Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan infections and Spyware ad popup


  • This topic is locked This topic is locked
59 replies to this topic

#1 HowAreYouDoing

HowAreYouDoing

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 07 February 2010 - 01:41 PM


DDS (Ver_09-12-01.01) - NTFSx86
Run by Owner at 19:54:21.37 on Sat 02/06/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.447.47 [GMT -5:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
svchost.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\LxrJD31s.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\McAfee.com\Agent\McAgent.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AIM6\aim6.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Internet Explorer Plugin: {1fcc2563-f07f-4962-8f3d-7668c3f2010c} - pcfr32.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\scriptcl.dll
BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - c:\program files\aim toolbar\aimtb.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
TB: HP View: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
EB: {8F4902B6-6C04-4ade-8052-AA58578A21BD} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
EB: &Discuss: {bdeade7f-c265-11d0-bced-00a0c90ab50f} - shdocvw.dll
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [MCUpdateExe] c:\progra~1\mcafee.com\agent\McUpdate.exe
mRun: [MCAgentExe] c:\progra~1\mcafee.com\agent\McAgent.exe
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe"
mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\UdaterUI.exe" /StartedFromRunKey
mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg111v3\WG111v3.exe
uPolicies-system: DisableRegistryTools = 1 (0x1)
uPolicies-system: DisableTaskMgr = 1 (0x1)
IE: &AIM Toolbar Search - c:\documents and settings\all users\application data\aim toolbar\ietoolbar\resources\en-us\local\search.html
IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-us\local\search.html
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {0b83c99c-1efa-4259-858f-bcb33e007a5b} - {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
Trusted Zone: microsoft.com\office
DPF: {48DF87EE-F2DE-11D8-BE7F-302050C10801} - hxxp://www.flysuite.com/flyword/loaderword_win.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
mASetup: {27E53DCF-6B78-4088-BE71-5CA5CDCB2624} - rundll32 pcfr32.dll,laspi
mASetup: aafbac70-6ddb-469d-a377-efd7b4247bdc - c:\windows\system32\brooxdc.exe

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\febu7hyw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query=
FF - prefs.js: browser.search.selectedEngine - AIM Search
FF - prefs.js: browser.startup.homepage - google.com
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrab&query=
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJava11.dll
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJava12.dll
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJava13.dll
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJava14.dll
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJava32.dll
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJPI150_04.dll
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPOJI610.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPMGWRAP.DLL
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2007-10-9 38144]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-15 34064]
R3 mfeavfk;McAfee Inc.;c:\windows\system32\drivers\mfeavfk.sys [2007-1-24 72264]
R3 mfebopk;McAfee Inc.;c:\windows\system32\drivers\mfebopk.sys [2007-1-24 34152]
R3 mfehidk;McAfee Inc.;c:\windows\system32\drivers\mfehidk.sys [2007-1-24 168776]
R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [2007-12-28 287232]
S0 Kfu47;Kfu47; [x]
S1 SASDIFSV;SASDIFSV;\??\c:\program files\superantispyware\sasdifsv.sys --> c:\program files\superantispyware\SASDIFSV.SYS [?]
S1 SASKUTIL;SASKUTIL;\??\c:\program files\superantispyware\saskutil.sys --> c:\program files\superantispyware\SASKUTIL.sys [?]
S2 mrtRate;mrtRate; [x]
S3 SASENUM;SASENUM;\??\c:\program files\superantispyware\sasenum.sys --> c:\program files\superantispyware\SASENUM.SYS [?]

============== File Associations ===============

regfile=regedit.exe "%1" %*
scrfile="%1" %*

=============== Created Last 30 ================

2098-09-01 22:36:32 90233 ----a-w- c:\windows\cdPlayer.ini
2098-09-01 16:09:05 35552 -c--a-w- c:\windows\system32\dllcache\wups.dll
2098-09-01 16:09:05 0 d-----w- c:\windows\system32\SoftwareDistribution
2098-09-01 02:55:43 80604 ----a-w- C:\VScanOas.mmf
2098-09-01 02:55:43 74996 ----a-w- C:\AVConsol.mmf
2098-09-01 02:55:43 51200 ----a-w- C:\dVS_Excl.mmf
2098-09-01 02:55:43 51200 ----a-w- C:\dScanDef.mmf
2098-09-01 02:55:43 51200 ----a-w- C:\dExclDef.mmf
2098-09-01 02:55:43 27448 ----a-w- C:\VScanOds.mmf
2098-09-01 02:55:43 25008 ----a-w- C:\VScanGen.mmf
2098-09-01 02:55:43 1324800 ----a-w- C:\dAV_Cons.mmf
2098-09-01 02:55:43 1280000 ----a-w- C:\dAV_Scan.mmf
2098-09-01 02:55:43 1280000 ----a-w- C:\dAV_Excl.mmf
2010-02-06 19:13:55 0 d-----w- C:\DVDVideoSoft
2010-02-06 19:13:26 0 d-----w- c:\program files\common files\DVDVideoSoft
2010-02-06 19:13:25 0 d-----w- c:\program files\DVDVideoSoft
2010-01-24 04:09:58 470528 -c----w- c:\windows\system32\dllcache\aclayers.dll

==================== Find3M ====================

2009-12-21 19:14:05 916480 ----a-w- c:\windows\system32\wininet.dll
2008-03-08 17:33:42 16334 ----a-w- c:\program files\common files\xexic.bat
2008-03-08 17:33:41 19091 ----a-w- c:\program files\common files\kenyn._sy
2008-03-08 17:33:40 19117 ----a-w- c:\program files\common files\hobiby.dl
2008-03-08 17:33:40 13098 ----a-w- c:\program files\common files\efarites.ban
2007-12-28 19:02:12 287232 ----a-w- c:\windows\inf\wg111v3\wg111v3.sys
2007-12-28 18:59:30 342528 ----a-w- c:\windows\inf\wg111v3\vista64\wg111v3.sys
2007-11-27 21:53:58 63488 ----a-w- c:\windows\inf\wg111v3\SetDrv64.exe
2007-11-27 21:52:44 32768 ----a-w- c:\windows\inf\wg111v3\SetDrv.exe
2006-12-15 15:30:36 98304 ----a-w- c:\windows\inf\wg111v3\UScanM.exe
2006-12-15 15:30:36 315392 ----a-w- c:\windows\inf\wg111v3\InstallDriver.exe
2006-12-15 15:30:36 212992 ----a-w- c:\windows\inf\wg111v3\CopyWHQLDriver.exe
2006-12-15 15:30:36 20480 ----a-w- c:\windows\inf\wg111v3\RTWUPath.exe
2006-12-15 15:30:36 19968 ----a-w- c:\windows\inf\wg111v3\RTWREFU.EXE
2005-03-05 21:32:16 249856 ----a-w- c:\program files\Uninstall My Web Search.dll
2004-09-17 01:23:44 809 ----a-w- c:\program files\INSTALL.LOG
2004-09-20 04:52:44 32 --sha-w- c:\windows\{30A3DF06-6756-4B0C-9CA1-77092D899BC8}.dat
2004-09-20 04:52:44 32 --sha-w- c:\windows\system32\{67FDB767-01B3-4E08-9096-1BE12AC0B97B}.dat

============= FINISH: 19:56:53.79 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Tokek

Tokek

    Bleepin' Gecko


  • Members
  • 1,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jakarta, Indonesia
  • Local time:08:17 AM

Posted 14 February 2010 - 08:57 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log

If I have not replied back to your post in 3 days, please send me a PM.

Posted Image

#3 Tokek

Tokek

    Bleepin' Gecko


  • Members
  • 1,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jakarta, Indonesia
  • Local time:08:17 AM

Posted 19 February 2010 - 11:21 PM

Due to the lack of feedback, this topic is now closed.
If you need this topic reopened, please PM a staff member and we will reopen it for you (include the address of this thread in your request). This applies to the original topic starter only. Everyone else with similar problems, please start a new topic.

