Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Flureon-FR Virus infection


  • This topic is locked This topic is locked
2 replies to this topic

#1 toods99

toods99

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:35 AM

Posted 15 March 2010 - 04:52 AM

Attached File  Attach.txt   15.61KB   10 downloadsAttached File  ark.txt   1.98KB   8 downloadsComputer system is unstable and keeps crashing. Various internet sites are poping up. Avast antivirus warns of flureon-FR virus in the WIN32 file. atapi.sys is also being highlighted on the avast antivirus. Hope you can help, thanks Simon

DDS (Ver_09-12-01.01) - NTFSx86
Run by Simon Speakes at 8:55:51.34 on 15/03/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.511.133 [GMT 0:00]

AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\BTBROA~1\Help\SMARTB~1\BTHelpNotifier.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\TrojanHunter 5.2\THGuard.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Yahoo!\browser\ybrowser.exe
C:\DOCUME~1\SIMONS~1\LOCALS~1\Temp\wintmp.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\BT Broadband 210\Help\bin\BTHelp.exe
C:\Program Files\BT Broadband 210\Help\bin\mpbtn.exe
C:\PROGRA~1\Motive\ASSTCO~1\MOTIVE~1.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Simon Speakes\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://bt.yahoo.com/?fr=fp-bt-odtb
uSearch Page = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sp/*http://uk.search.yahoo.com/
uSearch Bar = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
mDefault_Page_URL = hxxp://bt.yahoo.com/?fr=fp-bt-odtb
mStart Page = hxxp://bt.yahoo.com/?fr=fp-bt-odtb
mSearch Bar = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
uSearchURL,(Default) = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: UberButton Class: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: YahooTaggedBM Class: {65d886a2-7ca7-479b-bb95-14d1efb7946a} - c:\program files\yahoo!\common\YIeTagBm.dll
BHO: SidebarAutoLaunch Class: {f2aa9440-6328-4933-b7c9-a6ccdf9cbf6d} - c:\program files\yahoo!\browser\YSidebarIEBHO.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn4\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn4\yt.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
mRun: [PinnacleDriverCheck] c:\windows\system32\PSDrvCheck.exe
mRun: [<NO NAME>]
mRun: [Motive SmartBridge] c:\progra~1\btbroa~1\help\smartb~1\BTHelpNotifier.exe
mRun: [YBrowser] c:\progra~1\yahoo!\browser\ybrwicon.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [wintmp] c:\docume~1\simons~1\locals~1\temp\wintmp.exe
mRun: [SiSUSBRG] c:\windows\SiSUSBrg.exe
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [THGuard] "c:\program files\trojanhunter 5.2\THGuard.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NVMCTRAY.DLL,NvTaskbarInit
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\broadb~1.lnk - c:\program files\bt broadband 210\help\bin\matcli.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\interv~1.lnk - c:\program files\intervideo\common\bin\WinCinemaMgr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
Trusted Zone: yahoo.com
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper200711281.dll
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1267385570328
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://yahoouk.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 93.188.163.100,93.188.166.47
TCP: {DF6451FB-0420-45AD-B08D-28B204E79501} = 93.188.163.100,93.188.166.47
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-3-14 162640]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-3-14 19024]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-3-14 40384]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-3-14 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-3-14 40384]

