1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Active www.123spywar.com listening on my network ports

Discussion in 'Malware and Virus Removal Archive' started by onerytk, 2009/10/05.

  1. 2009/10/05
    onerytk

    onerytk Inactive Thread Starter

    Joined:
    2009/09/17
    Messages:
    6
    Likes Received:
    0
    [Active] www.123spywar.com listening on my network ports

    Hi everyone
    Please excuse my lack of knowledge but I have noticed that the above site is coming up when I check my tcp/ip ports & connections which I think is some sort of adware issue..I would very grateful if some could have a look at the following reports generated as I really dont know how to read them...many thanks!

    DDS (Ver_09-09-29.01) - NTFSx86
    Run by Owner at 20:10:04.76 on Mon 10/05/2009
    Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_16
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.510.105 [GMT 2:00]

    AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

    ============== Running Processes ===============

    C:\WINDOWS3\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS3\System32\svchost.exe -k netsvcs
    svchost.exe
    C:\WINDOWS3\system32\spoolsv.exe
    C:\WINDOWS3\Explorer.EXE
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Everything\Everything.exe
    C:\Program Files\Labtec\Desktop\V5.1\moffice.exe
    C:\Program Files\Labtec\Desktop\V5.1\kbdap32a.exe
    C:\Program Files\Labtec\Desktop\V5.1\MOUSE32A.EXE
    C:\Program Files\Cacheman\CachemanTray.exe
    C:\Program Files\Cacheman\CachemanServ.exe
    C:\WINDOWS3\system32\svchost.exe -k hpdevmgmt
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS3\System32\svchost.exe -k HPZ12
    C:\Program Files\Eset\nod32krn.exe
    C:\WINDOWS3\System32\svchost.exe -k HPZ12
    C:\WINDOWS3\system32\svchost.exe -k imgsvc
    svchost.exe
    C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
    C:\Program Files\Spotify\spotify.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Owner\My Documents\Downloads\HijackThis.exe
    C:\WINDOWS3\system32\NOTEPAD.EXE
    C:\Program Files\AnswersThatWork\Troubleshooter\UltimateTroubleshooter.exe
    C:\Program Files\AnswersThatWork\Troubleshooter\UltimateTroubleshooter.exe
    C:\Documents and Settings\Owner\My Documents\Downloads\dds.scr

    ============== Pseudo HJT Report ===============

    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\smart web printing\hpswp_printenhancer.dll
    BHO: HP Print Clips: {053f9267-dc04-4294-a72c-58f732d338c0} - c:\program files\hp\smart web printing\hpswp_framework.dll
    BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    uRun: [CachemanTray] c:\program files\cacheman\CachemanTray.exe
    uRun: [uTorrent] "c:\program files\utorrent\utorrent.exe "
    mRun: [nod32kui] "c:\program files\eset\nod32kui.exe" /WAITSERVICE
    mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
    mRun: [Everything] "c:\program files\everything\Everything.exe" -startup
    mRun: [FLMOFFICE4DMOUSE] c:\program files\labtec\desktop\v5.1\moffice.exe
    mRun: [OFFICEKB] c:\program files\labtec\desktop\v5.1\kbdap32a.exe
    mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
    StartupFolder: c:\docume~1\owner\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt1\AUTOBACK.EXE
    uPolicies-explorer: NoActiveDesktop = 00000000
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll
    IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
    LSP: c:\windows3\system32\imon.dll
    LSP: c:\windows3\system32\SecureNet.dll
    DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/pcpitstop/pcpitstop.cab
    DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
    Notify: igfxcui - igfxdev.dll

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\y6sm8hny.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    FF - prefs.js: browser.startup.homepage - hxxp://uk.yahoo.com/
    FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\y6sm8hny.default\extensions\{b5fb9555-4883-4233-9767-51245926c95e}\components\FFExternalAlert.dll
    FF - plugin: c:\documents and settings\owner\application data\mozilla\firefox\profiles\y6sm8hny.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
    FF - plugin: c:\documents and settings\owner\local settings\application data\google\update\1.2.183.7\npGoogleOneClick8.dll
    FF - plugin: c:\progra~1\meadco~1\npmeadax.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npmeadax.dll
    FF - plugin: c:\program files\veetle\player\npvlc.dll
    FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

