComp5.dll
2009-10-27 15:08:14 402064 ----a-r- c:\windows\system32\SZBase5.dll
2009-10-27 14:59:38 17408 ----a-r- c:\windows\system32\SZIO5.dll
2009-10-20 18:40:34 126976 ----a-r- c:\windows\system32\IS3HTUI5.dll
2009-10-20 18:40:24 393216 ----a-r- c:\windows\system32\IS3DBA5.dll
2009-10-20 18:38:16 385024 ----a-r- c:\windows\system32\IS3UI5.dll
2009-10-20 18:37:58 61440 ----a-r- c:\windows\system32\IS3Hks5.dll
2009-10-20 18:37:40 23040 ----a-r- c:\windows\system32\IS3XDat5.dll
2009-10-20 18:35:40 225280 ----a-r- c:\windows\system32\IS3Win325.dll
2009-10-20 18:35:18 94208 ----a-r- c:\windows\system32\IS3Inet5.dll
2009-10-20 18:35:04 90112 ----a-r- c:\windows\system32\IS3Svc5.dll
2009-10-20 18:31:52 729088 ----a-r- c:\windows\system32\IS3Base5.dll
2009-10-19 01:34:24 5893 --sh--w- c:\windows\system32\halulula.exe
2009-10-18 01:33:25 2713 --sh--w- c:\windows\system32\huvajolu.exe
2009-10-11 09:17:27 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-09 01:26:31 152 ----a-w- c:\docume~1\hp_adm~1\applic~1\wklnhst.dat
2004-09-29 18:45:32 26525 ----a-r- c:\windows\inf\SMC2208.SYS
2006-07-07 13:43:10 22 --sha-w- c:\windows\sminst\HPCD.SYS
2009-09-03 06:48:22 39424 --sha-w- c:\windows\system32\begajetu.dll
2009-09-05 23:50:57 39424 --sha-w- c:\windows\system32\bulusiko.dll
2009-08-27 18:46:44 102400 --sha-w- c:\windows\system32\hekegepe.exe
2009-08-28 06:47:01 39424 --sha-w- c:\windows\system32\jodunufe.dll
2009-08-29 06:47:14 60928 --sha-w- c:\windows\system32\jugifidu.dll
2009-08-25 06:45:34 39424 --sha-w- c:\windows\system32\kilisesa.dll
2009-09-07 11:51:18 39424 --sha-w- c:\windows\system32\luhehubo.dll
2009-09-07 23:51:23 45568 --sha-w- c:\windows\system32\manemanu.dll
2009-09-02 18:48:15 39424 --sha-w- c:\windows\system32\masekaba.dll
2009-08-24 18:45:27 39424 --sha-w- c:\windows\system32\nanayese.dll
2009-09-01 18:47:54 39424 --sha-w- c:\windows\system32\nayuwujo.dll
2009-08-26 18:46:19 39424 --sha-w- c:\windows\system32\pagagifu.dll
2009-09-01 06:47:50 39424 --sha-w- c:\windows\system32\pahibiyi.dll
2009-08-24 06:45:14 54272 --sha-w- c:\windows\system32\piwihivo.dll
2009-07-27 01:36:59 37888 --sha-w- c:\windows\system32\punudehe.dll
2009-08-15 05:00:09 1107968 --sha-w- c:\windows\system32\rezuzubo.exe
2009-09-06 11:51:01 39424 --sha-w- c:\windows\system32\semusufu.dll
2009-08-28 18:47:07 39424 --sha-w- c:\windows\system32\sibomado.dll
2009-09-04 06:48:35 39424 --sha-w- c:\windows\system32\tejigune.dll
2009-09-08 11:51:44 61440 --sha-w- c:\windows\system32\teyasavo.dll
2009-08-24 06:46:02 54272 --sha-w- c:\windows\system32\vafiyene.dll
2009-08-30 06:47:26 39424 --sha-w- c:\windows\system32\vimovono.dll
2009-08-27 06:46:29 39424 --sha-w- c:\windows\system32\vuvaboku.dll
2009-08-25 18:45:48 39424 --sha-w- c:\windows\system32\wifetivi.dll
2009-08-25 06:45:34 92672 --sha-w- c:\windows\system32\wivatema.dll
2009-08-30 18:47:45 39424 --sha-w- c:\windows\system32\wiwifezi.dll
2009-08-29 06:47:15 39424 --sha-w- c:\windows\system32\wupozutu.dll
2009-08-29 18:47:21 39424 --sha-w- c:\windows\system32\wurigime.dll
2009-09-08 11:51:45 39424 --sha-w- c:\windows\system32\yafevefe.dll
2009-08-24 18:45:29 92672 --sha-w- c:\windows\system32\yiyawefo.dll

============= FINISH: 17:03:28.10 ===============

BC AdBot (Login to Remove)

 


#2 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:16 AM

Posted 20 December 2009 - 06:25 PM

Hi,

My name is Extremeboy (or EB for short), and I will be helping you with your log.

We apologize for the delay of response.

If you still require assistance we would like to see the current condition of your system so please post a new set of DDS Logs as well as a RootRepeal log and a description of any remaining problems or symptoms you may still have please.

If for any reason you did not post a DDS log or RootRepeal log please refer to this page and in step #6 and Step #7 for further instructions on downloading and running DDS & RootRepeal. If you have any problems just let me know in your next reply or simply post a Hijackthis log.


For your next reply I would like to see:
-The DDS logs
---DDS.txt and Attach logs
-RootRepeal logs
-Description of any remaining problems you may still have.


Thanks again and we apologize for the delay.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#3 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:16 AM

Posted 25 December 2009 - 12:52 PM

Hello.

Due to Lack of feedback, this topic is now Closed

If you need this topic reopened, please Send Me a Message. In your message please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users