If I have not replied back to your post in 3 days, please send me a PM.

Posted Image

#4 Tokek

Tokek

    Bleepin' Gecko


  • Members
  • 1,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jakarta, Indonesia
  • Local time:08:17 AM

Posted 01 March 2010 - 06:51 AM

Thread reopened at original poster's request.

Please post a new DDS and GMER log.
If I have not replied back to your post in 3 days, please send me a PM.

Posted Image

#5 HowAreYouDoing

HowAreYouDoing
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 02 March 2010 - 09:43 PM

Not a problem. I hope all is well. Thank you for looking into this. I had trouble with spyware previously and my computer wasn't starting up properly so it asked me how to run it and the only option that worked was to run system restore. Recently, I freed up space on my hard drive but it keeps telling me I don't have enough free disk space and that I should get rid of some programs that are not in use. I removed some programs but I still get requests to free up space. I believe it has little if any free disk space as of now. I can't update to Windows Service Pack 3 because I don't have enough space (if that gives you some idea). I'm sure I still have some spyware and viruses.


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 2/12/2010 3:12:05 AM
System Uptime: 3/2/2010 4:34:29 PM (0 hours ago)

Motherboard: ASUSTek Computer INC. | | Kelut
Processor: AMD Athlon™ XP 3200+ | Socket A | 2199/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 182 GiB total, 0.367 GiB free.
D: is FIXED (FAT32) - 4 GiB total, 0.631 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP138: 3/2/2010 4:37:04 PM - Software Distribution Service 3.0

==== Installed Programs ======================


Adobe Flash Player 10 Plugin
Adobe Reader 6.0
AiO_Scan
AIOMinimal
AiOSoftware
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bonjour
CameraDrivers
CCleaner
Copy
CreativeProjects
Director
DocProc
Fax
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
HP Deskjet Preloaded Printer Drivers
HP Image Zone 3.5
HP Image Zone Plus 3.5
HP Instant Support
HP Photo & Imaging 3.5 - HP Devices
HP PSC & OfficeJet 3.0
HP Software Update
hpg2436
hpg3970
hpg4600
hpg5530
hpg8200
HPIZ350
HpSdpAppCoreApp
HPSystemDiagnostics
InstantShare
InterVideo WinDVD Creator 2
InterVideo WinDVD Player
iTunes
Java 2 Runtime Environment, SE v1.4.2_03
KBD
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft Works 7.0
Mozilla Firefox (3.5.8)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
Multimedia Card Reader
NVIDIA GART Driver
PC-Doctor for Windows
PhotoGallery
Photosmart 140,240,7200,7600,7700,7900 Series
PrintScreen
PS2
PSShortcutsP
QFolder
Quicken 2004
QuickProjects
QuickTime
Readme
RealOne Player
S3 S3Display
S3 S3Gamma2
S3 S3Info2
S3 S3Overlay
Scan
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978706)
SkinsHP1
SkinsHP2
Sonic Update Manager
SpamSubtract
Toolkit View(HP)
TrayApp
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB898461)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB925720)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB978207)
Updates from HP
VIA Rhine-Family Fast Ethernet Adapter
VIA/S3G Display Driver
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows XP Hotfix - KB826959
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2

==== Event Viewer Messages From Past Week ========

2/27/2010 4:07:55 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x8007f003: Cumulative Security Update for Internet Explorer 7 for Windows XP (KB978207).
2/25/2010 4:23:17 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
2/25/2010 4:16:37 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x8007f02b: Windows XP Service Pack 3 (KB936929).
2/24/2010 8:40:01 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 7 for Windows XP.
2/24/2010 8:33:16 PM, error: Service Control Manager [7000] - The mrtRate service failed to start due to the following error: The system cannot find the file specified.
2/23/2010 2:21:21 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86.

==== End Of File ===========================

Attached Files



#6 Tokek

Tokek

    Bleepin' Gecko


  • Members
  • 1,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jakarta, Indonesia
  • Local time:08:17 AM

Posted 03 March 2010 - 10:32 AM

Can you repost your GMER log? I don't see the GMER log.

For future reference, please try to copy and paste the requested logs into your replies as it makes it easier for my research.
If I have not replied back to your post in 3 days, please send me a PM.

Posted Image

#7 HowAreYouDoing

HowAreYouDoing
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 07 March 2010 - 09:32 PM

Sorry about the delay. Here is the GMER log

Attached Files

  • Attached File  ark.txt   389bytes   22 downloads


#8 Tokek

Tokek

    Bleepin' Gecko


  • Members
  • 1,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jakarta, Indonesia
  • Local time:08:17 AM

Posted 09 March 2010 - 11:27 AM

Hello HowAreYouDoing,

Please copy and paste the requested logs from now on instead of attaching them in the replies. This makes it easier for me to research your issues.

Download Combofix from any of the links below, and save it to your desktop. For information regarding this download, please visit this webpage: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Link 1
Link 2


**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

--------------------------------------------------------------------

Double click on combofix.exe & follow the prompts.
If it asks you, please install the Windows Recovery Console (internet connection required).
    When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" along with a new DDS log for further review.

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall


In your next reply, please include the following:
  • ComboFix.txt

If I have not replied back to your post in 3 days, please send me a PM.

Posted Image

#9 HowAreYouDoing

HowAreYouDoing
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 09 March 2010 - 11:59 AM

ComboFix 10-03-08.02 - Owner 03/09/2010 11:40:34.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.447.203 [GMT -5:00]
Running from: c:\documents and settings\Owner.YOUR-AT5QGAAC3Z\My Documents\Downloads\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Common Files\xexic.bat
c:\program files\INSTALL.LOG
c:\program files\WinPCap
c:\program files\WinPCap\rpcapd.exe
c:\recycler\S-1-5-21-2684534878-944502852-2873996722-1003
c:\windows\demotamyt.bat
c:\windows\doqeqirati.vbs
c:\windows\iguwy.vbs
c:\windows\sv.dat
c:\windows\system32\ps2.bat
c:\windows\system32\reboot.txt
c:\windows\ukaruzumow._sy
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2010-02-09 to 2010-03-09 )))))))))))))))))))))))))))))))
.