    ============= SERVICES / DRIVERS ===============

    R1 nod32drv;nod32drv;c:\windows3\system32\drivers\nod32drv.sys [2009-9-1 15424]
    R1 ShldDrv;Panda File Shield Driver;c:\windows3\system32\drivers\shldrv51.sys --> c:\windows3\system32\drivers\ShlDrv51.sys [?]
    R2 CachemanService;Cacheman Service;c:\program files\cacheman\CachemanServ.exe [2009-9-11 221240]
    R2 NOD32krn;NOD32 Kernel Service;c:\program files\eset\nod32krn.exe [2007-2-18 552064]
    R2 PavProc;Panda Process Protection Driver;\??\c:\windows3\system32\drivers\pavproc.sys --> c:\windows3\system32\drivers\PavProc.sys [?]
    R2 PavPrSrv;Panda Process Protection Service; "c:\program files\common files\panda software\pavshld\pavprsrv.exe" --> c:\program files\common files\panda software\pavshld\pavprsrv.exe [?]
    R3 tap0901;TAP-Win32 Adapter V9;c:\windows3\system32\drivers\tap0901.sys [2009-10-4 25216]
    S2 vvdsvc;VJVodClientServices;c:\windows3\system32\svchost.exe -k vvdsvc [2006-2-28 14336]
    S3 epmntdrv;epmntdrv;c:\windows3\system32\epmntdrv.sys [2009-9-14 8704]
    S3 EuGdiDrv;EuGdiDrv;c:\windows3\system32\EuGdiDrv.sys [2009-9-14 3072]
    S3 RGService;RGService;c:\program files\radioget\RGService.exe [2009-10-2 335872]
    S3 STSService;STSService; [x]

