Windows BBS The Place for Microsoft Windows Support! Windows, Support, Help Site

Go Back   Windows BBS > Security > Malware and Virus Removal
Reload this Page

[Active] hiJack Malware log files

Register FAQDonate Mark Forums Read

Malware and Virus Removal Problems removing malware/viruses? Get help from our Malware removal experts.

Register your FREE account to unlock additional features at WindowsBBS.com
Register
Welcome to WindowsBBS.com
Microsoft Windows Support

Mission Statement

WindowsBBS is an online community dedicated to easily accessible technical support for those using Microsoft operating systems and other Windows software.

Our goal is to become the leading resource for computer users that require assistance with their day-to-day computer usage, including full support for networking PC's, virus & malware removal, system upgrades and general support questions.

Discussion Forums
Operating Systems
Windows 7 Windows 7
Windows Vista Windows Vista
Windows XP Windows XP
Windows Server System Windows Server System
Windows 2000 Windows 2000
Windows 95/98/Me/NT Windows 95/98/Me/NT
Internet & Networking
Networking
Internet Explorer
Microsoft Mail
Firefox, Thunderbird
      & SeaMonkey
General Internet
Security
General Security
Malware and Virus
     Removal
Other
Other Software
Hardware
Test Posts
Community
Introductions
General Discussions
Comments
      & Suggestions
News @ WindowsBBS

Forum Sponsor
Image

Reply
 
LinkBack Thread Tools
Old 3 Weeks Ago   #1
Member
 
Profile:
Join Date: Oct 2009
Posts: 12
Computer Experience:
Beginner
dariene Reputation Level
[Active] hiJack Malware log files
DDS.txt


DDS (Ver_09-10-26.01) - NTFSx86
Run by Administrator at 20:48:47.71 on Wed 10/28/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.353 [GMT -5:00]

AV: avast! antivirus 4.8.1351 [VPS 091028-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\windows\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\windows\System32\svchost.exe -k netsvcs
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\windows\stsystra.exe
C:\windows\system32\RUNDLL32.EXE
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\D-Link\D-Link RangeBooster N DWA-142\wirelesscm.exe
C:\windows\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\dlcgcoms.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\windows\system32\nvsvc32.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
svchost.exe
C:\windows\System32\svchost.exe -k HTTPFilter
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\wuauclt.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\windows\Explorer.EXE
C:\Documents and Settings\Administrator\My Documents\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.co.uk
uDefault_Page_URL = hxxp://www.msn.com
uInternet Connection Wizard,ShellNext = iexplore
mSearchAssistant = hxxp://www.google.co.uk/ie
uURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
mWinlogon: SfcDisable=-99 (0xffffff9d)
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - c:\program files\aim toolbar\aimtb.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - c:\program files\wot\WOT.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\program files\wot\WOT.dll
TB: RefresherBand Class: {b24ba06e-fb7b-4757-95c2-dc01125f750e} - c:\progra~1\yrefre~1\YREFRE~1.DLL
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.1203.0\msneshellx.dll
TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
uRun: [Google Update] "c:\documents and settings\administrator\local settings\application data\google\update\GoogleUpdate.exe" /c
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; GTB6; FunWebProducts; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 1.1.4322; MSN Optimized;US)" -"http://habbzhotel.ath.cx/client.php"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide
mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [DLCGCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCGtime.dll,_RunDLLEntry@16
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wirele~1.lnk - c:\program files\d-link\d-link rangebooster n dwa-142\wirelesscm.exe
uPolicies-explorer: NoResolveTrack = 1 (0x1)
uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
uPolicies-explorer: NoInstrumentation = 1 (0x1)
uPolicies-explorer: NoSMBalloonTip = 1 (0x1)
mPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
dPolicies-explorer: NoResolveTrack = 1 (0x1)
dPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
dPolicies-explorer: NoInstrumentation = 1 (0x1)
dPolicies-explorer: NoSMBalloonTip = 1 (0x1)
IE: &AIM Toolbar Search - c:\documents and settings\all users\application data\aim toolbar\ietoolbar\resources\en-us\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {0b83c99c-1efa-4259-858f-bcb33e007a5b} - {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/ZwinkyInitialSetup1.0.1.1.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {637BB540-6ABA-11D4-901D-00D0090CB3BC} - hxxp://www.flashants.com/codebase/fmplayer.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1233340450953
DPF: {7623BE59-D4CF-4379-ABC4-B39E11854D66} - hxxp://avatar.mabinogi.jp/3drender/renderer/mabiweb.2007.4.4.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {87A638DE-396F-40FD-A2F8-01B56072F553} - hxxp://download.gemfighter.com/launcher/gemx2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {8F60EE6F-DC53-4F9C-9E66-84BD2A545805} - hxxp://hb.getamped.com/start/CsLauncher.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {9B1BD804-DDCE-4042-9F19-A771F2921992} - hxxp://tgun.gamengame.com/eng/activex/NPHgeLauncher.cab
DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} - hxxp://dist.globalgamecdn.com/dist/neffy/NeffyLauncher.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-1-30 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-1-15 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-1-15 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-1-30 20560]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-3-5 24652]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-1-15 7408]
S2 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-7-16 234888]
S3 IlvMoneyDRIVER53;IlvMoneyDRIVER53;\??\c:\docume~1\admini~1\locals~1\temp\ra r$ex03.515\mle1365.sys --> c:\docume~1\admini~1\locals~1\temp\rar$ex03.515\MLE1365.sys [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 tap0901;TAP-Win32 Adapter V9;c:\windows\system32\drivers\tap0901.sys [2008-11-19 25216]
S3 XDva224;XDva224;\??\c:\windows\system32\xdva224.sys --> c:\windows\system32\XDva224.sys [?]
S3 XDva225;XDva225;\??\c:\windows\system32\xdva225.sys --> c:\windows\system32\XDva225.sys [?]