2098-09-01 03:09 . 2008-08-29 16:03 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-27 06:17 . 2007-08-13 23:54 33792 -c--a-w- c:\windows\system32\dllcache\custsat.dll
2010-02-25 02:37 . 2010-02-25 02:37 -------- d-----w- c:\windows\system32\XPSViewer
2010-02-23 04:53 . 2010-02-23 04:53 79488 ----a-w- c:\documents and settings\Owner.YOUR-AT5QGAAC3Z\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-02-23 04:52 . 2010-02-23 04:52 -------- d-----w- c:\program files\MSXML 6.0
2010-02-21 16:48 . 2009-10-20 14:58 263552 -c----w- c:\windows\system32\dllcache\http.sys
2010-02-21 01:51 . 2009-05-18 18:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-02-21 01:51 . 2008-04-17 17:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-02-21 01:46 . 2009-08-28 23:42 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-02-21 01:46 . 2009-08-28 23:42 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-02-21 01:46 . 2010-02-21 01:51 -------- dc----w- c:\windows\system32\DRVSTORE
2010-02-20 20:15 . 2010-03-07 20:53 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-02-20 20:08 . 2008-06-13 13:10 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-02-20 20:07 . 2009-11-21 16:36 470528 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-02-20 20:06 . 2009-03-06 14:44 283648 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-02-20 20:06 . 2005-07-26 04:39 60416 -c----w- c:\windows\system32\dllcache\colbact.dll
2010-02-20 20:06 . 2009-02-09 10:20 399360 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-02-20 20:06 . 2009-02-09 10:20 473088 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-02-20 20:06 . 2009-02-09 10:20 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-02-20 20:06 . 2009-02-06 17:14 110592 -c----w- c:\windows\system32\dllcache\services.exe
2010-02-20 20:06 . 2009-02-06 16:39 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-02-20 20:06 . 2009-02-09 10:20 616960 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-02-20 20:06 . 2009-02-09 10:20 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-02-20 20:05 . 2009-06-21 22:04 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2010-02-20 20:01 . 2008-05-01 14:30 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2010-02-20 20:01 . 2009-07-10 13:42 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-02-20 20:01 . 2008-04-11 18:50 683520 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2010-02-20 20:01 . 2009-12-08 18:53 2136064 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-20 20:01 . 2009-12-08 18:55 2180352 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-02-20 20:01 . 2009-12-08 18:19 2015744 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-20 20:01 . 2009-12-08 18:19 2057728 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-02-20 20:00 . 2009-06-05 07:42 655872 -c----w- c:\windows\system32\dllcache\mstscax.dll
2010-02-20 19:57 . 2008-04-21 10:02 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-02-20 19:56 . 2009-12-16 12:58 343040 -c----w- c:\windows\system32\dllcache\mspaint.exe
2010-02-20 19:56 . 2009-11-27 16:37 8704 -c----w- c:\windows\system32\dllcache\tsbyuv.dll
2010-02-20 19:56 . 2009-11-27 16:37 84992 -c----w- c:\windows\system32\dllcache\avifil32.dll
2010-02-20 19:56 . 2009-11-27 16:37 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll
2010-02-20 19:56 . 2009-11-27 16:37 11264 -c----w- c:\windows\system32\dllcache\msrle32.dll
2010-02-20 19:56 . 2009-11-27 17:33 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll
2010-02-20 19:56 . 2009-11-27 17:33 1291264 -c----w- c:\windows\system32\dllcache\quartz.dll
2010-02-20 19:56 . 2009-12-14 07:35 33280 -c----w- c:\windows\system32\dllcache\csrsrv.dll
2010-02-20 19:56 . 2009-12-08 09:13 474112 -c----w- c:\windows\system32\dllcache\shlwapi.dll
2010-02-20 04:36 . 2010-03-03 03:47 34296 ----a-w- c:\documents and settings\Owner.YOUR-AT5QGAAC3Z\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-20 04:32 . 2010-02-25 02:38 -------- d-----w- c:\windows\system32\wbem\AutoRecover
2010-02-16 19:14 . 2004-08-04 03:08 60288 ----a-w- c:\windows\system32\drivers\drmk.sys
2010-02-16 19:14 . 2004-08-04 03:15 145792 ----a-w- c:\windows\system32\drivers\portcls.sys
2010-02-15 23:41 . 2010-02-15 23:41 72488 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
2010-02-15 01:22 . 2010-02-15 01:22 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee
2010-02-14 02:35 . 2004-08-04 04:56 29184 ------w- c:\windows\system32\sdhcinst.dll
2010-02-14 02:34 . 2010-01-05 10:00 78336 ------w- c:\windows\system32\ieencode.dll
2010-02-14 02:23 . 2005-10-20 22:20 1082368 ----a-w- c:\windows\system32\esent.dll
2010-02-13 21:10 . 2010-02-13 21:10 -------- d-----w- c:\windows\system32\bits
2010-02-13 21:08 . 2007-11-30 11:18 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2010-02-13 21:06 . 2009-08-25 09:47 352256 ----a-w- c:\windows\system32\winhttp.dll
2010-02-13 21:06 . 2004-08-04 04:56 18944 ----a-w- c:\windows\system32\qmgrprxy.dll
2010-02-13 21:06 . 2004-08-04 04:56 8192 ------w- c:\windows\system32\bitsprx2.dll
2010-02-13 21:06 . 2004-08-04 04:56 7168 ------w- c:\windows\system32\bitsprx3.dll
2010-02-13 21:03 . 2009-08-07 00:24 327896 ----a-w- c:\windows\system32\wucltui.dll
2010-02-13 21:03 . 2009-08-07 00:24 209632 ----a-w- c:\windows\system32\wuweb.dll
2010-02-13 21:03 . 2009-08-07 00:24 35552 ----a-w- c:\windows\system32\wups.dll
2010-02-13 21:03 . 2009-08-07 00:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2010-02-13 21:03 . 2004-08-03 19:03 186136 ----a-w- c:\windows\system32\wuaueng1.dll
2010-02-13 21:03 . 2004-08-03 19:01 167704 ----a-w- c:\windows\system32\wuauclt1.exe
2010-02-13 01:49 . 2010-02-13 01:49 -------- d-----w- C:\temp
2010-02-13 00:24 . 2004-08-04 04:56 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-02-12 12:59 . 2010-02-13 05:32 262144 ----a-w- C:\ntuser.dat
2010-02-12 12:56 . 2004-08-03 19:04 185624 -c--a-w- c:\windows\system32\dllcache\iuengine.dll
2010-02-12 12:56 . 2004-08-03 19:04 185624 ----a-w- c:\windows\system32\iuengine.dll
2010-02-12 08:13 . 2009-05-06 01:12 -------- d-----w- c:\documents and settings\Owner.YOUR-AT5QGAAC3Z\Shared
2010-02-12 08:13 . 2009-04-03 04:03 -------- d-sh--w- c:\documents and settings\Owner.YOUR-AT5QGAAC3Z\PrivacIE
2010-02-12 08:13 . 2004-08-19 23:17 -------- d-s---w- c:\documents and settings\Owner.YOUR-AT5QGAAC3Z\UserData
2010-02-12 08:13 . 2004-01-21 03:48 -------- d-----w- c:\documents and settings\Owner.YOUR-AT5QGAAC3Z\WINDOWS
2010-02-12 08:13 . 2010-02-25 21:23 -------- d-----w- c:\documents and settings\Owner.YOUR-AT5QGAAC3Z
2010-02-12 04:12 . 2009-06-23 02:13 -------- d-----w- c:\windows\system32\config\systemprofile\Incomplete
2010-02-12 04:12 . 2009-04-07 03:43 -------- d-sh--w- c:\windows\system32\config\systemprofile\IECompatCache
