Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware or What?


  • This topic is locked This topic is locked
2 replies to this topic

#1 Larryvans

Larryvans

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:01:50 PM

Posted 05 February 2010 - 08:22 PM

Hello I'm having a problem with IE8 search. I use Google in IE search window for the Internet. When I enter a search topic, the search works as it should. It lists all the different web sites. The problem is when I would click on one of these web site links, it takes me to a different search page or web site altogether. The last time I tried to do a search, I was directed to a web page with the following in it's address http//www.aoggtrnihone.com then it quickly bumped me to another page. I have done some virus scans. I am running XP pro with the latest updates. I have McAfee virus protection. about 10 days ago I did a Malwarebytes scan, which found a lot of viruses, which are now in quarrentine. Which I don'y know what to do with them? I have my DDS scan logs, but am unable to complete the GMER scan, as it seems to reach a certain point, then reboots the computer. I will continue to try the GMER scan. Please review the DDS logs pasted below.


DDS (Ver_09-12-01.01) - NTFSx86
Run by Larry van Sweden at 15:52:59.00 on Fri 02/05/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.479.90 [GMT -5:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
svchost.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Larry van Sweden\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.charter.net/
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\progra~1\mcafee\viruss~1\scriptsn.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [VTTimer] VTTimer.exe
mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [McENUI] c:\progra~1\mcafee\mhn\McENUI.exe /hide
mRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: intuit.com\ttlc
DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} - hxxp://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-3-25 214664]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2010-1-12 93320]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2010-1-12 359952]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2010-1-12 144704]
R3 ATICXCAP;ATI TV Wonder Pro A/V Capture;c:\windows\system32\drivers\aticxcap.sys [2005-3-30 173824]
R3 ATICXTUN;ATI TV Wonder Pro Tuner (Philips 1236 MK3);c:\windows\system32\drivers\aticxtun.sys [2005-3-30 29184]
R3 ATICXXBR;ATI TV Wonder Pro A/V Crossbar;c:\windows\system32\drivers\aticxxbr.sys [2005-3-30 9088]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2010-1-12 606736]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-1-12 79816]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-1-12 35272]
R3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2010-1-12 34248]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2010-1-12 40552]
R3 USR1806;U.S. Robotics Faxmodem Driver 1806;c:\windows\system32\drivers\USR1806.SYS [2010-1-12 793598]