============== File Associations ===============

regfile="regedit.exe" "%1"

=============== Created Last 30 ================

2009-10-29 01:29:37 0 d-----w- c:\program files\Trend Micro
2009-10-29 01:13:46 266240 ----a-w- c:\windows\system32\OGPIEPlugin.ocx
2009-10-27 22:17:49 597 ----a-w- c:\windows\winconfig.vbs
2009-10-24 19:22:57 555 ----a-w- C:\MapleConfig.cfg
2009-10-21 00:45:05 0 d-----w- c:\program files\a-squared Free
2009-10-17 15:05:29 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2009-10-16 22:50:30 0 d--h--w- c:\windows\PIF
2009-10-16 03:22:40 0 d-----w- c:\docume~1\admini~1\applic~1\OpenOffice.org
2009-10-12 18:37:28 0 d-----w- c:\program files\Exhort Network
2009-10-05 01:06:04 0 d-----w- c:\program files\Eudemons Online
2009-10-04 17:08:30 1654869 ----a-w- c:\docume~1\alluse~1\applic~1\DynuEncrypt.dll
2009-10-04 15:10:31 75264 ----a-w- c:\windows\system32\uc_holybeast_launching.dll
2009-10-04 15:08:52 64000 ----a-w- c:\windows\system32\uc_sfighters_launching.dll
2009-10-04 15:08:52 61440 ----a-w- c:\windows\system32\uc_atlantica_launching.dll
2009-10-04 15:08:52 53248 ----a-w- c:\windows\system32\uc_luminary_launching.dll
2009-10-04 15:08:52 208384 ----a-w- c:\windows\system32\uc_rohan_launching.dll
2009-10-04 15:08:46 0 d-----w- c:\program files\ijji
2009-10-04 15:06:15 87472 ----a-w- c:\windows\system32\ijjiChannelingPlugin.dll
2009-10-03 17:27:28 0 d-----w- c:\program files\GLSoft
2009-10-02 21:20:49 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-10-01 02:29:33 0 d-----w- c:\program files\HyCam2
2009-09-30 02:11:02 0 d-----w- c:\program files\Microsoft
2009-09-29 23:54:17 679936 ----a-w- c:\windows\system32\D3DX81ab.dll
2009-09-29 23:54:17 1970176 ----a-w- c:\windows\system32\d3dx9.dll