    =============== Created Last 30 ================

    2009-10-05 00:25 0 -------- c:\windows3\PAVSHRB.INI
    2009-10-04 23:38 <DIR> --d----- c:\program files\common files\Panda Security
    2009-10-04 23:19 25,216 a------- c:\windows3\system32\drivers\tap0901.sys
    2009-10-04 23:19 <DIR> --d----- c:\program files\FreeVPN
    2009-10-04 00:16 28,544 a------- c:\windows3\system32\drivers\pavboot.sys
    2009-10-04 00:13 <DIR> --d----- c:\program files\Panda Security
    2009-10-02 19:20 <DIR> --d----- c:\docume~1\owner\applic~1\Malwarebytes
    2009-10-02 19:20 38,224 a------- c:\windows3\system32\drivers\mbamswissarmy.sys
    2009-10-02 19:20 19,160 a------- c:\windows3\system32\drivers\mbam.sys
    2009-10-02 19:20 <DIR> --d----- c:\docume~1\alluse~1.win\applic~1\Malwarebytes
    2009-10-02 18:22 28,672 a------- c:\windows3\system32\FindTarget.dll
    2009-10-02 08:10 <DIR> --d----- c:\program files\RadioGet
    2009-10-02 06:05 <DIR> --d----- c:\program files\Cacheman
    2009-10-02 05:22 <DIR> --d----- c:\docume~1\owner\applic~1\Dropbox
    2009-09-29 19:01 1,902 -------- c:\windows3\system32\SetupBD.din
    2009-09-29 18:59 154,112 ac------ c:\windows3\system32\dllcache\e100b325.sys
    2009-09-29 18:59 154,112 a------- c:\windows3\system32\drivers\e100b325.sys
    2009-09-29 18:59 118,784 a------- c:\windows3\system32\Prounstl.exe
    2009-09-29 18:59 24,064 a------- c:\windows3\system32\IntelNic.dll
    2009-09-29 18:59 12,288 a------- c:\windows3\system32\e100bmsg.dll
    2009-09-29 18:59 5,110 a------- c:\windows3\system32\e100b325.din
    2009-09-29 18:59 <DIR> --d----- C:\drvrtmp
    2009-09-29 18:59 840,456 a------- C:\R105786.EXE
    2009-09-29 18:55 <DIR> --d----- c:\program files\Driver Magician
    2009-09-28 19:32 6,205 a------- c:\windows3\system\Kbdvx32a.vxd
    2009-09-28 19:32 <DIR> --d----- c:\program files\Labtec
    2009-09-28 17:34 70,688 a------- c:\windows3\system32\drivers\alcaudsl.sys
    2009-09-28 17:34 5,280 a------- c:\windows3\system32\drivers\alcawh.sys
    2009-09-28 17:34 3,968 a------- c:\windows3\system32\drivers\alcacr.sys
    2009-09-27 20:17 375,054 a------- C:\1.bmp
    2009-09-27 15:12 8,704 ac------ c:\windows3\system32\dllcache\kbdjpn.dll
    2009-09-27 15:12 8,192 ac------ c:\windows3\system32\dllcache\kbdkor.dll
    2009-09-27 15:12 6,144 ac------ c:\windows3\system32\dllcache\kbd106.dll
    2009-09-27 15:12 6,144 ac------ c:\windows3\system32\dllcache\kbd101c.dll
    2009-09-27 15:12 5,632 ac------ c:\windows3\system32\dllcache\kbd103.dll
    2009-09-27 15:12 8,704 a------- c:\windows3\system32\kbdjpn.dll
    2009-09-27 15:12 8,192 a------- c:\windows3\system32\kbdkor.dll
    2009-09-27 15:12 6,144 a------- c:\windows3\system32\kbd106.dll
    2009-09-27 15:12 6,144 a------- c:\windows3\system32\kbd101c.dll
    2009-09-27 15:12 5,632 a------- c:\windows3\system32\kbd103.dll
    2009-09-27 15:12 6,144 ac------ c:\windows3\system32\dllcache\kbd101b.dll
    2009-09-27 15:12 6,144 a------- c:\windows3\system32\kbd101b.dll
    2009-09-27 15:08 <DIR> --d----- c:\windows3\system32\Nagasoft
    2009-09-27 10:48 <DIR> --d----- c:\program files\Paragon Software
    2009-09-26 09:58 <DIR> --d----- c:\windows3\AllMySongs Database
    2009-09-26 09:58 <DIR> --d----- c:\program files\AllMySongs Database
    2009-09-26 09:47 <DIR> --d----- c:\program files\SopCast
    2009-09-20 09:20 <DIR> --d----- c:\windows3\system32\wbem\Repository
    2009-09-20 09:11 <DIR> --d----- c:\program files\Hide My IP 2009(2)
    2009-09-19 23:38 <DIR> --d-h--- c:\windows3\PIF
    2009-09-18 20:20 <DIR> --d----- c:\program files\Almeza
    2009-09-18 00:17 466,944 a------- c:\windows3\system32\iviaudio.ax
    2009-09-17 22:25 411,368 a------- c:\windows3\system32\deploytk.dll
    2009-09-17 22:25 73,728 a------- c:\windows3\system32\javacpl.cpl
    2009-09-17 21:44 <DIR> --d----- c:\docume~1\owner\applic~1\VCDEasy
    2009-09-17 21:43 <DIR> --d----- c:\program files\Pegasys Inc
    2009-09-17 20:27 <DIR> --d----- c:\program files\Combined Community Codec Pack
    2009-09-17 20:18 819,200 a------- c:\windows3\system32\xvidcore.dll
    2009-09-17 20:18 77,824 a------- c:\windows3\system32\xvid.ax
    2009-09-17 20:18 180,224 a------- c:\windows3\system32\xvidvfw.dll
    2009-09-17 20:18 <DIR> --d----- c:\program files\Xvid
    2009-09-17 19:44 <DIR> --d----- c:\program files\Veetle
    2009-09-17 17:04 168,256 a------- c:\windows3\system32\SecureNet.dll
    2009-09-17 17:04 <DIR> --d----- c:\program files\Hide My IP 2009
    2009-09-16 19:07 <DIR> --d----- c:\program files\FilmOn HDi Player
    2009-09-16 16:41 <DIR> --d----- c:\docume~1\owner\applic~1\GetRightToGo
    2009-09-15 19:37 323,584 a------- c:\windows3\system32\AUDIOGENIE2.DLL
    2009-09-15 19:35 <DIR> --d----- c:\windows3\Replay Music
    2009-09-14 20:18 <DIR> --d----- c:\program files\common files\Bcgsoft
    2009-09-14 17:11 1,663,488 a------- c:\windows3\system32\BootMan.exe
    2009-09-14 17:11 86,408 a------- c:\windows3\system32\setupempdrv03.exe
    2009-09-14 17:11 14,848 a------- c:\windows3\system32\EuEpmGdi.dll
    2009-09-14 17:11 8,704 a------- c:\windows3\system32\epmntdrv.sys
    2009-09-14 17:11 3,072 a------- c:\windows3\system32\EuGdiDrv.sys
    2009-09-14 17:11 <DIR> --d----- c:\program files\EASEUS
    2009-09-13 23:49 <DIR> --d----- c:\docume~1\owner\applic~1\GlarySoft
    2009-09-13 23:30 <DIR> --d----- c:\program files\Glary Utilities1
    2009-09-12 16:49 <DIR> --d----- c:\program files\Bit Che1
    2009-09-11 11:10 <DIR> --d----- c:\program files\ERUNT1
    2009-09-11 00:33 <DIR> --d----- c:\program files\CONEXANT
    2009-09-10 22:00 <DIR> --d----- c:\program files\Everything
    2009-09-10 20:48 <DIR> --d----- c:\docume~1\owner\applic~1\Convivea
    2009-09-06 17:37 212,240 a------- c:\windows3\system32\RichTx32.ocx
    2009-09-06 17:37 124,688 a------- c:\windows3\system32\MSWinSck.ocx
    2009-09-06 17:37 1,753,088 a------- c:\windows3\system32\ExGrid.dll
    2009-09-06 17:37 614,400 a------- c:\windows3\system32\ExButton.dll
    2009-09-06 17:37 602,112 a------- c:\windows3\system32\ExMenu.dll
    2009-09-06 17:37 516,096 a------- c:\windows3\system32\ExTab.dll
    2009-09-06 17:37 307,200 a------- c:\windows3\system32\ExPMenu.dll
    2009-09-06 17:36 356,352 a------- c:\windows3\system32\eSellerateEngine.dll
    2009-09-06 17:36 118,784 a------- c:\windows3\system32\eWebControl.dll
    2009-09-06 17:36 368,912 a------- c:\windows3\system32\vbar332.dll

