-
virtumonde
I have recently been given a Compaq Presario, which is running XP media center.
It was given to me because of problems which the previous owner gave up on and bought a macbook.
In adding and running Spybot S&D it found some 135 problems which I asked it to then fix all.
It could not fix some problems and asked me to restart.
upon restart each time it would find 6 or so problems and only be able to fix 4 'without a restart'.
I watched Spybot run because I found it odd there were so many files 917655.
toward the end of the scans large numbers of files are called virtumonde.sdn.
I looked it up on wiki and it comes up a virus.
I'm not sure how to proceed.
-
Hello and welcome to the forums here at Spybot S&D.
Please read through the instructions at this link.
Then post your HijackThis log back here for me to review.
Please do not start a new topic but reply back here.
Regards,
Dave
-
hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:23:07 AM, on 2/28/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\IA\command.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\All Users\Application Data\SeekeenSrch\seekeen155.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\SeekeenSrch\seekeen.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\Common Files\{7C622FEF-089C-1033-0413-060405060001}\Update.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\lphctvoj0e57v.exe
C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\COMMON~1\ikzo\ikzom.exe
C:\Program Files\Csvnro\Csvnro.exe
C:\Program Files\Belkin\F5D8053v4\BelkinWCUI.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\pphctvoj0e57v.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\PROGRA~1\COMMON~1\ikzo\ikzol.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...RIO&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...RIO&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...RIO&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...RIO&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TY...RIO&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...RIO&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TY...RIO&pf=desktop
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCCBHO.CPCCBHO - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - C:\Program Files\Winferno\PC Confidential\PCCBHO.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [{7C622FEF-089C-1033-0413-060405060001}] "C:\Program Files\Common Files\{7C622FEF-089C-1033-0413-060405060001}\Update.exe" te-110-12-0000213
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [{7C622FEF-089B-1033-0413-060405060001}] "C:\Program Files\Common Files\{7C622FEF-089B-1033-0413-060405060001}\Update.exe" te-110-12-0000213
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [{7C622FEF-089D-1033-0413-060405060001}] "C:\Program Files\Common Files\{7C622FEF-089D-1033-0413-060405060001}\Update.exe" te-110-12-0000213
O4 - HKLM\..\Run: [ALCMTR] ALCMTR.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [lphctvoj0e57v] C:\WINDOWS\system32\lphctvoj0e57v.exe
O4 - HKLM\..\Run: [SMrhcpvoj0e57v] C:\Program Files\rhcpvoj0e57v\rhcpvoj0e57v.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Sxpv] C:\WINDOWS\S?mantec\w?auboot.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ikzo] C:\PROGRA~1\COMMON~1\ikzo\ikzom.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Uhqif] C:\WINDOWS\?racle\r?ndll32.exe
O4 - HKCU\..\Run: [Atdntep] "C:\Documents and Settings\Compaq_Administrator\My Documents\?dobe\j?vaw.exe"
O4 - HKCU\..\Run: [Dbbxpi] C:\WINDOWS\system32\s?stem32\?ti2evxx.exe
O4 - HKCU\..\Run: [Wvrmaf] C:\WINDOWS\?racle\m?iexec.exe
O4 - HKCU\..\Run: [Mdlhgl] C:\WINDOWS\system32\?ymantec\??rvices.exe
O4 - HKCU\..\Run: [QdrModule12] "C:\Program Files\QdrModule\QdrModule12.exe"
O4 - HKCU\..\Run: [Csvnro] C:\Program Files\Csvnro\Csvnro.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9e.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: Belkin Wireless Networking Utility.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\IA\command.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SeekeenSrch Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\SeekeenSrch\seekeen155.exe
--
End of file - 8932 bytes
-
Okay that gives us a start. Quite a collection of Malware you have there. Before beginning to fix anything I'd like to get a better look at things so we know where we stand.
Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds.scr to run the tool. - When done, DDS will open two (2) logs:
- DDS.txt
- Attach.txt
- Save both reports to your desktop. Post them back to your topic.
++++++++++++++++++++++++++
Download This file. Note its name and save it to your root folder, such as C:\.
- Disconnect from the Internet and close all running programs.
- Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.
- Click on this link to see a list of programs that should be disabled.
- Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")
- Allow the driver to load if asked.
- You may be prompted to scan immediately if it detects rootkit activity.