=============== Created Last 30 ================

2010-02-05 14:52:26 216 ----a-w- C:\PHOTODEX_VCD.CUE
2010-02-04 21:09:36 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-02-04 21:09:02 0 d-----w- c:\program files\Windows Media Connect 2
2010-02-04 14:39:32 0 d-----w- c:\program files\DiskInternals
2010-02-04 14:19:16 194362 ----a-w- c:\windows\system32\drivers\windrvr6.sys
2010-02-04 14:18:11 0 d-----w- c:\documents and settings\larry van sweden\Medtronic
2010-02-03 17:01:58 0 d-----w- c:\program files\Yahoo!
2010-02-03 17:01:49 0 d-----w- c:\program files\CCleaner
2010-02-03 16:53:02 0 d-----w- c:\docume~1\larryv~1\applic~1\Uniblue
2010-02-03 16:42:51 0 d-----w- c:\docume~1\alluse~1\applic~1\FileCure
2010-02-03 15:19:15 0 d-----w- c:\program files\Photodex Presenter
2010-02-03 15:18:28 0 d-----w- c:\program files\Photodex
2010-02-02 15:54:14 0 d-----w- c:\docume~1\alluse~1\applic~1\PhotoMail
2010-02-02 15:54:10 0 d-----w- c:\program files\PhotoMail Maker
2010-02-02 15:52:07 0 d-----w- c:\program files\IncrediMail
2010-02-02 03:26:46 0 d-----w- c:\docume~1\alluse~1\applic~1\F-Secure
2010-01-30 01:20:39 9216 ----a-r- c:\windows\system32\drivers\videX32.sys
2010-01-30 01:19:50 331184 ------w- c:\windows\system32\difxapi.dll
2010-01-30 01:19:50 0 d-----w- c:\program files\VIA
2010-01-27 23:15:51 0 d-----w- c:\docume~1\larryv~1\applic~1\OpenOffice.org
2010-01-27 23:07:04 0 d-----w- c:\program files\JRE
2010-01-27 23:06:08 0 d-----w- c:\program files\OpenOffice.org 3
2010-01-27 23:05:31 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-01-27 23:05:31 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-27 15:31:28 51712 --sha-r- c:\windows\system32\iepeerss.dll
2010-01-26 20:21:09 0 d-----r- c:\docume~1\larryv~1\applic~1\Brother
2010-01-24 01:14:26 0 d-----w- c:\docume~1\larryv~1\applic~1\CANON INC
2010-01-24 01:10:32 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-01-24 01:10:31 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-01-24 01:10:31 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-01-24 01:10:30 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-01-24 00:41:11 0 ----a-w- c:\windows\Brownie.ini
2010-01-22 23:11:49 92 ----a-w- c:\windows\brpcfx.ini
2010-01-22 23:11:49 50 ----a-w- c:\windows\system32\BRIDF04A.dat
2010-01-22 23:11:49 234 ----a-w- c:\windows\Brpfx04a.ini
2010-01-22 23:11:01 51200 ------w- c:\windows\system32\brinsstr.dll
2010-01-22 23:10:40 0 d-----w- c:\program files\Brother
2010-01-22 23:10:39 147456 ----a-w- c:\windows\brunin03.dll
2010-01-22 23:08:31 0 d-----w- c:\docume~1\alluse~1\applic~1\Brother
2010-01-18 20:31:27 0 d-----w- c:\docume~1\larryv~1\applic~1\ZoomBrowser EX
2010-01-18 19:39:36 0 ---ha-w- c:\windows\system32\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
2010-01-18 19:39:36 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_WinUSB_01009.Wdf
2010-01-18 19:38:09 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_09_00.Wdf
2010-01-18 18:55:06 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_zumbus_01009.Wdf
2010-01-18 18:55:04 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-01-18 18:54:57 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-01-18 18:52:02 62976 -c----w- c:\windows\system32\dllcache\cdrom.sys
2010-01-18 18:52:01 465920 -c----w- c:\windows\system32\dllcache\imapi2fs.dll
2010-01-18 18:52:01 465920 ------w- c:\windows\system32\imapi2fs.dll
2010-01-18 18:52:00 317952 -c----w- c:\windows\system32\dllcache\imapi2.dll
2010-01-18 18:52:00 317952 ------w- c:\windows\system32\imapi2.dll
2010-01-18 18:48:55 0 d-----w- c:\windows\system32\LogFiles
2010-01-18 18:25:23 0 d-----w- c:\docume~1\larryv~1\applic~1\Malwarebytes
2010-01-18 18:25:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-18 18:25:12 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-18 18:25:12 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-18 18:25:12 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-01-18 18:09:53 0 d-----w- c:\docume~1\alluse~1\applic~1\ZoomBrowser
2010-01-18 18:09:16 0 d-----w- c:\program files\Canon
2010-01-18 18:06:53 0 d-----w- c:\program files\common files\Canon
2010-01-18 17:07:29 0 d-----w- c:\windows\system32\NtmsData
2010-01-16 19:14:30 1089593 -c----w- c:\windows\system32\dllcache\ntprint.cat
2010-01-16 10:20:50 0 d-sh--w- c:\documents and settings\larry van sweden\IECompatCache
2010-01-16 01:44:29 0 d-----w- c:\program files\TurboTax
2010-01-16 01:43:35 0 d-----w- c:\program files\FamilySearch
2010-01-16 01:41:35 0 d-----w- c:\windows\system32\XPSViewer