2010-02-12 04:12 . 2009-04-03 03:54 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2010-02-12 04:12 . 2009-05-06 01:12 -------- d-----w- c:\windows\system32\config\systemprofile\Shared
2010-02-12 04:12 . 2009-04-03 04:03 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE
2010-02-12 04:12 . 2004-08-19 23:17 -------- d-sh--w- c:\windows\system32\config\systemprofile\UserData
2010-02-12 04:12 . 2004-01-21 03:48 -------- d-----w- c:\windows\system32\config\systemprofile\WINDOWS
2010-02-12 04:10 . 2003-09-19 06:47 10368 ------w- c:\windows\system32\drivers\pfc.sys
2010-02-12 04:10 . 2001-12-10 22:42 204800 ----a-w- c:\windows\system32\IVIresizeW7.dll
2010-02-12 04:10 . 2001-12-10 22:42 200704 ----a-w- c:\windows\system32\IVIresizeA6.dll
2010-02-12 04:10 . 2001-12-10 22:42 192512 ----a-w- c:\windows\system32\IVIresizeM6.dll
2010-02-12 04:10 . 2001-12-10 22:42 192512 ----a-w- c:\windows\system32\IVIresizeP6.dll
2010-02-12 04:10 . 2001-12-10 22:42 188416 ----a-w- c:\windows\system32\IVIresizePX.dll
2010-02-12 04:10 . 2001-12-10 22:42 20480 ----a-w- c:\windows\system32\IVIresize.dll
2010-02-12 04:08 . 2004-08-04 04:56 23552 ----a-w- c:\windows\system32\wdmaud.drv
2010-02-12 04:08 . 2010-02-12 04:08 -------- d-----w- c:\program files\Multimedia Card Reader
2010-02-12 04:06 . 2004-08-04 03:14 52736 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2010-02-12 04:06 . 2004-08-04 02:58 24576 ----a-w- c:\windows\system32\drivers\kbdclass.sys
2010-02-11 00:01 . 2009-06-23 02:13 -------- d-----w- c:\documents and settings\Default User\Incomplete
2010-02-11 00:01 . 2009-04-07 03:43 -------- d-sh--w- c:\documents and settings\Default User\IECompatCache
2010-02-11 00:01 . 2009-04-03 03:54 -------- d-sh--w- c:\documents and settings\Default User\IETldCache
2010-02-11 00:01 . 2009-05-06 01:12 -------- d-----w- c:\documents and settings\Default User\Shared
2010-02-11 00:01 . 2009-04-03 04:03 -------- d-sh--w- c:\documents and settings\Default User\PrivacIE
2010-02-11 00:01 . 2004-08-19 23:17 -------- d-sh--w- c:\documents and settings\Default User\UserData
2010-02-10 23:57 . 2001-08-17 21:48 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2010-02-10 23:57 . 2004-08-04 04:56 21504 ----a-w- c:\windows\system32\hidserv.dll
2010-02-10 23:57 . 2004-08-04 02:58 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2010-02-10 23:56 . 2001-08-17 22:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2010-02-10 23:56 . 2004-08-04 03:07 52864 ----a-w- c:\windows\system32\drivers\dmusic.sys
2010-02-10 23:56 . 2001-08-17 22:00 54272 ----a-w- c:\windows\system32\drivers\swmidi.sys
2010-02-10 23:56 . 2004-08-04 03:07 2944 ----a-w- c:\windows\system32\drivers\drmkaud.sys
2010-02-10 23:56 . 2004-08-04 03:15 60800 ----a-w- c:\windows\system32\drivers\sysaudio.sys
2010-02-10 23:56 . 2001-08-17 21:46 6400 ----a-w- c:\windows\system32\drivers\enum1394.sys
2010-02-10 23:56 . 2004-08-04 03:10 61056 ----a-w- c:\windows\system32\drivers\ohci1394.sys
2010-02-10 22:31 . 2010-03-03 05:14 -------- dcsh--r- c:\windows\system32\dllcache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-25 21:22 . 2004-01-21 03:28 -------- d-----w- c:\program files\Hewlett-Packard
2010-02-25 21:22 . 2004-01-21 03:23 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-25 02:37 . 2010-02-25 02:37 -------- d-----w- c:\program files\MSBuild
2010-02-25 02:37 . 2010-02-25 02:37 -------- d-----w- c:\program files\Reference Assemblies
2010-02-25 01:40 . 2004-01-21 03:23 -------- d-----w- c:\program files\MUSICMATCH
2010-02-21 01:51 . 2005-09-13 21:20 -------- d-----w- c:\program files\iTunes
2010-02-21 01:48 . 2006-11-02 05:27 -------- d-----w- c:\program files\QuickTime
2010-02-20 02:45 . 2004-01-21 01:15 80795 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2010-02-14 02:52 . 2004-01-21 09:48 -------- d-----w- c:\program files\Symantec
2010-02-14 02:51 . 2004-01-21 09:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2010-02-12 12:40 . 2004-01-21 03:43 -------- d-----w- c:\program files\Microsoft Plus! Digital Media Edition
2010-02-12 12:37 . 2004-01-21 03:56 -------- d-----w- c:\program files\Easy Internet signup
2010-02-12 08:30 . 2010-02-12 08:30 4178 --sha-r- c:\windows\system32\drivers\HP_DW236A-ABA a545c_YC_Pavi_QMXM411_E42NAheBLU4_4_IKelut_SASUSTek Computer INC._V2.02_B3.03_T040209_WXH1_L409_M448_J200_7AMD_8Athlon XP 3200+_92.2_111063044_N11063065_P_Z11C1044C_K_A11063059_U11063038_G11067205.MRK
2010-02-06 19:13 . 2010-02-06 19:13 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-02-06 19:13 . 2010-02-06 19:13 -------- d-----w- c:\program files\DVDVideoSoft
2010-01-05 10:00 . 2006-06-23 16:33 832512 ----a-w- c:\windows\system32\wininet.dll
2010-01-05 10:00 . 2004-02-16 19:13 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-31 16:14 . 2004-01-21 00:04 352640 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-16 12:58 . 2004-02-16 19:14 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:35 . 2004-02-16 19:13 33280 ----a-w- c:\windows\system32\csrsrv.dll
2008-03-08 17:33 . 2008-03-08 17:33 19091 -c--a-w- c:\program files\Common Files\kenyn._sy
2008-03-08 17:33 . 2008-03-08 17:33 19117 -c--a-w- c:\program files\Common Files\hobiby.dl
2008-03-08 17:33 . 2008-03-08 17:33 13098 -c--a-w- c:\program files\Common Files\efarites.ban
2005-03-05 21:32 . 2005-03-09 15:27 249856 -c--a-w- c:\program files\Uninstall My Web Search.dll
2004-09-20 04:52 . 2004-09-20 04:52 32 -csha-w- c:\windows\{30A3DF06-6756-4B0C-9CA1-77092D899BC8}.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LTMSG"="LTMSG.exe 7" [X]
"SunJavaUpdateSched"="c:\program files\Java\j2re1.4.2_03\bin\jusched.exe" [2004-01-21 32881]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-08 52736]
"HPHUPD05"="c:\program files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [2003-08-21 49152]
"HPHmon05"="c:\windows\System32\hphmon05.exe" [2003-08-21 483328]
"KBD"="c:\hp\KBD\KBD.EXE" [2003-02-12 61440]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2004-01-21 151597]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2003-11-04 221184]
"VTTimer"="VTTimer.exe" [2004-10-22 53248]
"PS2"="c:\windows\system32\ps2.exe" [2002-10-16 81920]
"Sunkist2k"="c:\program files\Multimedia Card Reader\shwicon2k.exe" [2003-10-29 135168]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2003-12-18 118784]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 57344]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-15 141608]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2003-9-16 237568]
NETGEAR WG111v3 Smart Wizard.lnk - c:\program files\NETGEAR\WG111v3\WG111v3.exe [2008-7-1 2326528]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [12/28/2007 2:02 PM 287232]
S2 mrtRate;mrtRate; [x]
.
Contents of the 'Scheduled Tasks' folder