==================== Find3M ====================

2009-10-29 01:42:32 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2009-10-29 01:42:26 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
2009-09-25 01:32:48 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-11 14:18:39 136192 ------w- c:\windows\system32\dllcache\msv1_0.dll
2009-09-05 16:03:51 37 ----a-w- c:\documents and settings\administrator\jagex_runescape_preferences.dat
2009-09-05 15:49:41 45 ----a-w- c:\documents and settings\administrator\jagex_runescape_preferences2.dat
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-04 21:03:36 58880 ------w- c:\windows\system32\dllcache\msasn1.dll
2009-09-02 20:17:22 4451 ----a-w- c:\windows\unins000.dat
2009-09-02 20:17:18 695642 ----a-w- c:\windows\unins000.exe
2009-08-28 10:35:52 173056 ----a-w- c:\windows\system32\dllcache\ie4uinit.exe
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-26 08:00:21 247326 ------w- c:\windows\system32\dllcache\strmdll.dll
2009-08-17 12:48:26 158952 ----a-w- c:\windows\system32\PubPlugin.dll
2009-08-07 00:24:18 327896 ----a-w- c:\windows\system32\dllcache\wucltui.dll
2009-08-07 00:24:18 209632 ----a-w- c:\windows\system32\dllcache\wuweb.dll
2009-08-07 00:24:10 35552 ----a-w- c:\windows\system32\dllcache\wups.dll
2009-08-07 00:24:06 53472 ----a-w- c:\windows\system32\dllcache\wuauclt.exe
2009-08-07 00:24:04 96480 ----a-w- c:\windows\system32\dllcache\cdm.dll
2009-08-07 00:23:54 575704 ----a-w- c:\windows\system32\dllcache\wuapi.dll
2009-08-07 00:23:46 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-08-07 00:23:46 215920 ----a-w- c:\windows\system32\muweb.dll
2009-08-07 00:23:46 1929952 ----a-w- c:\windows\system32\dllcache\wuaueng.dll
2009-08-05 09:01:48 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-05 09:01:48 204800 ------w- c:\windows\system32\dllcache\mswebdvd.dll
2009-08-05 01:44:46 2189184 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-05 01:44:46 2189184 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-08-04 15:13:08 2145280 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-08-04 14:20:09 2023936 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-08-04 14:20:08 2066048 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-08-04 14:20:08 2066048 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe

============= FINISH: 20:49:15.65 ===============

Attach

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/30/2009 11:58:49 AM
System Uptime: 10/28/2009 8:42:08 PM (0 hours ago)