=============== Created Last 30 ================

2010-03-14 15:44:10 0 d-----w- c:\docume~1\simons~1\applic~1\TrojanHunter
2010-03-14 15:42:49 0 d-----w- c:\program files\TrojanHunter 5.2
2010-03-14 13:22:47 1352 ----a-w- c:\windows\system32\drivers\kgpcpy.cfg
2010-03-14 13:04:38 0 d-----w- c:\docume~1\alluse~1\applic~1\SITEguard
2010-03-14 13:03:15 0 d-----w- c:\program files\common files\iS3
2010-03-14 13:03:13 0 d-----w- c:\docume~1\alluse~1\applic~1\STOPzilla!
2010-03-14 10:35:42 0 d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software
2010-03-14 10:04:31 0 d-----w- c:\program files\AskBarDis
2010-03-13 16:39:44 0 d-----w- c:\docume~1\alluse~1\applic~1\Driver Whiz
2010-03-13 16:31:59 0 d-----w- c:\docume~1\simons~1\applic~1\Reg-Tool
2010-03-13 16:31:30 0 d-----w- c:\program files\Reg-Tool
2010-03-11 19:58:28 0 d-----w- c:\docume~1\alluse~1\applic~1\HipSoft
2010-03-11 07:25:20 149504 ----a-w- c:\windows\Fkysac.exe
2010-03-10 14:12:38 149504 ----a-w- c:\windows\Fkysab.exe
2010-03-09 19:18:00 149504 ----a-w- c:\windows\Fkysaa.exe
2010-03-06 21:35:22 736 ------w- c:\windows\setup.ini
2010-03-06 21:35:21 92 ----a-w- c:\windows\CMISETUP.INI
2010-03-06 21:35:21 26 ----a-w- c:\windows\CMCDPLAY.INI
2010-03-06 21:35:20 0 ----a-w- c:\windows\Wininit.ini
2010-03-06 21:35:18 1900544 ----a-w- c:\windows\system32\cmiwcnfg.dll
2010-03-06 21:35:17 59998 ----a-w- c:\windows\Cmuda.ini
2010-03-06 21:35:14 28672 ----a-w- c:\windows\CMIRmDriver.dll
2010-03-06 21:35:14 266240 ----a-w- c:\windows\CMIUninstall.exe
2010-03-06 21:35:14 225280 ----a-w- c:\windows\CmiRmRedundDir.exe
2010-03-06 21:35:14 0 d-----w- c:\program files\C-Media 3D Audio
2010-03-06 21:33:20 176128 ----a-w- c:\windows\system32\nvudisp.exe
2010-03-06 21:33:20 14435 ----a-w- c:\windows\system32\nvdisp.nvu
2010-03-06 21:30:03 3583 ----a-w- c:\windows\SiSport.sys
2010-03-06 21:30:03 32768 ----a-w- c:\windows\SIS_LIB.DLL
2010-03-06 21:30:03 106496 ----a-w- c:\windows\SiSUSBrg.exe
2010-03-03 19:31:36 11 ----a-w- c:\windows\system32\UntiDe.tmp
2010-03-02 12:51:27 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-03-02 12:51:27 32128 ----a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-03-01 22:12:20 0 d-----w- c:\docume~1\simons~1\applic~1\EleFun Games
2010-03-01 22:11:48 0 d-----w- c:\program files\common files\Oberon Media
2010-03-01 22:11:10 0 d-----w- c:\program files\Yahoo! Games
2010-03-01 22:11:10 0 d-----w- c:\program files\Oberon Media
2010-03-01 10:44:30 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-03-01 10:44:30 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2010-02-28 19:46:54 0 d-----w- c:\docume~1\alluse~1\applic~1\Sports Interactive
2010-02-28 19:45:38 0 d-----w- c:\docume~1\simons~1\applic~1\Sports Interactive
2010-02-28 11:03:26 1089593 ------w- c:\windows\system32\dllcache\ntprint.cat
2010-02-28 01:18:59 479752 ----a-w- c:\windows\system32\XAudio2_0.dll
2010-02-28 01:17:58 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2010-02-28 01:17:38 0 d-----w- c:\windows\Logs
2010-02-28 00:48:47 0 d-----w- c:\program files\Steam
2010-02-28 00:48:13 0 d-----w- c:\program files\Sports Interactive
2010-02-28 00:48:12 0 d--h--w- c:\program files\Zero G Registry
2010-02-27 18:21:12 0 d-----w- c:\docume~1\simons~1\applic~1\Windows Search
2010-02-27 15:33:57 0 d-----w- c:\windows\system32\XPSViewer
2010-02-27 15:32:52 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-02-27 15:32:52 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-02-27 15:32:52 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-02-27 15:32:52 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-02-27 15:32:52 117760 ------w- c:\windows\system32\prntvpt.dll
2010-02-27 15:32:51 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-02-27 15:32:51 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2010-02-27 15:32:51 0 d-----w- C:\a438bb8a161e4e28986244d047
2010-02-27 15:26:52 0 d-----w- c:\docume~1\simons~1\applic~1\Windows Desktop Search