2010-02-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 16:34]

2010-03-09 c:\windows\Tasks\McAfee.com Update Check (YOUR-AT5QGAAC3Z-Guest).job
- c:\progra~1\McAfee.com\Agent\mcupdate.exe [2005-08-23 22:29]

2010-03-09 c:\windows\Tasks\McAfee.com Update Check (YOUR-AT5QGAAC3Z-Owner).job
- c:\progra~1\McAfee.com\Agent\mcupdate.exe [2005-08-23 22:29]
.
.
------- Supplementary Scan -------
.
mSearch Bar = hxxp://srch-us10.hpwis.com/
uInternet Settings,ProxyOverride = localhost;*.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
LSP: SpSubLSP.dll
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-RecordNow! - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-09 11:49
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(908)
c:\windows\system32\SpSubLSP.dll
.
Completion time: 2010-03-09 11:54:25
ComboFix-quarantined-files.txt 2010-03-09 16:54
ComboFix2.txt 2008-08-26 22:28

Pre-Run: 772,190,208 bytes free
Post-Run: 1,154,342,912 bytes free

- - End Of File - - 553BE368F134F1600CFE6DFD98E4F424



DDS (Ver_09-12-01.01) - NTFSx86
Run by Owner at 11:57:16.96 on Tue 03/09/2010
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.447.81 [GMT -5:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\wscntfy.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\LTMSG.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\My Documents\Downloads\dds(2).scr

============== Pseudo HJT Report ===============

mSearch Bar = hxxp://srch-us10.hpwis.com/
uInternet Settings,ProxyOverride = localhost;*.local
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
TB: HP View: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
mRun: [SunJavaUpdateSched] c:\program files\java\j2re1.4.2_03\bin\jusched.exe
mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe
mRun: [HPHUPD05] c:\program files\hp\{45b6180b-dcab-4093-8ee8-6164457517f0}\hphupd05.exe
mRun: [HPHmon05] c:\windows\system32\hphmon05.exe
mRun: [KBD] c:\hp\kbd\KBD.EXE
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [VTTimer] VTTimer.exe
mRun: [LTMSG] LTMSG.exe 7
mRun: [PS2] c:\windows\system32\ps2.exe
mRun: [Sunkist2k] c:\program files\multimedia card reader\shwicon2k.exe
mRun: [Reminder] "c:\windows\creator\Remind_XP.exe"
mRun: [AlcxMonitor] ALCXMNTR.EXE
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg111v3\WG111v3.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\windows\system32\msjava.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
LSP: SpSubLSP.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
Notify: igfxcui - igfxsrvc.dll

============= SERVICES / DRIVERS ===============

R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [2007-12-28 287232]
S2 mrtRate;mrtRate; [x]

=============== Created Last 30 ================

2098-09-01 22:36:32 90233 -c--a-w- c:\windows\cdPlayer.ini
2098-09-01 02:55:43 80604 ----a-w- C:\VScanOas.mmf
2098-09-01 02:55:43 74996 ----a-w- C:\AVConsol.mmf
2098-09-01 02:55:43 51200 ----a-w- C:\dVS_Excl.mmf
2098-09-01 02:55:43 51200 ----a-w- C:\dScanDef.mmf
2098-09-01 02:55:43 51200 ----a-w- C:\dExclDef.mmf
2098-09-01 02:55:43 27448 ----a-w- C:\VScanOds.mmf
2098-09-01 02:55:43 25008 ----a-w- C:\VScanGen.mmf
2098-09-01 02:55:43 1324800 ----a-w- C:\dAV_Cons.mmf
2098-09-01 02:55:43 1280000 ----a-w- C:\dAV_Scan.mmf
2098-09-01 02:55:43 1280000 ----a-w- C:\dAV_Excl.mmf
2010-03-09 16:39:32 77312 ----a-w- c:\windows\MBR.exe
2010-03-09 16:39:32 261632 ----a-w- c:\windows\PEV.exe
2010-02-27 06:20:58 0 d-----w- c:\windows\network diagnostic
2010-02-27 06:17:45 33792 -c--a-w- c:\windows\system32\dllcache\custsat.dll
2010-02-25 21:04:25 1089601 -c----w- c:\windows\system32\dllcache\ntprint.cat
2010-02-25 02:37:39 0 d-----w- c:\windows\system32\XPSViewer
2010-02-25 02:36:51 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-02-25 02:36:51 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-02-25 02:36:51 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-02-25 02:36:51 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-02-25 02:36:51 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-02-25 02:36:51 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-02-25 02:36:51 117760 ------w- c:\windows\system32\prntvpt.dll
2010-02-25 02:36:50 0 d-----w- C:\0164af3499ba4a8614ac
2010-02-23 04:52:09 0 d-----w- c:\program files\MSXML 6.0
2010-02-21 16:48:43 263552 -c----w- c:\windows\system32\dllcache\http.sys
2010-02-21 01:51:53 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-02-21 01:51:53 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-02-21 01:46:16 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-02-21 01:46:16 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-02-20 20:15:32 0 d-----w- c:\windows\system32\CatRoot_bak
2010-02-20 20:08:16 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-02-20 20:07:00 470528 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-02-20 20:06:33 60416 -c----w- c:\windows\system32\dllcache\colbact.dll
2010-02-20 20:06:33 283648 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-02-20 20:06:32 473088 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-02-20 20:06:32 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-02-20 20:06:32 399360 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-02-20 20:06:32 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-02-20 20:06:32 110592 -c----w- c:\windows\system32\dllcache\services.exe
2010-02-20 20:06:30 616960 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-02-20 20:06:29 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-02-20 20:05:35 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2010-02-20 20:01:59 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2010-02-20 20:01:50 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-02-20 20:01:22 683520 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2010-02-20 20:01:05 2136064 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-20 20:01:04 2180352 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-02-20 20:01:03 2015744 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-20 20:01:02 2057728 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-02-20 20:00:40 655872 -c----w- c:\windows\system32\dllcache\mstscax.dll
2010-02-20 19:57:32 1196000 -c----w- c:\windows\system32\dllcache\sysmain.sdb
2010-02-20 19:57:31 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-02-20 19:56:23 343040 -c----w- c:\windows\system32\dllcache\mspaint.exe
2010-02-20 19:56:17 8704 -c----w- c:\windows\system32\dllcache\tsbyuv.dll
2010-02-20 19:56:17 84992 -c----w- c:\windows\system32\dllcache\avifil32.dll
2010-02-20 19:56:17 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll
2010-02-20 19:56:17 11264 -c----w- c:\windows\system32\dllcache\msrle32.dll
2010-02-20 19:56:09 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll
2010-02-20 19:56:09 1291264 -c----w- c:\windows\system32\dllcache\quartz.dll
2010-02-20 19:56:05 33280 -c----w- c:\windows\system32\dllcache\csrsrv.dll
2010-02-20 19:56:00 474112 -c----w- c:\windows\system32\dllcache\shlwapi.dll
2010-02-20 04:32:30 0 d-----w- c:\windows\system32\wbem\AutoRecover
2010-02-16 19:14:32 60288 ----a-w- c:\windows\system32\drivers\drmk.sys
2010-02-16 19:14:30 145792 ----a-w- c:\windows\system32\drivers\portcls.sys
2010-02-14 02:35:59 67584 ------w- c:\windows\system32\drivers\sdbus.sys
2010-02-14 02:34:59 56700 ----a-w- c:\windows\system32\ieuinit.inf
2010-02-14 02:23:51 1082368 ----a-w- c:\windows\system32\esent.dll
2010-02-13 21:10:45 0 d-----w- c:\windows\system32\bits
2010-02-13 21:08:42 0 d-----w- c:\windows\system32\PreInstall
2010-02-13 21:08:38 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2010-02-13 21:06:54 8192 ------w- c:\windows\system32\bitsprx2.dll
2010-02-13 21:06:54 7168 ------w- c:\windows\system32\bitsprx3.dll
2010-02-13 21:06:54 352256 ----a-w- c:\windows\system32\winhttp.dll
2010-02-13 21:06:54 18944 ----a-w- c:\windows\system32\qmgrprxy.dll
2010-02-13 21:04:47 0 d-----w- c:\windows\system32\SoftwareDistribution
2010-02-13 21:03:23 217816 ----a-w- c:\windows\system32\wuaucpl.cpl
2010-02-13 21:03:23 186136 ----a-w- c:\windows\system32\wuaueng1.dll
2010-02-13 21:03:23 167704 ----a-w- c:\windows\system32\wuauclt1.exe
2010-02-13 20:58:35 0 d-sha-r- C:\cmdcons
2010-02-13 20:58:13 0 d-----w- c:\windows\setupupd
2010-02-13 01:49:15 0 d-----w- C:\temp
2010-02-13 00:24:21 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-02-12 12:59:52 262144 ----a-w- C:\ntuser.dat
2010-02-12 12:56:02 185624 -c--a-w- c:\windows\system32\dllcache\iuengine.dll
2010-02-12 12:56:02 185624 ----a-w- c:\windows\system32\iuengine.dll
2010-02-12 08:30:02 4178 --sha-r- c:\windows\system32\drivers\HP_DW236A-ABA a545c_YC_Pavi_QMXM411_E42NAheBLU4_4_IKelut_SASUSTek Computer INC._V2.02_B3.03_T040209_WXH1_L409_M448_J200_7AMD_8Athlon XP 3200+_92.2_111063044_N11063065_P_Z11C1044C_K_A11063059_U11063038_G11067205.MRK
2010-02-12 08:14:05 0 d-----w- c:\docume~1\owner~1.you\applic~1\Malwarebytes
2010-02-12 08:14:05 0 d-----w- c:\docume~1\owner~1.you\applic~1\FlySuite
2010-02-12 08:14:05 0 d-----w- c:\docume~1\owner~1.you\applic~1\AOL
2010-02-12 08:14:05 0 d-----w- c:\docume~1\owner~1.you\applic~1\AdobeAUM
2010-02-12 08:14:04 0 d-sh--w- c:\documents and settings\owner.your-at5qgaac3z\IETldCache
2010-02-12 08:14:04 0 d-sh--w- c:\documents and settings\owner.your-at5qgaac3z\IECompatCache
2010-02-12 08:14:04 0 d-----w- c:\documents and settings\owner.your-at5qgaac3z\Incomplete
2010-02-12 08:14:04 0 d-----w- c:\docume~1\owner~1.you\applic~1\Symantec
2010-02-12 08:14:04 0 d-----w- c:\docume~1\owner~1.you\applic~1\SUPERAntiSpyware.com
2010-02-12 08:14:04 0 d-----w- c:\docume~1\owner~1.you\applic~1\rawh
2010-02-12 04:10:39 10368 ------w- c:\windows\system32\drivers\pfc.sys
2010-02-12 04:10:08 204800 ----a-w- c:\windows\system32\IVIresizeW7.dll
2010-02-12 04:10:08 20480 ----a-w- c:\windows\system32\IVIresize.dll
2010-02-12 04:10:08 200704 ----a-w- c:\windows\system32\IVIresizeA6.dll
2010-02-12 04:10:08 192512 ----a-w- c:\windows\system32\IVIresizeP6.dll
2010-02-12 04:10:08 192512 ----a-w- c:\windows\system32\IVIresizeM6.dll
2010-02-12 04:10:08 188416 ----a-w- c:\windows\system32\IVIresizePX.dll
2010-02-12 04:08:27 23552 ----a-w- c:\windows\system32\wdmaud.drv
2010-02-12 04:08:00 0 d-----w- c:\program files\Multimedia Card Reader
2010-02-12 04:06:51 52736 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2010-02-12 04:06:51 24576 ------w- c:\windows\system32\drivers\kbdclass.sys
2010-02-10 23:57:02 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2010-02-10 23:57:01 21504 ----a-w- c:\windows\system32\hidserv.dll
2010-02-10 23:57:00 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2010-02-10 23:56:55 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2010-02-10 23:56:50 54272 ----a-w- c:\windows\system32\drivers\swmidi.sys
2010-02-10 23:56:50 52864 ----a-w- c:\windows\system32\drivers\dmusic.sys
2010-02-10 23:56:49 2944 ----a-w- c:\windows\system32\drivers\drmkaud.sys
2010-02-10 23:56:48 60800 ----a-w- c:\windows\system32\drivers\sysaudio.sys
2010-02-10 23:56:30 6400 ----a-w- c:\windows\system32\drivers\enum1394.sys
2010-02-10 23:56:29 61056 ----a-w- c:\windows\system32\drivers\ohci1394.sys
2010-02-10 22:31:56 0 dcsh--r- c:\windows\system32\dllcache