2010-01-16 01:39:44 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-01-16 01:39:44 117760 ------w- c:\windows\system32\prntvpt.dll
2010-01-16 01:39:43 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-01-16 01:39:43 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-01-16 01:39:43 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-01-16 01:39:43 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-01-16 01:39:43 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-01-16 01:39:41 0 d-----w- C:\747071d04f461d2248e7d37846
2010-01-15 22:57:27 0 d-----w- c:\program files\MSXML 4.0
2010-01-15 15:00:37 0 d-----w- c:\program files\Carbonite
2010-01-15 15:00:37 0 d-----w- c:\docume~1\alluse~1\applic~1\Carbonite
2010-01-15 14:40:07 0 d-----w- c:\program files\common files\AnswerWorks 5.0
2010-01-15 14:39:27 3839264 ----a-w- c:\windows\system32\cdintf300.dll
2010-01-15 14:38:50 0 d-----w- c:\docume~1\larryv~1\applic~1\Intuit
2010-01-15 14:37:38 0 d-----w- c:\program files\common files\Intuit
2010-01-15 14:37:20 0 d-----w- c:\program files\Quicken
2010-01-15 14:37:04 165 ----a-w- c:\windows\QUICKEN.INI
2010-01-15 14:36:19 0 d-----w- c:\docume~1\alluse~1\applic~1\Intuit
2010-01-15 03:55:25 0 d-----w- c:\windows\system32\scripting
2010-01-15 03:55:24 0 d-----w- c:\windows\l2schemas
2010-01-15 03:55:23 0 d-----w- c:\windows\system32\en
2010-01-15 03:55:23 0 d-----w- c:\windows\system32\bits
2010-01-15 03:48:26 0 d-----w- c:\windows\network diagnostic
2010-01-15 03:32:30 0 d-----w- c:\docume~1\alluse~1\applic~1\IncrediMail
2010-01-15 03:32:28 0 d-----w- c:\docume~1\alluse~1\applic~1\IM
2010-01-15 03:26:00 0 d-sh--w- c:\documents and settings\larry van sweden\PrivacIE
2010-01-15 03:21:31 0 d-sh--w- c:\documents and settings\larry van sweden\IETldCache
2010-01-15 03:16:02 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-01-15 03:16:02 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-01-15 03:16:02 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-01-15 03:16:01 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-01-15 03:16:01 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-01-15 03:16:01 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-01-15 03:15:56 0 d-----w- c:\windows\ie8updates
2010-01-15 03:15:50 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-01-15 03:13:57 0 dc-h--w- c:\windows\ie8
2010-01-15 02:33:59 291328 ------w- c:\windows\system32\qagentrt.dll
2010-01-15 02:32:53 294912 -c----w- c:\windows\system32\dllcache\msaud32.acm
2010-01-15 02:31:54 81920 ------w- c:\windows\system32\ieencode.dll
2010-01-15 02:01:11 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-01-15 02:01:05 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-01-15 02:01:05 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-01-15 01:58:57 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-01-15 01:58:54 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2010-01-15 01:58:39 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-01-15 01:57:05 2560 ------w- c:\windows\system32\xpsp4res.dll
2010-01-15 01:57:04 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-01-15 01:56:28 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-15 01:54:41 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-01-15 01:54:40 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-01-15 01:54:39 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-01-15 01:54:39 110592 -c----w- c:\windows\system32\dllcache\services.exe
2010-01-15 01:54:38 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-01-15 01:54:38 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-01-15 01:54:37 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2010-01-15 01:54:37 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-01-15 01:54:37 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-01-15 01:54:35 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-01-15 01:54:34 2189184 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-01-15 01:54:32 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-01-15 01:52:46 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-01-15 01:52:33 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2010-01-15 01:51:30 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-01-15 01:46:18 0 d-----w- c:\windows\system32\PreInstall
2010-01-15 01:37:15 13646 ----a-w- c:\windows\system32\wpa.bak
2010-01-15 01:36:00 0 d-----w- c:\windows\system32\SoftwareDistribution
2010-01-15 01:23:30 20747 ----a-w- c:\windows\system32\drivers\AegisP.sys
2010-01-15 01:23:13 40960 ----a-w- c:\windows\system32\B11gUSB.dll