2010-02-27 15:26:17 0 d-----w- c:\windows\system32\GroupPolicy
2010-02-27 15:26:17 0 d-----w- c:\program files\Windows Desktop Search
2010-02-27 15:25:10 98304 ------w- c:\windows\system32\dllcache\nlhtml.dll
2010-02-27 15:25:10 29696 ------w- c:\windows\system32\dllcache\mimefilt.dll
2010-02-27 15:25:10 192000 ------w- c:\windows\system32\dllcache\offfilt.dll
2010-02-27 15:24:42 0 d-----w- c:\program files\Windows Media Connect 2
2010-02-27 15:23:10 0 d-----w- c:\windows\system32\LogFiles
2010-02-27 14:50:51 0 d-----w- c:\windows\system32\scripting
2010-02-27 14:50:49 0 d-----w- c:\windows\l2schemas
2010-02-27 14:50:48 0 d-----w- c:\windows\system32\en
2010-02-27 14:44:16 0 d-----w- c:\windows\network diagnostic
2010-02-26 22:06:59 76800 ------w- c:\windows\system32\msshavmsg.dll
2010-02-26 22:05:59 229376 ------w- c:\windows\system32\dllcache\cewmdm.dll
2010-02-26 22:05:58 999 ------w- c:\windows\system32\dllcache\bktrh.gif
2010-02-26 22:05:58 542720 ------w- c:\windows\system32\dllcache\blackbox.dll
2010-02-26 22:05:57 7168 ------w- c:\windows\system32\bitsprx4.dll
2010-02-26 22:05:57 233472 ------w- c:\windows\system32\azroles.dll
2010-02-26 22:05:52 7168 ------w- c:\windows\system32\dllcache\asferror.dll
2010-02-26 22:05:49 136192 ------w- c:\windows\system32\aaclient.dll
2010-02-26 21:16:20 0 d-sh--w- c:\documents and settings\simon speakes\IECompatCache
2010-02-26 21:15:00 0 d-sh--w- c:\documents and settings\simon speakes\PrivacIE
2010-02-26 21:13:03 0 d-sh--w- c:\documents and settings\simon speakes\IETldCache
2010-02-26 21:03:19 69120 ------w- c:\windows\system32\dllcache\iecompat.dll
2010-02-26 21:02:44 0 d-----w- c:\windows\ie8updates
2010-02-26 21:02:23 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll
2010-02-26 21:02:23 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-26 21:02:23 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2010-02-26 21:02:22 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2010-02-26 21:02:22 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll
2010-02-26 21:02:21 11070464 ------w- c:\windows\system32\dllcache\ieframe.dll
2010-02-26 20:58:15 0 dc-h--w- c:\windows\ie8
2010-02-26 20:37:48 293376 ------w- c:\windows\system32\browserchoice.exe
2010-02-26 20:20:19 0 d-sh--w- c:\documents and settings\simon speakes\UserData
2010-02-26 18:35:49 272128 ------w- c:\windows\system32\dllcache\bthport.sys
2010-02-26 18:34:26 353792 ------w- c:\windows\system32\dllcache\srv.sys
2010-02-26 18:33:11 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2010-02-26 18:29:49 455424 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-26 18:28:13 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
2010-02-26 18:28:03 331776 ------w- c:\windows\system32\dllcache\msadce.dll
2010-02-26 18:28:00 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2010-02-26 18:27:26 691712 ------w- c:\windows\system32\dllcache\inetcomm.dll
2010-02-26 18:24:59 2066432 ------w- c:\windows\system32\dllcache\mstscax.dll
2010-02-26 18:24:24 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2010-02-26 18:23:53 2560 ------w- c:\windows\system32\xpsp4res.dll
2010-02-26 18:23:53 215552 ------w- c:\windows\system32\dllcache\wordpad.exe
2010-02-26 18:23:53 1206508 ------w- c:\windows\system32\dllcache\sysmain.sdb
2010-02-26 14:32:41 0 d-----w- c:\windows\.jagex_cache_32
2010-02-26 03:05:59 96768 ----a-w- c:\windows\system32\psbase.dll
2010-02-26 03:04:59 6144 ----a-w- c:\windows\system32\dllcache\ftlx041e.dll
2010-02-26 03:03:59 26496 ----a-w- c:\windows\system32\drivers\asc.sys
2010-02-26 03:03:21 0 d-----r- c:\documents and settings\all users\Documents
2010-02-26 03:02:59 0 d-----r- c:\windows\Offline Web Pages
2010-02-26 03:02:34 0 d-sh--r- c:\windows\system32\dllcache
2010-02-26 03:00:54 0 d-----w- c:\windows\CACHE
2010-02-26 03:00:53 0 d-----w- C:\My old Disk Structure -- 25-02-10 2000
2010-02-26 02:44:12 0 d-----w- C:\My old Disk Structure -- 25-02-10 1944