    ==================== Find3M ====================

    2009-09-07 21:06 141,136 a------- c:\windows3\hpoins14.dat
    2009-09-03 20:24 685,816 a------- c:\windows3\system32\drivers\sptd.sys
    2009-09-01 19:46 512,096 a------- c:\windows3\system32\drivers\amon.sys
    2009-09-01 19:46 298,104 a------- c:\windows3\system32\imon.dll
    2009-09-01 19:46 15,424 a------- c:\windows3\system32\drivers\nod32drv.sys
    2009-08-31 10:57 76,493 a------- c:\windows3\pchealth\helpctr\offlinecache\index.dat
    2009-08-30 10:07 499,712 a------- c:\windows3\system32\msvcp71.dll
    2009-08-23 15:30 21,640 a------- c:\windows3\system32\emptyregdb.dat
    2002-07-10 10:22 81,920 ac------ c:\program files\common files\msado25.tlb

    ============= FINISH: 20:10:38.51 ===============
    And the other log is

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_09-09-29.01)

    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume2
    Install Date: 8/23/2009 3:36:30 PM
    System Uptime: 10/2/2009 9:05:06 PM (71 hours ago)

    Motherboard: Dell Computer Corp. | | 0CF458
    Processor: Intel(R) Celeron(R) CPU 2.53GHz | Microprocessor | 2527/533mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 71 GiB total, 15.764 GiB free.
    D: is CDROM ()
    E: is CDROM ()

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP53: 9/30/2009 8:08:27 PM - Pre windows system delete
    RP54: 10/1/2009 1:44:58 AM - System Checkpoint
    RP55: 10/2/2009 6:58:23 AM - System Checkpoint
    RP56: 10/3/2009 7:09:30 AM - System Checkpoint
    RP57: 10/4/2009 12:42:42 PM - System Checkpoint
    RP58: 10/5/2009 1:24:28 PM - System Checkpoint