==================== Find3M ====================

2010-01-05 10:00:29 832512 ------w- c:\windows\system32\wininet.dll
2010-01-05 10:00:21 78336 ------w- c:\windows\system32\ieencode.dll
2010-01-05 10:00:20 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-16 12:58:04 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:35:35 33280 ----a-w- c:\windows\system32\csrsrv.dll
2008-03-08 17:33:41 19091 -c--a-w- c:\program files\common files\kenyn._sy
2008-03-08 17:33:40 19117 -c--a-w- c:\program files\common files\hobiby.dl
2008-03-08 17:33:40 13098 -c--a-w- c:\program files\common files\efarites.ban
2007-12-28 19:02:12 287232 ----a-w- c:\windows\inf\wg111v3\wg111v3.sys
2007-12-28 18:59:30 342528 -c--a-w- c:\windows\inf\wg111v3\vista64\wg111v3.sys
2007-11-27 21:53:58 63488 -c--a-w- c:\windows\inf\wg111v3\SetDrv64.exe
2007-11-27 21:52:44 32768 -c--a-w- c:\windows\inf\wg111v3\SetDrv.exe
2006-12-15 15:30:36 98304 -c--a-w- c:\windows\inf\wg111v3\UScanM.exe
2006-12-15 15:30:36 315392 -c--a-w- c:\windows\inf\wg111v3\InstallDriver.exe
2006-12-15 15:30:36 212992 -c--a-w- c:\windows\inf\wg111v3\CopyWHQLDriver.exe
2006-12-15 15:30:36 20480 -c--a-w- c:\windows\inf\wg111v3\RTWUPath.exe
2006-12-15 15:30:36 19968 -c--a-w- c:\windows\inf\wg111v3\RTWREFU.EXE
2005-03-05 21:32:16 249856 -c--a-w- c:\program files\Uninstall My Web Search.dll
2004-09-20 04:52:44 32 -csha-w- c:\windows\{30A3DF06-6756-4B0C-9CA1-77092D899BC8}.dat
2009-10-04 19:58:25 16384 --sha-w- c:\windows\system32\config\systemprofile\iecompatcache\index.dat

============= FINISH: 11:58:03.35 ===============






#10 Tokek

Tokek

    Bleepin' Gecko


  • Members
  • 1,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jakarta, Indonesia
  • Local time:08:17 AM

Posted 10 March 2010 - 03:13 AM

Hello HowAreYouDoing,

How is your PC running this time?

Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "JDK 6 Update 18 (JDK or JRE)".
  • Click the "Download JRE" button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u18-windows-i586.exe to install the newest version.
  • If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
-- Starting with Java 6u10, the uninstaller incorporated in each new release uses Enhanced Auto update to automatically remove the previous version when updating to a later update release. It will not remove older versions, so they will need to be removed manually.
-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.


Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click Ok and reboot your computer.


In your next reply, please include the following:
  • a new DDS log

If I have not replied back to your post in 3 days, please send me a PM.

Posted Image

#11 HowAreYouDoing

HowAreYouDoing
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 10 March 2010 - 05:50 PM

I'm still having trouble with free disk space on my computer.
C: is FIXED (NTFS) - 182 GiB total, 0.262 GiB free.
D: is FIXED (FAT32) - 4 GiB total, 0.631 GiB free.

Will defragging help or should I remove more programs? If I remove programs, I'm not sure which others I may need and those that I won't so is there any way you will be able to see which I may need and which I don't need? Thank you.