2010-02-26 00:09:51 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-02-26 00:09:51 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-02-26 00:08:41 0 d-----w- c:\program files\iPod
2010-02-26 00:08:31 0 d-----w- c:\program files\iTunes
2010-02-26 00:08:31 0 d-----w- c:\docume~1\alluse~1\applic~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2010-02-25 23:55:29 0 d-----w- c:\windows\system32\wbem\AutoRecover
2010-02-25 23:19:44 0 d-----w- c:\windows\provisioning
2010-02-25 23:15:55 0 d-----w- c:\windows\ServicePackFiles
2010-02-25 23:11:30 0 d-----w- c:\program files\PokerRoom Home Game Organizer
2010-02-25 23:07:29 0 d-----w- C:\Poker
2010-02-25 23:04:10 0 d-----w- c:\windows\EHome
2010-02-25 22:55:35 187 ----a-w- c:\windows\system\cmicnfg.ini
2010-02-25 22:34:22 376 ----a-w- c:\windows\ODBC.INI
2010-02-25 22:32:15 0 d-----w- c:\windows\ShellNew
2010-02-25 22:27:36 0 d--h--w- c:\documents and settings\simon speakes\InstallAnywhere
2010-02-25 22:00:53 0 d-----w- C:\eddb2def305cf1a19414eecd445f
2010-02-25 21:33:36 11264 ------w- c:\windows\system32\spnpinst.exe
2010-02-25 21:33:32 7208 ------w- c:\windows\system32\secupd.sig
2010-02-25 21:33:32 4569 ------w- c:\windows\system32\secupd.dat
2010-02-25 21:33:31 67866 ------w- c:\windows\system32\drivers\netwlan5.img
2010-02-25 21:31:33 0 d-----w- c:\windows\system32\Tools
2010-02-25 21:21:23 176594 ----a-w- c:\documents and settings\simon speakes\~
2010-02-25 21:18:28 12598 ----a-w- c:\windows\system32\wpa.bak
2010-02-25 21:12:32 0 d-----w- c:\windows\Drivers
2010-02-25 21:12:15 0 d-----w- c:\program files\common files\Scanner
2010-02-25 21:12:01 86016 ----a-w- c:\windows\system32\YPcservice.exe
2010-02-25 21:12:01 131072 ----a-w- c:\windows\system32\ypclsp.dll
2010-02-25 21:10:17 65536 ----a-w- c:\windows\system32\YCRWin32.dll
2010-02-25 21:10:12 84992 ----a-w- c:\windows\system32\ATL70.DLL
2010-02-25 21:10:12 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-02-25 21:10:12 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-02-25 21:09:51 0 d-----w- c:\program files\Yahoo!
2010-02-25 21:09:44 0 d-----w- c:\windows\Motive
2010-02-25 21:09:18 0 d-----w- c:\program files\common files\Motive
2010-02-25 21:08:56 0 d-----w- c:\program files\Motive
2010-02-25 21:08:56 0 d-----w- c:\program files\BT Broadband 210
2010-02-25 21:03:36 1082368 ----a-w- c:\windows\system32\esent.dll
2010-02-25 20:55:44 0 d-----w- c:\windows\system32\bits
2010-02-25 20:54:35 0 d-----w- c:\windows\system32\PreInstall
2010-02-25 20:54:31 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-02-25 20:54:30 0 d--h--w- c:\windows\$hf_mig$
2010-02-25 20:54:03 8192 ------w- c:\windows\system32\bitsprx2.dll
2010-02-25 20:54:03 7168 ------w- c:\windows\system32\bitsprx3.dll
2010-02-25 20:54:03 354816 ----a-w- c:\windows\system32\winhttp.dll
2010-02-25 20:54:03 18944 ----a-w- c:\windows\system32\qmgrprxy.dll
2010-02-25 20:51:46 0 d-----w- c:\windows\system32\SoftwareDistribution
2010-02-25 20:50:23 217816 ----a-w- c:\windows\system32\wuaucpl.cpl
2010-02-25 20:50:23 183296 ----a-w- c:\windows\system32\wuaueng1.dll
2010-02-25 20:50:23 165888 ----a-w- c:\windows\system32\wuauclt1.exe
2010-02-25 20:39:00 23552 ----a-w- c:\windows\system32\wdmaud.drv
2010-02-25 20:39:00 23552 ----a-w- c:\windows\system32\dllcache\wdmaud.drv
2010-02-25 20:38:59 60160 ----a-w- c:\windows\system32\drivers\drmk.sys
2010-02-25 20:38:59 60160 ----a-w- c:\windows\system32\dllcache\drmk.sys
2010-02-25 20:38:57 146048 ----a-w- c:\windows\system32\drivers\portcls.sys
2010-02-25 20:38:57 146048 ----a-w- c:\windows\system32\dllcache\portcls.sys
2010-02-25 20:38:41 0 d-----w- C:\WUTemp
2010-02-25 20:38:24 191488 ----a-w- c:\windows\system32\iuengine.dll
2010-02-25 20:32:52 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2010-02-25 20:32:50 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2010-02-25 20:32:09 32768 ----a-w- c:\windows\system32\drivers\sisnic.sys