Motherboard: Dell Inc | | 0HY175
Processor: AMD Athlon(tm) 64 Processor 3500+ | Socket M2 | 2204/1000mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 149 GiB total, 98.019 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP332: 10/2/2009 8:58:09 PM - Software Distribution Service 3.0
RP333: 10/2/2009 9:01:01 PM - Software Distribution Service 3.0
RP334: 10/2/2009 9:17:56 PM - Software Distribution Service 3.0
RP335: 10/2/2009 9:28:29 PM - Software Distribution Service 3.0
RP336: 10/2/2009 9:34:39 PM - Software Distribution Service 3.0
RP337: 10/2/2009 9:43:02 PM - Software Distribution Service 3.0
RP338: 10/2/2009 9:54:38 PM - Software Distribution Service 3.0
RP339: 10/2/2009 9:57:09 PM - Software Distribution Service 3.0
RP340: 10/2/2009 10:20:25 PM - Software Distribution Service 3.0
RP341: 10/2/2009 10:32:38 PM - Software Distribution Service 3.0
RP342: 10/2/2009 10:38:05 PM - Software Distribution Service 3.0
RP343: 10/2/2009 11:31:50 PM - Software Distribution Service 3.0
RP344: 10/3/2009 10:40:35 AM - Software Distribution Service 3.0
RP345: 10/3/2009 12:27:27 PM - Installed GridClicker
RP346: 10/3/2009 2:40:11 PM - Software Distribution Service 3.0
RP347: 10/3/2009 3:11:26 PM - Software Distribution Service 3.0
RP348: 10/3/2009 5:44:30 PM - Software Distribution Service 3.0
RP349: 10/3/2009 10:50:44 PM - Software Distribution Service 3.0
RP350: 10/3/2009 11:34:48 PM - Software Distribution Service 3.0
RP351: 10/4/2009 10:08:45 AM - Installed ijji REACTOR
RP352: 10/4/2009 11:02:56 AM - Software Distribution Service 3.0
RP353: 10/4/2009 5:11:54 PM - Software Distribution Service 3.0
RP354: 10/4/2009 6:21:54 PM - Software Distribution Service 3.0
RP355: 10/4/2009 6:23:12 PM - Software Distribution Service 3.0
RP356: 10/4/2009 6:49:24 PM - Software Distribution Service 3.0
RP357: 10/4/2009 8:05:57 PM - Installed Eudemons Online
RP358: 10/4/2009 8:06:02 PM - Installed Eudemons Online
RP359: 10/4/2009 10:01:55 PM - Software Distribution Service 3.0
RP360: 10/5/2009 8:03:40 AM - Software Distribution Service 3.0
RP361: 10/5/2009 8:10:58 AM - Software Distribution Service 3.0
RP362: 10/5/2009 4:22:44 PM - Software Distribution Service 3.0
RP363: 10/5/2009 8:00:35 PM - Software Distribution Service 3.0
RP364: 10/6/2009 4:06:43 PM - Software Distribution Service 3.0
RP365: 10/6/2009 4:59:01 PM - Removed Eudemons Online
RP366: 10/6/2009 4:59:08 PM - Removed Eudemons Online
RP367: 10/7/2009 8:20:02 AM - Software Distribution Service 3.0
RP368: 10/7/2009 5:45:24 PM - Software Distribution Service 3.0
RP369: 10/7/2009 7:10:17 PM - Software Distribution Service 3.0
RP370: 10/7/2009 9:45:58 PM - Software Distribution Service 3.0
RP371: 10/8/2009 5:46:59 PM - Software Distribution Service 3.0
RP372: 10/8/2009 10:05:15 PM - Software Distribution Service 3.0
RP373: 10/9/2009 8:30:30 AM - Software Distribution Service 3.0
RP374: 10/9/2009 4:48:15 PM - Software Distribution Service 3.0
RP375: 10/9/2009 4:56:32 PM - Software Distribution Service 3.0
RP376: 10/9/2009 5:09:57 PM - Software Distribution Service 3.0
RP377: 10/9/2009 5:15:09 PM - Software Distribution Service 3.0
RP378: 10/10/2009 12:01:57 AM - Software Distribution Service 3.0
RP379: 10/10/2009 12:22:42 AM - Software Distribution Service 3.0
RP380: 10/10/2009 1:50:53 AM - Software Distribution Service 3.0
RP381: 10/10/2009 3:23:22 PM - Software Distribution Service 3.0
RP382: 10/10/2009 4:09:07 PM - Software Distribution Service 3.0
RP383: 10/11/2009 9:50:01 AM - Software Distribution Service 3.0
RP384: 10/11/2009 3:05:54 PM - Software Distribution Service 3.0