    ==== Installed Programs ======================

    µTorrent
    32 Bit HP CIO Components Installer
    7-Zip 4.65
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Advanced SystemCare 3
    AIO_Scan
    AllMySongs Database
    Almeza MultiSet Professional 6.7
    Ashampoo Burning Studio 2009
    Ashampoo Movie Shrink & Burn 3 3.03
    Ashampoo Music Studio 3
    Bit Che
    BufferChm
    Cacheman 7.0
    Combined Community Codec Pack 2009-09-09
    Conexant D850 56K V.9x DFVc Modem
    Copy
    Destination Component
    DeviceDiscovery
    DeviceManagementQFolder
    Digital Line Detect
    DJ_AIO_ProductContext
    DJ_AIO_Software
    DJ_AIO_Software_min
    Driver Magician 3.45
    Dropbox
    EASEUS Partition Master 4.0 Professional
    ERUNT 1.1j
    eSupportQFolder
    Everything 1.2.1.371
    F4100
    F4100_doccd
    F4100_Help
    FilmOn HDi Player
    Foxit Reader
    FreeVPN v1.07 build 1
    Glary Utilities Pro 2.15.0.738
    Google Chrome
    HijackThis 2.0.2
    HP Deskjet All-In-One Software 9.0
    HP Imaging Device Functions 9.0
    HP Photosmart Essential 2.01
    HP Photosmart Essential2.01
    HP Print Diagnostic Utility
    HP Smart Web Printing
    HP Solution Center 9.0
    HP Update
    HPProductAssistant
    ImgBurn
    Intel(R) Extreme Graphics 2 Driver
    Intel(R) PRO Network Adapters and Drivers
    Java(TM) 6 Update 16
    Labtec Desktop V5.1
    Magic ISO Maker v5.5 (build 0272)
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 2.0
    Microsoft Silverlight
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Works 7.0
    Modem Helper
    Mozilla Firefox (3.5.3)
    NOD32 antivirus system
    Open file location Shell Extension (Remove Only)
    Panda ActiveScan 2.0
    Paragon Software SlovoEd 7
    PSSWCORE
    RadioGet 1.3.8
    Replay Music
    Revo Uninstaller 1.83
    Scan
    SolutionCenter
    SopCast 3.0.3
    SoundMAX
    Spybot - Search & Destroy
    Stalled Printer Repair 1.2
    Status
    The Ultimate Troubleshooter
    TMPGEnc Plus 2.5
    Toolbox
    TrayApp
    TVAnts 1.0
    UnloadSupport
    Update for Windows XP (KB911164)
    VCDEasy
    Veetle TV 0.9.15
    VideoLAN VLC media player 0.8.1
    VideoToolkit01
    VirtualCloneDrive
    VJOcx2.0
    WebFldrs XP
    WebReg
    WinMPG VideoConvert 8.9.6.0
    WinRAR archiver
    Wondershare DPG Converter(Build 4.2.0.56)
    Wondershare Photo Story Gold GAOTD Edition 3.4.2.0
    Xilisoft Video Converter Ultimate
    Xvid 1.2.2 final uninstall

    ==== Event Viewer Messages From Past Week ========

    9/30/2009 9:34:10 AM, error: Dhcp [1002] - The IP address lease 192.168.1.34 for the Network Card with network address 001320B9E37D has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
    9/30/2009 8:07:46 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000003A' while processing the file '2.0.0.0__b03f5f7f11d50a3a' on the volume 'Hardd .. lume2'. It has stopped monitoring the volume.
    9/30/2009 1:23:40 PM, error: Dhcp [1002] - The IP address lease 192.168.1.33 for the Network Card with network address 001320B9E37D has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
    9/28/2009 12:06:38 PM, error: ipnathlp [31012] - The DNS proxy agent encountered an error while obtaining the local list of name-resolution servers. Some DNS or WINS servers may be inaccessible to clients on the local network. The data is the error code.
    10/5/2009 7:03:23 PM, error: Dhcp [1002] - The IP address lease 10.8.0.253 for the Network Card with network address 00FF867CB144 has been denied by the DHCP server 10.8.0.254 (The DHCP Server sent a DHCPNACK message).

    ==== End Of File ===========================
     
    onerytk,
    #1
  2. 2009/10/05
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Please download ComboFix from [color= "Red"]Here[/color] or [color= "#FF0000"]Here[/color] to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    1. Please, never rename Combofix unless instructed.
    2. Close any open browsers.
    3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results ".
      • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
      NOTE. If Combofix asks you to install Recovery Console, please allow it.
      • Close any open browsers.
      • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
      • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
      • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    4. Double click on combofix.exe & follow the prompts.
    5. When finished, it will produce a report for you.
    6. Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.
    **Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

    Make sure, you re-enable your security programs, when you're done with Combofix.

    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!



    Download HijackThis:
    http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
    by clicking on Download HijackThis Installer
    Install, and run it.
    Post HijackTHis log.
    Do NOT attempt to fix anything!

    NOTE. If you're using Vista, right click on HijackThis, and click Run as Administrator
     
    broni,
    #2


  3. to hide this advert.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...