Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect IE Explorer Popup & Blue Screen Started From Vista 2011 Security Fake Alerts


  • This topic is locked This topic is locked
2 replies to this topic

#1 pkmembers

pkmembers

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 21 April 2011 - 07:46 PM

Hi

Yesterday I had the vista 2011 security virus scan my pc which found many infections. These were all fake. Since trying to remove this virus with Mcafee, Malwarebytes, Superantispyware, Hitman pro, rkill and cccleaner, I still get random music, a google redirect to random sites and the dreaded bluescreen after 6 hours of running scans.

I have recovered my pc to a previous restore point which saved my deleted files. I have followed your guidance for posting and I could really use some friendly help. I'm using another older computer to post this message, opting to only open my infected sony vaio laptop in safe mode. Thanks for offering an opportunity to work with you to fix my laptop. I eagerly await your instructions....

.
DDS (Ver_11-03-05.01) - NTFSx86 MINIMAL
Run by Paul at 18:36:15.88 on 21/04/2011
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_24
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3068.2185 [GMT 1:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\explorer.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
K:\Documents\Defogger.exe
C:\Windows\system32\rundll32.exe
K:\Documents\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=EU01
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=SNYT
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=EU01
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mURLSearchHooks: H - No File
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 9\SnagitBHO.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: RoboForm BHO: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20101108130748.dll
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 9\SnagitIEAddin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
uRun: [GoodSync] "c:\program files\siber systems\goodsync\GoodSync.exe" /min
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [replay_telecorder_skype]
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
mRun: [<NO NAME>]
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRunOnce: [GrpConv] grpconv -o
uPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: VESWinlogon - VESWinlogon.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\paul\appdata\roaming\mozilla\firefox\profiles\7vgu9pcc.default\
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
.
============= SERVICES / DRIVERS ===============
.
R0 lfsfilt;Lean File Sharing;c:\windows\system32\drivers\lfsfilt.sys [2009-9-27 254320]
R0 lpx;LPX Protocol;c:\windows\system32\drivers\lpx.sys [2007-2-22 61424]
R3 ndasbus;NDAS Bus Driver;c:\windows\system32\drivers\ndasbus.sys [2007-2-22 76144]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2009-4-2 9344]
S0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-5-15 386840]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2010-5-15 64304]
S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-5-15 164840]
S1 ndasfat;NDAS FAT;c:\windows\system32\drivers\ndasfat.sys [2009-9-27 372720]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\adobe\photoshop elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-8 169312]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-9 135664]
S2 HitmanPro35CrusaderBoot;Hitman Pro 3.5 Crusader (Boot);K:\HitmanPro35.exe [2011-4-21 6449984]
S2 lxdjCATSCustConnectService;lxdjCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdjserv.exe [2007-6-11 99248]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-8-31 88176]
S2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-5-15 271480]
S2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-5-15 271480]
S2 McProxy;McAfee Proxy Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-5-15 271480]
S2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-5-15 171168]
S2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-5-15 188136]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-5-15 141792]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-6-25 35088]
S2 NSUService;NSUService;c:\program files\sony\network utility\NSUService.exe [2009-6-9 303104]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-18 11032]
S2 SOHCImp;VAIO Media plus Content Importer;c:\program files\common files\sony shared\sohlib\SOHCImp.exe [2009-6-9 120104]
S2 SOHDBSvr;VAIO Media plus Database Manager;c:\program files\common files\sony shared\sohlib\SOHDBSvr.exe [2009-6-9 70952]
S2 SOHDms;VAIO Media plus Digital Media Server;c:\program files\common files\sony shared\sohlib\SOHDms.exe [2009-6-9 390440]
S2 SOHDs;VAIO Media plus Device Searcher;c:\program files\common files\sony shared\sohlib\SOHDs.exe [2009-6-9 75048]
S2 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files\common files\sony shared\sohlib\SOHPlMgr.exe [2009-6-9 91432]
S2 TeamViewer5;TeamViewer 5;c:\program files\teamviewer\version5\TeamViewer_Service.exe [2009-12-17 185640]
S2 uCamMonitor;CamMonitor;c:\program files\arcsoft\magic-i visual effects 2\uCamMonitor.exe [2009-6-9 104960]
S2 VAIO Power Management;VAIO Power Management;c:\program files\sony\vaio power management\SPMService.exe [2009-4-2 415592]
S3 5U875UVC;Sony Visual Communication Camera;c:\windows\system32\drivers\5U875.sys [2011-4-18 71296]
S3 appliand;Applian Network Service;c:\windows\system32\drivers\appliand.sys [2010-6-24 28256]
S3 appliandMP;appliandMP;c:\windows\system32\drivers\appliand.sys [2010-6-24 28256]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2009-6-9 17920]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2009-4-2 29736]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-5-15 55840]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-5-15 152960]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-5-15 52104]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-5-15 313288]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-5-15 84264]