RP385: 10/12/2009 9:38:06 AM - Software Distribution Service 3.0
RP386: 10/12/2009 3:33:22 PM - Software Distribution Service 3.0
RP387: 10/13/2009 8:08:02 PM - Installed WonderKing.
RP388: 10/13/2009 8:15:25 PM - Software Distribution Service 3.0
RP389: 10/13/2009 8:55:16 PM - Software Distribution Service 3.0
RP390: 10/13/2009 9:04:03 PM - Software Distribution Service 3.0
RP391: 10/14/2009 4:36:50 PM - Installed Nanovor
RP392: 10/14/2009 4:47:37 PM - Software Distribution Service 3.0
RP393: 10/14/2009 5:17:07 PM - Software Distribution Service 3.0
RP394: 10/14/2009 5:24:27 PM - Software Distribution Service 3.0
RP395: 10/14/2009 5:30:18 PM - Software Distribution Service 3.0
RP396: 10/14/2009 5:37:51 PM - Software Distribution Service 3.0
RP397: 10/14/2009 5:45:39 PM - Software Distribution Service 3.0
RP398: 10/14/2009 5:53:43 PM - Software Distribution Service 3.0
RP399: 10/14/2009 5:57:40 PM - Software Distribution Service 3.0
RP400: 10/14/2009 6:24:40 PM - Software Distribution Service 3.0
RP401: 10/14/2009 6:39:15 PM - Software Distribution Service 3.0
RP402: 10/14/2009 6:48:06 PM - Software Distribution Service 3.0
RP403: 10/14/2009 7:08:12 PM - Software Distribution Service 3.0
RP404: 10/14/2009 7:25:54 PM - Software Distribution Service 3.0
RP405: 10/14/2009 7:38:48 PM - Software Distribution Service 3.0
RP406: 10/14/2009 7:43:08 PM - Software Distribution Service 3.0
RP407: 10/14/2009 8:10:36 PM - Software Distribution Service 3.0
RP408: 10/14/2009 8:25:59 PM - Software Distribution Service 3.0
RP409: 10/14/2009 8:42:54 PM - Software Distribution Service 3.0
RP410: 10/14/2009 9:00:59 PM - Software Distribution Service 3.0
RP411: 10/14/2009 9:22:43 PM - Software Distribution Service 3.0
RP412: 10/14/2009 9:34:25 PM - Software Distribution Service 3.0
RP413: 10/14/2009 10:21:59 PM - Software Distribution Service 3.0
RP414: 10/15/2009 7:55:40 AM - Software Distribution Service 3.0
RP415: 10/15/2009 4:17:53 PM - Software Distribution Service 3.0
RP416: 10/15/2009 4:48:31 PM - Software Distribution Service 3.0
RP417: 10/15/2009 10:53:36 PM - Software Distribution Service 3.0
RP418: 10/16/2009 3:49:57 PM - Software Distribution Service 3.0
RP419: 10/16/2009 4:04:54 PM - Software Distribution Service 3.0
RP420: 10/16/2009 4:11:32 PM - Software Distribution Service 3.0
RP421: 10/16/2009 5:06:41 PM - Software Distribution Service 3.0
RP422: 10/16/2009 5:13:49 PM - Software Distribution Service 3.0
RP423: 10/16/2009 5:29:37 PM - Software Distribution Service 3.0
RP424: 10/16/2009 5:47:45 PM - Software Distribution Service 3.0
RP425: 10/16/2009 6:14:00 PM - Software Distribution Service 3.0
RP426: 10/16/2009 6:28:19 PM - Installed Windows Live Communications Platform
RP427: 10/16/2009 6:30:21 PM - Software Distribution Service 3.0
RP428: 10/16/2009 6:35:04 PM - Software Distribution Service 3.0
RP429: 10/16/2009 6:45:59 PM - Software Distribution Service 3.0
RP430: 10/16/2009 6:59:40 PM - Software Distribution Service 3.0
RP431: 10/16/2009 7:18:30 PM - Software Distribution Service 3.0
RP432: 10/16/2009 7:28:35 PM - Removed Nanovor
RP433: 10/16/2009 7:36:40 PM - Software Distribution Service 3.0
RP434: 10/16/2009 7:44:19 PM - Software Distribution Service 3.0
RP435: 10/16/2009 8:02:21 PM - Software Distribution Service 3.0
RP436: 10/16/2009 8:14:46 PM - Software Distribution Service 3.0
RP437: 10/16/2009 8:44:47 PM - Software Distribution Service 3.0
RP438: 10/16/2009 8:56:31 PM - Software Distribution Service 3.0
RP439: 10/16/2009 9:05:35 PM - Software Distribution Service 3.0