DDS (Ver_09-12-01.01) - NTFSx86
Run by Owner at 17:27:59.06 on Wed 03/10/2010
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_18
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.447.75 [GMT -5:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\LTMSG.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\update\update.exe
C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\My Documents\Downloads\dds(3).scr

============== Pseudo HJT Report ===============

mSearch Bar = hxxp://srch-us10.hpwis.com/
uInternet Settings,ProxyOverride = localhost;*.local
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: HP View: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe
mRun: [HPHUPD05] c:\program files\hp\{45b6180b-dcab-4093-8ee8-6164457517f0}\hphupd05.exe
mRun: [HPHmon05] c:\windows\system32\hphmon05.exe
mRun: [KBD] c:\hp\kbd\KBD.EXE
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [VTTimer] VTTimer.exe
mRun: [LTMSG] LTMSG.exe 7
mRun: [PS2] c:\windows\system32\ps2.exe
mRun: [Sunkist2k] c:\program files\multimedia card reader\shwicon2k.exe
mRun: [Reminder] "c:\windows\creator\Remind_XP.exe"
mRun: [AlcxMonitor] ALCXMNTR.EXE
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg111v3\WG111v3.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
LSP: SpSubLSP.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
Notify: igfxcui - igfxsrvc.dll

============= SERVICES / DRIVERS ===============

R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [2007-12-28 287232]
S2 mrtRate;mrtRate; [x]

=============== Created Last 30 ================

2098-09-01 22:36:32 90233 -c--a-w- c:\windows\cdPlayer.ini
2098-09-01 02:55:43 80604 ----a-w- C:\VScanOas.mmf
2098-09-01 02:55:43 74996 ----a-w- C:\AVConsol.mmf
2098-09-01 02:55:43 51200 ----a-w- C:\dVS_Excl.mmf
2098-09-01 02:55:43 51200 ----a-w- C:\dScanDef.mmf
2098-09-01 02:55:43 51200 ----a-w- C:\dExclDef.mmf
2098-09-01 02:55:43 27448 ----a-w- C:\VScanOds.mmf
2098-09-01 02:55:43 25008 ----a-w- C:\VScanGen.mmf
2098-09-01 02:55:43 1324800 ----a-w- C:\dAV_Cons.mmf
2098-09-01 02:55:43 1280000 ----a-w- C:\dAV_Scan.mmf
2098-09-01 02:55:43 1280000 ----a-w- C:\dAV_Excl.mmf
2010-03-10 22:24:18 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-03-10 22:24:18 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-09 16:39:32 77312 ----a-w- c:\windows\MBR.exe
2010-03-09 16:39:32 261632 ----a-w- c:\windows\PEV.exe
2010-02-27 06:20:58 0 d-----w- c:\windows\network diagnostic
2010-02-27 06:17:45 33792 -c--a-w- c:\windows\system32\dllcache\custsat.dll
2010-02-25 21:04:25 1089601 -c----w- c:\windows\system32\dllcache\ntprint.cat
2010-02-25 02:37:39 0 d-----w- c:\windows\system32\XPSViewer
2010-02-25 02:36:51 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-02-25 02:36:51 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-02-25 02:36:51 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-02-25 02:36:51 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-02-25 02:36:51 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-02-25 02:36:51 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-02-25 02:36:51 117760 ------w- c:\windows\system32\prntvpt.dll
2010-02-25 02:36:50 0 d-----w- C:\0164af3499ba4a8614ac
2010-02-23 04:52:09 0 d-----w- c:\program files\MSXML 6.0
2010-02-21 16:48:43 263552 -c----w- c:\windows\system32\dllcache\http.sys
2010-02-21 01:51:53 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-02-21 01:51:53 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-02-21 01:46:16 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-02-21 01:46:16 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-02-20 20:15:32 0 d-----w- c:\windows\system32\CatRoot_bak
2010-02-20 20:08:16 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-02-20 20:07:00 470528 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-02-20 20:06:33 60416 -c----w- c:\windows\system32\dllcache\colbact.dll
2010-02-20 20:06:33 283648 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-02-20 20:06:32 473088 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-02-20 20:06:32 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-02-20 20:06:32 399360 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-02-20 20:06:32 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-02-20 20:06:32 110592 -c----w- c:\windows\system32\dllcache\services.exe
2010-02-20 20:06:30 616960 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-02-20 20:06:29 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-02-20 20:05:35 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2010-02-20 20:01:59 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2010-02-20 20:01:50 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-02-20 20:01:22 683520 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2010-02-20 20:01:05 2136064 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-20 20:01:04 2180352 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-02-20 20:01:03 2015744 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-20 20:01:02 2057728 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-02-20 20:00:40 655872 -c----w- c:\windows\system32\dllcache\mstscax.dll
2010-02-20 19:57:32 1196000 -c----w- c:\windows\system32\dllcache\sysmain.sdb
2010-02-20 19:57:31 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-02-20 19:56:23 343040 -c----w- c:\windows\system32\dllcache\mspaint.exe
2010-02-20 19:56:17 8704 -c----w- c:\windows\system32\dllcache\tsbyuv.dll
2010-02-20 19:56:17 84992 -c----w- c:\windows\system32\dllcache\avifil32.dll
2010-02-20 19:56:17 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll
2010-02-20 19:56:17 11264 -c----w- c:\windows\system32\dllcache\msrle32.dll
2010-02-20 19:56:09 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll
2010-02-20 19:56:09 1291264 -c----w- c:\windows\system32\dllcache\quartz.dll
2010-02-20 19:56:05 33280 -c----w- c:\windows\system32\dllcache\csrsrv.dll
2010-02-20 19:56:00 474112 -c----w- c:\windows\system32\dllcache\shlwapi.dll
2010-02-20 04:32:30 0 d-----w- c:\windows\system32\wbem\AutoRecover
2010-02-16 19:14:32 60288 ----a-w- c:\windows\system32\drivers\drmk.sys
2010-02-16 19:14:30 145792 ----a-w- c:\windows\system32\drivers\portcls.sys
2010-02-14 02:35:59 67584 ------w- c:\windows\system32\drivers\sdbus.sys
2010-02-14 02:34:59 56700 ----a-w- c:\windows\system32\ieuinit.inf
2010-02-14 02:23:51 1082368 ----a-w- c:\windows\system32\esent.dll
2010-02-13 21:10:45 0 d-----w- c:\windows\system32\bits
2010-02-13 21:08:42 0 d-----w- c:\windows\system32\PreInstall
2010-02-13 21:08:38 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2010-02-13 21:06:54 8192 ------w- c:\windows\system32\bitsprx2.dll
2010-02-13 21:06:54 7168 ------w- c:\windows\system32\bitsprx3.dll
2010-02-13 21:06:54 352256 ----a-w- c:\windows\system32\winhttp.dll
2010-02-13 21:06:54 18944 ----a-w- c:\windows\system32\qmgrprxy.dll
2010-02-13 21:04:47 0 d-----w- c:\windows\system32\SoftwareDistribution
2010-02-13 21:03:23 217816 ----a-w- c:\windows\system32\wuaucpl.cpl
2010-02-13 21:03:23 186136 ----a-w- c:\windows\system32\wuaueng1.dll
2010-02-13 21:03:23 167704 ----a-w- c:\windows\system32\wuauclt1.exe
2010-02-13 20:58:35 0 d-sha-r- C:\cmdcons
2010-02-13 20:58:13 0 d-----w- c:\windows\setupupd
2010-02-13 01:49:15 0 d-----w- C:\temp
2010-02-13 00:24:21 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-02-12 12:59:52 262144 ----a-w- C:\ntuser.dat
2010-02-12 12:56:02 185624 -c--a-w- c:\windows\system32\dllcache\iuengine.dll
2010-02-12 12:56:02 185624 ----a-w- c:\windows\system32\iuengine.dll
2010-02-12 08:30:02 4178 --sha-r- c:\windows\system32\drivers\HP_DW236A-ABA a545c_YC_Pavi_QMXM411_E42NAheBLU4_4_IKelut_SASUSTek Computer INC._V2.02_B3.03_T040209_WXH1_L409_M448_J200_7AMD_8Athlon XP 3200+_92.2_111063044_N11063065_P_Z11C1044C_K_A11063059_U11063038_G11067205.MRK
2010-02-12 08:14:05 0 d-----w- c:\docume~1\owner~1.you\applic~1\Malwarebytes
2010-02-12 08:14:05 0 d-----w- c:\docume~1\owner~1.you\applic~1\FlySuite
2010-02-12 08:14:05 0 d-----w- c:\docume~1\owner~1.you\applic~1\AOL
2010-02-12 08:14:05 0 d-----w- c:\docume~1\owner~1.you\applic~1\AdobeAUM
2010-02-12 08:14:04 0 d-sh--w- c:\documents and settings\owner.your-at5qgaac3z\IETldCache
2010-02-12 08:14:04 0 d-sh--w- c:\documents and settings\owner.your-at5qgaac3z\IECompatCache
2010-02-12 08:14:04 0 d-----w- c:\documents and settings\owner.your-at5qgaac3z\Incomplete
2010-02-12 08:14:04 0 d-----w- c:\docume~1\owner~1.you\applic~1\Symantec
2010-02-12 08:14:04 0 d-----w- c:\docume~1\owner~1.you\applic~1\SUPERAntiSpyware.com
2010-02-12 08:14:04 0 d-----w- c:\docume~1\owner~1.you\applic~1\rawh
2010-02-12 04:10:39 10368 ------w- c:\windows\system32\drivers\pfc.sys
2010-02-12 04:10:08 204800 ----a-w- c:\windows\system32\IVIresizeW7.dll
2010-02-12 04:10:08 20480 ----a-w- c:\windows\system32\IVIresize.dll
2010-02-12 04:10:08 200704 ----a-w- c:\windows\system32\IVIresizeA6.dll
2010-02-12 04:10:08 192512 ----a-w- c:\windows\system32\IVIresizeP6.dll
2010-02-12 04:10:08 192512 ----a-w- c:\windows\system32\IVIresizeM6.dll
2010-02-12 04:10:08 188416 ----a-w- c:\windows\system32\IVIresizePX.dll
2010-02-12 04:08:27 23552 ----a-w- c:\windows\system32\wdmaud.drv
2010-02-12 04:08:00 0 d-----w- c:\program files\Multimedia Card Reader
2010-02-12 04:06:51 52736 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2010-02-12 04:06:51 24576 ------w- c:\windows\system32\drivers\kbdclass.sys
2010-02-10 23:57:02 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2010-02-10 23:57:01 21504 ----a-w- c:\windows\system32\hidserv.dll
2010-02-10 23:57:00 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2010-02-10 23:56:55 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2010-02-10 23:56:50 54272 ----a-w- c:\windows\system32\drivers\swmidi.sys
2010-02-10 23:56:50 52864 ----a-w- c:\windows\system32\drivers\dmusic.sys
2010-02-10 23:56:49 2944 ----a-w- c:\windows\system32\drivers\drmkaud.sys
2010-02-10 23:56:48 60800 ----a-w- c:\windows\system32\drivers\sysaudio.sys
2010-02-10 23:56:30 6400 ----a-w- c:\windows\system32\drivers\enum1394.sys
2010-02-10 23:56:29 61056 ----a-w- c:\windows\system32\drivers\ohci1394.sys
2010-02-10 22:31:56 0 dcsh--r- c:\windows\system32\dllcache