S3 ndasscsi;NDAS SCSI Miniport Driver;c:\windows\system32\drivers\ndasscsi.sys [2007-2-22 187632]
S3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-8-29 3664384]
S3 NETwNv32;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETwNv32.sys [2011-4-17 7265792]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2009-6-9 83240]
.
=============== Created Last 30 ================
.
2011-04-21 15:35:17 -------- d-----w- c:\users\paul\appdata\roaming\RoboForm
2011-04-21 15:06:36 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-04-21 14:59:57 -------- d-----w- c:\progra~2\Hitman Pro
2011-04-21 10:53:28 -------- d-----w- c:\program files\CCleaner
2011-04-20 06:07:03 -------- d-----w- c:\users\paul\appdata\roaming\Malwarebytes
2011-04-20 06:06:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-20 06:06:45 -------- d-----w- c:\progra~2\Malwarebytes
2011-04-20 06:06:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-19 11:25:13 -------- d-----w- c:\program files\Leads Pro Systems
2011-04-18 21:43:02 71296 ----a-w- c:\windows\system32\drivers\5U875.sys
2011-04-18 21:43:02 45056 ----a-w- c:\windows\system32\RUVCXPSC.ax
2011-04-18 09:19:15 313632 ----a-w- c:\windows\system32\drivers\yk60x86.sys
2011-04-18 09:19:14 435736 ----a-w- c:\windows\system32\drivers\iaStor.sys
2011-04-18 09:19:14 374048 ----a-w- c:\windows\system32\yk60x86.dll
2011-04-17 20:15:02 7265792 ----a-w- c:\windows\system32\drivers\NETwNv32.sys
2011-04-17 20:14:59 684032 ----a-w- c:\windows\system32\NETwNc32.dll
2011-04-17 20:14:59 2760704 ----a-w- c:\windows\system32\NETwNr32.dll
2011-04-15 19:19:43 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-04-15 19:19:43 292864 ----a-w- c:\windows\system32\atmfd.dll
2011-04-15 19:19:19 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-15 19:19:18 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-15 19:19:18 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-04-15 19:19:18 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-15 19:19:13 1162240 ----a-w- c:\windows\system32\mfc42u.dll
2011-04-15 19:19:12 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-04-15 19:18:49 305152 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-15 19:18:49 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-15 19:18:49 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-15 19:18:00 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-04-15 19:18:00 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-04-15 19:17:55 2041856 ----a-w- c:\windows\system32\win32k.sys
2011-04-15 19:16:35 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-13 09:24:06 -------- d--h--w- c:\progra~2\NVIDIA Corporation
2011-04-13 09:20:55 -------- d-----w- c:\program files\NVIDIA Corporation
2011-04-13 09:14:58 90112 ----a-w- c:\windows\system32\snymsico.dll
2011-04-13 09:14:58 44544 ----a-w- c:\windows\system32\drivers\rimsptsk.sys
2011-04-13 09:14:45 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-13 09:14:44 5653096 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-04-13 09:14:44 15047272 ----a-w- c:\windows\system32\nvoglv32.dll
2011-04-13 09:14:41 10467656 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-04-13 09:14:40 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-04-13 09:14:39 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-04-13 09:14:37 2895976 ----a-w- c:\windows\system32\nvcuvid.dll
2011-04-13 09:14:36 4941928 ----a-w- c:\windows\system32\nvcuda.dll
2011-04-13 09:14:36 2251368 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-04-13 09:14:32 13011560 ----a-w- c:\windows\system32\nvcompiler.dll
2011-04-11 15:20:15 -------- d-----w- c:\program files\Audacity
2011-04-11 13:54:08 165376 ----a-w- c:\windows\system32\unrar.dll
2011-04-11 13:54:07 232448 ----a-w- c:\windows\system32\mp3fhg.acm
2011-04-11 13:54:06 810496 ----a-w- c:\windows\system32\xvidcore.dll
2011-04-11 13:54:06 80896 ----a-w- c:\windows\system32\ff_vfw.dll
2011-04-11 13:54:06 183808 ----a-w- c:\windows\system32\xvidvfw.dll
2011-04-11 13:54:06 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-04-11 13:18:25 -------- d-----w- c:\progra~2\VistaCodecs
2011-04-11 13:04:09 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-04-04 21:37:16 -------- d--h--w- c:\users\paul\appdata\roaming\Abyssmedia
2011-04-04 21:37:07 -------- d-----w- c:\program files\Abyssmedia
2011-04-04 11:49:35 -------- d--h--w- c:\users\paul\appdata\local\Innovative Solutions
2011-04-04 11:49:35 -------- d--h--w- c:\progra~2\Innovative Solutions
2011-03-31 07:33:22 413760 ----a-w- c:\windows\system32\MPG4c32.dll
2011-03-31 07:33:22 352256 ----a-w- c:\windows\system32\lame.ax
2011-03-31 07:33:22 294912 ----a-w- c:\windows\system32\msaud32.acm
2011-03-31 07:33:21 237568 ----a-w- c:\windows\system32\yv12vfw.dll
2011-03-31 07:33:21 -------- d-----w- c:\program files\Replay Telecorder for Skype
.
==================== Find3M ====================
.
2011-03-21 08:58:04 152064 ----a-w- c:\windows\system32\xvid.ax
2011-02-22 14:52:00 1730112 ----a-w- c:\windows\system32\FMAPO.dll
2011-02-22 12:20:20 820224 ----a-w- c:\windows\system32\RCoRes.dat
2011-02-22 10:16:26 2145896 ----a-w- c:\windows\system32\RtkPgExt.dll
2011-02-18 09:49:40 3805288 ----a-w- c:\windows\system32\RtkAPO.dll
2011-02-17 13:03:54 485992 ----a-w- c:\windows\system32\RtkApoApi.dll
2011-02-16 12:11:28 69224 ----a-w- c:\windows\system32\RtkCoInst.dll
2011-02-02 20:40:23 472808 ----a-w- c:\windows\system32\deployJava1.dll
.
============= FINISH: 18:37:55.97 ===============

Attached Files

  • Attached File  ark.txt   3.36KB   0 downloads


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:39 PM

Posted 30 April 2011 - 06:35 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:39 PM

Posted 05 May 2011 - 08:21 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users