RP440: 10/16/2009 9:20:20 PM - Software Distribution Service 3.0
RP441: 10/16/2009 9:25:20 PM - Software Distribution Service 3.0
RP442: 10/16/2009 9:39:55 PM - Software Distribution Service 3.0
RP443: 10/16/2009 9:52:46 PM - Software Distribution Service 3.0
RP444: 10/16/2009 9:59:03 PM - Installed Windows Installer Clean Up
RP445: 10/16/2009 10:00:47 PM - Software Distribution Service 3.0
RP446: 10/16/2009 10:07:58 PM - Software Distribution Service 3.0
RP447: 10/17/2009 9:39:18 AM - Software Distribution Service 3.0
RP448: 10/17/2009 9:55:17 AM - Software Distribution Service 3.0
RP449: 10/17/2009 9:59:38 AM - Software Distribution Service 3.0
RP450: 10/17/2009 10:14:49 AM - Installed Windows Installer Clean Up
RP451: 10/17/2009 10:35:56 AM - Installed WonderKing.
RP452: 10/17/2009 1:25:58 PM - Software Distribution Service 3.0
RP453: 10/17/2009 10:21:40 PM - Software Distribution Service 3.0
RP454: 10/17/2009 11:02:17 PM - Software Distribution Service 3.0
RP455: 10/17/2009 11:19:17 PM - Software Distribution Service 3.0
RP456: 10/18/2009 9:03:10 AM - Software Distribution Service 3.0
RP457: 10/18/2009 10:20:13 PM - Software Distribution Service 3.0
RP458: 10/19/2009 8:08:11 AM - Software Distribution Service 3.0
RP459: 10/19/2009 9:31:45 PM - Software Distribution Service 3.0
RP460: 10/20/2009 8:27:42 AM - Software Distribution Service 3.0
RP461: 10/20/2009 3:48:35 PM - Software Distribution Service 3.0
RP462: 10/20/2009 7:37:53 PM - ADVANCED REGISTRY OPTIMIZER - FIRST RUN
RP463: 10/20/2009 7:38:49 PM - Advanced Registry Optimizer Tue, Oct 20, 09 19:38
RP464: 10/20/2009 8:40:34 PM - Software Distribution Service 3.0
RP465: 10/20/2009 9:35:17 PM - Software Distribution Service 3.0
RP466: 10/21/2009 8:05:12 AM - Software Distribution Service 3.0
RP467: 10/21/2009 10:30:38 PM - Software Distribution Service 3.0
RP468: 10/22/2009 8:28:36 AM - Software Distribution Service 3.0
RP469: 10/22/2009 5:32:42 PM - Software Distribution Service 3.0
RP470: 10/22/2009 9:08:13 PM - Software Distribution Service 3.0
RP471: 10/22/2009 9:13:39 PM - Software Distribution Service 3.0
RP472: 10/22/2009 11:23:55 PM - Software Distribution Service 3.0
RP473: 10/23/2009 8:09:00 PM - Software Distribution Service 3.0
RP474: 10/23/2009 10:01:26 PM - Software Distribution Service 3.0
RP475: 10/24/2009 2:07:56 PM - Windows Defender Checkpoint
RP476: 10/24/2009 5:34:59 PM - Software Distribution Service 3.0
RP477: 10/24/2009 11:27:32 PM - Software Distribution Service 3.0
RP478: 10/24/2009 11:49:17 PM - Software Distribution Service 3.0
RP479: 10/25/2009 9:45:31 AM - Software Distribution Service 3.0
RP480: 10/25/2009 10:01:07 PM - Software Distribution Service 3.0
RP481: 10/26/2009 8:34:12 AM - Software Distribution Service 3.0
RP482: 10/26/2009 6:04:34 PM - Software Distribution Service 3.0
RP483: 10/26/2009 6:08:20 PM - Software Distribution Service 3.0
RP484: 10/26/2009 6:28:04 PM - Software Distribution Service 3.0
RP485: 10/26/2009 7:02:33 PM - Software Distribution Service 3.0
RP486: 10/26/2009 8:22:48 PM - Software Distribution Service 3.0
RP487: 10/26/2009 9:29:45 PM - Software Distribution Service 3.0
RP488: 10/27/2009 8:27:46 AM - Software Distribution Service 3.0
RP489: 10/27/2009 9:50:37 PM - Software Distribution Service 3.0
RP490: 10/28/2009 8:16:14 AM - Software Distribution Service 3.0
RP491: 10/28/2009 6:15:46 PM - Software Distribution Service 3.0
RP492: 10/28/2009 8:39:40 PM - Software Distribution Service 3.0
RP493: 10/28/2009 8:45:23 PM - Software Distribution Service 3.0