2010-01-15 01:23:10 94208 ----a-w- c:\windows\system32\GTW32N50.dll
2010-01-15 01:23:10 31930 ----a-w- c:\windows\system32\GTNDIS3.VXD
2010-01-15 01:23:10 15872 ----a-w- c:\windows\system32\GTNDIS5.sys
2010-01-15 01:23:09 0 d-----w- c:\program files\Belkin
2010-01-13 16:03:59 701440 ------w- c:\windows\system32\drivers\ati2mtag.sys
2010-01-13 15:59:44 0 d-----w- c:\windows\ServicePackFiles
2010-01-13 15:58:52 19528 ----a-w- c:\windows\000001_.tmp
2010-01-13 15:58:36 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-01-12 21:42:57 13533 ----a-w- c:\windows\system32\Config.MPF
2010-01-12 21:37:31 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys
2010-01-12 21:37:31 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2010-01-12 21:37:30 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2010-01-12 21:37:25 120136 ----a-w- c:\windows\system32\drivers\Mpfp.sys
2010-01-12 21:36:44 0 d-----w- c:\program files\common files\McAfee
2010-01-12 21:36:42 0 d-----w- c:\program files\McAfee.com
2010-01-12 21:36:29 0 d-----w- c:\program files\McAfee
2010-01-12 21:35:36 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys
2010-01-12 21:32:24 6272 ----a-w- c:\windows\system32\drivers\splitter.sys
2010-01-12 21:32:22 83072 ----a-w- c:\windows\system32\drivers\wdmaud.sys
2010-01-12 21:32:20 52864 ----a-w- c:\windows\system32\drivers\dmusic.sys
2010-01-12 21:32:14 56576 ----a-w- c:\windows\system32\drivers\swmidi.sys
2010-01-12 21:32:12 142592 ----a-w- c:\windows\system32\drivers\aec.sys
2010-01-12 21:32:11 172416 ----a-w- c:\windows\system32\drivers\kmixer.sys
2010-01-12 21:32:09 2944 ----a-w- c:\windows\system32\drivers\drmkaud.sys
2010-01-12 21:32:07 60800 ----a-w- c:\windows\system32\drivers\sysaudio.sys
2010-01-12 21:32:05 7552 ----a-w- c:\windows\system32\drivers\mskssrv.sys
2010-01-12 21:32:03 4992 ----a-w- c:\windows\system32\drivers\mspqm.sys
2010-01-12 21:32:01 5376 ----a-w- c:\windows\system32\drivers\mspclock.sys
2010-01-12 21:31:40 0 d-----w- c:\program files\C-Media 3D Audio
2010-01-12 21:27:55 6912 ----a-w- c:\windows\system32\drivers\vulfnth.sys
2010-01-12 21:27:55 45056 ----a-w- c:\windows\system32\vusetup.dll
2010-01-12 21:27:55 11392 ----a-w- c:\windows\system32\drivers\vulfntr.sys
2010-01-12 21:27:14 42496 ----a-w- c:\windows\system32\drivers\fetnd5b.sys
2010-01-12 21:27:13 7040 ----a-r- c:\windows\system32\ntsim.sys
2010-01-12 21:26:50 0 d-----w- c:\program files\S3
2010-01-12 21:25:30 3000 ----a-r- c:\windows\system32\SetupNT.sys
2010-01-12 21:25:23 5 ----a-w- c:\windows\system32\BSETUP.TMP
2010-01-12 21:23:59 79 ----a-w- c:\windows\BRPP2KA.INI
2010-01-12 21:23:59 462 ----a-w- c:\windows\BRWMARK.INI
2010-01-12 21:23:59 30 ----a-w- c:\windows\system32\brss01a.ini
2010-01-12 21:23:59 184 ----a-w- c:\windows\system32\brsvc01a.bsi
2010-01-12 21:22:42 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-01-12 21:22:38 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-01-12 21:19:00 232192 ----a-w- c:\windows\system32\drivers\rt73.sys
2010-01-12 20:51:21 0 d-sh--w- c:\documents and settings\all users\DRM
2010-01-12 20:50:56 0 d--h--w- c:\program files\WindowsUpdate
2010-01-12 20:50:09 0 d-----w- c:\program files\common files\MSSoap
2010-01-12 20:48:42 0 d-----w- c:\program files\Online Services
2010-01-12 20:48:35 0 d-----w- c:\program files\Messenger
2010-01-12 20:48:33 0 d-----w- c:\program files\MSN Gaming Zone
2010-01-12 20:48:04 0 d-----w- c:\program files\Windows NT
2010-01-12 15:36:28 0 d-----w- c:\program files\common files\ODBC
2010-01-12 15:36:25 0 d-----w- c:\program files\common files\SpeechEngines
2010-01-12 15:36:03 0 d-----r- c:\documents and settings\all users\Documents

==================== Find3M ====================

2010-01-24 00:49:52 17408 ----a-w- c:\windows\system32\wpdshextautoplay.exe
2010-01-12 20:49:10 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-21 19:14:05 916480 ----a-w- c:\windows\system32\wininet.dll
2001-11-23 04:08:20 712704 ----a-r- c:\windows\inf\other\AUDIO3D.DLL

============= FINISH: 15:53:40.85 ===============


I hope you can find my problem. Thank You Larry



BC AdBot (Login to Remove)

 


#2 Larryvans

Larryvans
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:01:50 PM

Posted 10 February 2010 - 02:52 PM

I guess I'll take this issue somewhere else you guys must be too busy here. Thanks CLOSE THIS THREAD

#3 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,252 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:08:50 PM

Posted 11 February 2010 - 12:52 PM

Closed as requested.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users