==================== Find3M ====================

2010-01-05 10:00:29 832512 ------w- c:\windows\system32\wininet.dll
2010-01-05 10:00:21 78336 ------w- c:\windows\system32\ieencode.dll
2010-01-05 10:00:20 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-16 12:58:04 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:35:35 33280 ----a-w- c:\windows\system32\csrsrv.dll
2008-03-08 17:33:41 19091 -c--a-w- c:\program files\common files\kenyn._sy
2008-03-08 17:33:40 19117 -c--a-w- c:\program files\common files\hobiby.dl
2008-03-08 17:33:40 13098 -c--a-w- c:\program files\common files\efarites.ban
2007-12-28 19:02:12 287232 ----a-w- c:\windows\inf\wg111v3\wg111v3.sys
2007-12-28 18:59:30 342528 -c--a-w- c:\windows\inf\wg111v3\vista64\wg111v3.sys
2007-11-27 21:53:58 63488 -c--a-w- c:\windows\inf\wg111v3\SetDrv64.exe
2007-11-27 21:52:44 32768 -c--a-w- c:\windows\inf\wg111v3\SetDrv.exe
2006-12-15 15:30:36 98304 -c--a-w- c:\windows\inf\wg111v3\UScanM.exe
2006-12-15 15:30:36 315392 -c--a-w- c:\windows\inf\wg111v3\InstallDriver.exe
2006-12-15 15:30:36 212992 -c--a-w- c:\windows\inf\wg111v3\CopyWHQLDriver.exe
2006-12-15 15:30:36 20480 -c--a-w- c:\windows\inf\wg111v3\RTWUPath.exe
2006-12-15 15:30:36 19968 -c--a-w- c:\windows\inf\wg111v3\RTWREFU.EXE
2005-03-05 21:32:16 249856 -c--a-w- c:\program files\Uninstall My Web Search.dll
2004-09-20 04:52:44 32 -csha-w- c:\windows\{30A3DF06-6756-4B0C-9CA1-77092D899BC8}.dat
2009-10-04 19:58:25 16384 --sha-w- c:\windows\system32\config\systemprofile\iecompatcache\index.dat

============= FINISH: 17:32:02.48 ===============

Attached Files



#12 Tokek

Tokek

    Bleepin' Gecko


  • Members
  • 1,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jakarta, Indonesia
  • Local time:08:17 AM

Posted 11 March 2010 - 04:22 AM

Hello HowAreYouDoing,

Is that the only issue you're having with your PC, the HD space issue?

For the HD space issue, I can't really comment on the installed programs since you would know better on which ones you use and which ones you don't use. However, installed programs usually don't take up that much space, unless they're games.

I'd look into movie files, photos, MP3 files, downloaded files, etc since those usually impact HD space way more than installed programs.

Please do a scan with Kaspersky Online Scanner

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.



In your next reply, please include the following:
  • Kaspersky log
  • a new DDS log

Edited by Tokek, 11 March 2010 - 04:34 AM.

If I have not replied back to your post in 3 days, please send me a PM.

Posted Image

#13 HowAreYouDoing

HowAreYouDoing
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 13 March 2010 - 04:48 PM

I believe I still have viruses that are affecting my computer but they haven't done any noticeable activity on my computer. The issue I'm concerned with is the memory because I ran system restore and lost quite a lot of music files and after running system restore these were taken off yet I do not have the memory to put just a few cds on my computer. I tried to run the Kaspersy scanner but it stalled a few times after about an hour into the scan. It recognized 4 threats and 6 infected files up to that point but I couldn't finish the scan. It also said that my internet may have affected the scan. My connection was wireless but I checked and it had good connectivity strength. I will attempt the scan again and post as soon as I can. Sorry about the trouble. Thank you again for all of your help.

#14 Tokek

Tokek

    Bleepin' Gecko


  • Members
  • 1,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jakarta, Indonesia
  • Local time:08:17 AM

Posted 14 March 2010 - 11:00 PM

No problems, I will wait for the scan results.

One suggestion I can make, if I may, you should buy a portable HD or a separate HD to install in your PC, just strictly for data storage, like music files, photo files, etc. That way, if something happens to your system drive, you still have all your data. I know how much pain it can be to rebuild your music collection and photos.
If I have not replied back to your post in 3 days, please send me a PM.

Posted Image

#15 HowAreYouDoing

HowAreYouDoing
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 18 March 2010 - 05:49 PM

There is a warning that comes up when I try to run the scan. I though it was a wireless issue but I've recently tried under a wired connection and the warning still comes up. It says "Launch of the Java application is interrupted! Please establish an uninterrupted Internet connection for work with this program." Could you please let me know what I can do to fix this? Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users