==== Installed Programs ======================

Moyea SWF to Video Converter Standard version 3.5.1.6
µTorrent
7-Zip 4.65
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Shockwave Player
AIM 6
AIM Toolbar
Ask Toolbar
avast! Antivirus
CamStudio
CCleaner (remove only)
Cheat Engine 5.5
Chinese (Simplified) Language Support
Critical Update for Windows Media Player 11 (KB959772)
CyberLink PhotoNow
D-Link RangeBooster N DWA-142
Download Updater (AOL LLC)
Fraps (remove only)
Google Chrome
Google Toolbar for Internet Explorer
Google Updater
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Huffyuv AVI lossless video codec (Remove Only)
Hybrid Downloader 1,0,2,6
HyperCam 2
ijji REACTOR
Japanese Language Support
Korean Language Support
Lagarith Lossless Codec (1.3.20)
Lagarith lossless video codec (Remove Only)
Logitech QuickCam Driver Package
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Windows XP Video Decoder Checkup Utility
Neffy 1,2,1,11
NVIDIA Drivers
OGPlanet Game Launcher
Pando Media Booster
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
SigmaTel Audio
Super Smash Flash EXE Version 1.0
Unity Web Player
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB968220)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
VDownloader 0.83
version 5.0.0
Viewpoint Media Player
Windows Genuine Advantage Notifications (KB905474)
Windows Installer Clean Up
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
WonderKing
XML Paper Specification Shared Components Pack 1.0
Yrefresher 1.00

==== Event Viewer Messages From Past Week ========

10/27/2009 4:21:53 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.0.101 with the system having network hardware address 00:11:95:8D:80:6B. Network operations on this system may be disrupted as a result.
10/26/2009 6:24:42 PM, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.0.103 with the system having network hardware address 00:20:00:3A:53:7D. Network operations on this system may be disrupted as a result.
10/26/2009 3:51:41 PM, error: Dhcp [1002] - The IP address lease 192.168.0.102 for the Network Card with network address 00195B094F9A has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
10/24/2009 11:30:46 PM, error: Dhcp [1002] - The IP address lease 192.168.0.101 for the Network Card with network address 00195B094F9A has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
10/23/2009 8:40:25 PM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00195B094F9A. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
10/22/2009 11:24:20 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 2.0 Service Pack 2 Security Update for Windows 2000, Windows Server 2003, and Windows XP (KB974417).
10/22/2009 11:24:16 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86.
10/22/2009 11:24:11 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 1.1 Service Pack 1 Security Update for Windows 2000, Windows XP, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 (KB953297).
10/21/2009 7:44:00 AM, error: Dhcp [1002] - The IP address lease 192.168.0.100 for the Network Card with network address 00195B094F9A has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

==== End Of File ===========================
dariene is offline   Reply With Quote
Didn't find the information you thought to find?
Check out these Similar Threads
Old 3 Weeks Ago   #2
Malware Analyst
 
broni's Avatar
 
Profile:
Join Date: Aug 2002
Location: Daly City, CA
Posts: 4,702
Computer Experience:
intermediate
broni Reputation Levelbroni Reputation Levelbroni Reputation Levelbroni Reputation Levelbroni Reputation Levelbroni Reputation Levelbroni Reputation Level

My System

What are the issues?
broni is offline   Reply With Quote
Old 3 Weeks Ago   #3
Member
 
Profile:
Join Date: Oct 2009
Posts: 12
Computer Experience:
Beginner
dariene Reputation Level
I can't download anything and login anything and sign in into anything.
When i try to login or sign in the website fails to load.
When i try to download anything it doesn't work. I click start and after its done it says it failed. The SmartScreen filter service is offline.