==================== Find3M ====================

2010-03-15 08:56:05 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2010-03-15 08:56:05 96512 ----a-w- c:\windows\system32\dllcache\atapi.sys
2009-12-22 05:35:05 81920 ------w- c:\windows\system32\ieencode.dll
2009-12-22 05:35:05 81920 ------w- c:\windows\system32\dllcache\ieencode.dll
2009-12-21 19:14:05 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-21 19:14:05 916480 ------w- c:\windows\system32\dllcache\wininet.dll
2009-12-21 19:14:05 1208832 ------w- c:\windows\system32\dllcache\urlmon.dll
2009-12-21 19:14:04 5942784 ------w- c:\windows\system32\dllcache\mshtml.dll
2009-12-21 19:14:04 206848 ------w- c:\windows\system32\dllcache\occache.dll
2009-12-21 19:14:03 25600 ------w- c:\windows\system32\dllcache\jsproxy.dll
2009-12-21 19:14:03 184320 ------w- c:\windows\system32\dllcache\iepeers.dll
2009-12-21 19:14:01 387584 ------w- c:\windows\system32\dllcache\iedkcs32.dll
2009-12-21 13:19:18 173056 ------w- c:\windows\system32\dllcache\ie4uinit.exe
2009-12-16 18:43:27 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-16 18:43:27 343040 ------w- c:\windows\system32\dllcache\mspaint.exe
2001-11-22 13:08:20 712704 ----a-w- c:\windows\inf\other\AUDIO3D.DLL

============= FINISH: 8:57:58.78 ===============


BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:06:35 AM

Posted 19 March 2010 - 06:08 AM

Hi toods99,

Welcome to Virus/Trojan/Spyware/Malware Removal (VTSMR) forum and apologies for the delay. I am going to assist you with your problem.

Please refrain from making any changes to your system (scanning or running other tools, updating Windows, installing applications, removing files, etc.) from now on as it might interfere with our fixes. Please let me know in your next reply if you agree with this.
  1. Make sure the following setting is set as it is supposed to be set:
    • Go to Start -> Control Panel -> Double click on Network Connections.
    • Right click on your default connection (usually Local Area Connection) and select Properties.
    • Select the General tab.
    • Double click on Internet Protocol (TCP/IP).
      Under General tab:
      • Select "Obtain an IP address automatically".
      • Select "Obtain DNS server address automatically".
    • Click OK twice to save the settings.
    • Reboot if you had to change any setting.

  2. Please run DDS and post a fresh DDS.txt to your reply. No need for the Attach.txt


#3 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:06:35 AM

Posted 26 March 2010 - 08:25 AM

This thread will now be closed due to lack of activity.

If you should have a new issue, please start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users