And i think it something to do with cookies also.


I got dds from http://www.windowsbbs.com/malware-vi...uncements.html
Last edited by dariene; 3 Weeks Ago at 04:10.
dariene is offline   Reply With Quote
Old 3 Weeks Ago   #4
Malware Analyst
 
broni's Avatar
 
Profile:
Join Date: Aug 2002
Location: Daly City, CA
Posts: 4,702
Computer Experience:
intermediate
broni Reputation Levelbroni Reputation Levelbroni Reputation Levelbroni Reputation Levelbroni Reputation Levelbroni Reputation Levelbroni Reputation Level

My System

How did you download DDS?
broni is offline   Reply With Quote
Old 3 Weeks Ago   #5
Member
 
Profile:
Join Date: Oct 2009
Posts: 12
Computer Experience:
Beginner
dariene Reputation Level
http://www.windowsbbs.com/malware-vi...uncements.html
dariene is offline   Reply With Quote
Old 3 Weeks Ago   #6
Member
 
Profile:
Join Date: Oct 2009
Posts: 12
Computer Experience:
Beginner
dariene Reputation Level
Re:
I got it from http://www.windowsbbs.com/malware-vi...uncements.html
dariene is offline   Reply With Quote
Old 3 Weeks Ago   #7
Member
 
Profile:
Join Date: Oct 2009
Posts: 12
Computer Experience:
Beginner
dariene Reputation Level
Quote:
Originally Posted by broni View Post
How did you download DDS?
http://www.windowsbbs.com/malware-vi...uncements.html
thats where i got it from.
dariene is offline   Reply With Quote
Old 3 Weeks Ago   #8
Malware Analyst
 
broni's Avatar
 
Profile:
Join Date: Aug 2002
Location: Daly City, CA
Posts: 4,702
Computer Experience:
intermediate
broni Reputation Levelbroni Reputation Levelbroni Reputation Levelbroni Reputation Levelbroni Reputation Levelbroni Reputation Levelbroni Reputation Level

My System

I know the links, but you said:
Quote:
I can't download anything
In any case.....

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  1. Please, never rename Combofix unless instructed.
  2. Close any open browsers.
  3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    NOTE. If Combofix asks you to install Recovery Console, please allow it.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  4. Double click on combofix.exe & follow the prompts.
  5. When finished, it will produce a report for you.
  6. Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!


Download HijackThis:
http://www.trendsecure.com/portal/en...kthis/download
by clicking on Download HijackThis Installer
Install, and run it.
Post HijackTHis log.
Do NOT attempt to fix anything!

NOTE. If you're using Vista, right click on HijackThis, and click Run as Administrator
broni is offline   Reply With Quote
Reply

« [Active] IE8 Home Default Page | [Active] Pen drive showing 0 bytes free used space,system restore disabled »
Thread Tools


Similar Threads
Thread Thread Starter Forum Replies Last Post
[Resolved] DDS Log for a computer unable to update FuzzyxPanda Malware and Virus Removal 25 17th October 2009 22:27
[Resolved] Malware and Virus Removal xineohP Malware and Virus Removal 10 14th July 2009 21:52
[Resolved] Please look @ my DDS logs. Trojans/backdoor/viruses. jbh Malware and Virus Removal 45 15th March 2009 21:01
[InActive] iexplore.exe problem. diagray Malware and Virus Removal 7 8th December 2008 00:35
infected! desktop disapears, dionysus13 Malware and Virus Removal 22 29th June 2008 06:11


All times are GMT +1. The time now is 22:38.




Advertise - Contact Us - Windows BBS - Archive - Privacy Statement - Top

Advertisements do not imply our endorsement of the product or service advertised.
Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.3.2
Copyright © 2002 - 2009 WindowsBBS.com. All rights reserved.
Terms of Use, Legal Information & Privacy Policy
[]

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32