- If you are prompted to scan your system click "Yes" to begin the scan.
- If not prompted, click the "Rootkit/Malware" tab.
- On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked.
- Select all drives that are connected to your system to be scanned.
- Click the Scan button to begin. (Please be patient as it can take some time to complete)
- When the scan is finished, click Save to save the scan results to your Desktop.
- Save the file as Results.log and copy/paste the contents in your next reply.
- Exit the program and re-enable all active protection when done.
-
dds
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-12-01.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 12/31/2006 11:26:45 AM
System Uptime: 2/28/2010 2:04:26 PM (0 hours ago)
Motherboard: ASUSTek Computer INC. | | NAGAMI2L
Processor: AMD Athlon(tm) 64 Processor 3500+ | Socket 939 | 2204/199mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 104 GiB total, 86.841 GiB free.
D: is FIXED (FAT32) - 8 GiB total, 0.504 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
==== Disabled Device Manager Items =============
==== System Restore Points ===================
No restore point in system.
==== Hosts File Hijack ======================
Hosts: 192.168.200.3 ad.doubleclick.net
Hosts: 192.168.200.3 ad.fastclick.net
Hosts: 192.168.200.3 ads.fastclick.net
Hosts: 192.168.200.3 atdmt.com
Hosts: 192.168.200.3 avp.ch
Hosts: 192.168.200.3 avp.com
Hosts: 192.168.200.3 avp.ru
Hosts: 192.168.200.3 awaps.net
Hosts: 192.168.200.3 banner.fastclick.net
Hosts: 192.168.200.3 banners.fastclick.net
Hosts: 192.168.200.3 ca.com
Hosts: 192.168.200.3 click.atdmt.com
Hosts: 192.168.200.3 clicks.atdmt.com
Hosts: 192.168.200.3 customer.symantec.com
Hosts: 192.168.200.3 dispatch.mcafee.com
Hosts: 192.168.200.3 download.mcafee.com
Hosts: 192.168.200.3 download.microsoft.com
Hosts: 192.168.200.3 downloads-us1.kaspersky-labs.com
Hosts: 192.168.200.3 downloads.microsoft.com
Hosts: 192.168.200.3 downloads1.kaspersky-labs.com
Hosts: 192.168.200.3 downloads2.kaspersky-labs.com
Hosts: 192.168.200.3 downloads3.kaspersky-labs.com
Hosts: 192.168.200.3 downloads4.kaspersky-labs.com
Hosts: 192.168.200.3 engine.awaps.net
Hosts: 192.168.200.3 f-secure.com
Hosts: 192.168.200.3 fastclick.net
Hosts: 192.168.200.3 ftp.avp.ch
Hosts: 192.168.200.3 ftp.f-secure.com
Hosts: 192.168.200.3 ftp.kasperskylab.ru
Hosts: 192.168.200.3 ftp.sophos.com
Hosts: 192.168.200.3 go.microsoft.com
Hosts: 192.168.200.3 ids.kaspersky-labs.com
Hosts: 192.168.200.3 kaspersky-labs.com
Hosts: 192.168.200.3 kaspersky.com
Hosts: 192.168.200.3 liveupdate.symantec.com
Hosts: 192.168.200.3 liveupdate.symantecliveupdate.com
Hosts: 192.168.200.3 mast.mcafee.com
Hosts: 192.168.200.3 mcafee.com
Hosts: 192.168.200.3 microsoft.com
Hosts: 192.168.200.3 msdn.microsoft.com
Hosts: 192.168.200.3 my-etrust.com
Hosts: 192.168.200.3 nai.com
Hosts: 192.168.200.3 networkassociates.com
Hosts: 192.168.200.3 office.microsoft.com
Hosts: 192.168.200.3 pandasoftware.com
Hosts: 192.168.200.3 phx.corporate-ir.net
Hosts: 192.168.200.3 rads.mcafee.com
Hosts: 192.168.200.3 secure.nai.com
Hosts: 192.168.200.3 securityresponse.symantec.com
Hosts: 192.168.200.3 service1.symantec.com
Hosts: 192.168.200.3 sophos.com
Hosts: 192.168.200.3 support.microsoft.com
Hosts: 192.168.200.3 symantec.com
Hosts: 192.168.200.3 trendmicro.com
Hosts: 192.168.200.3 update.symantec.com
Hosts: 192.168.200.3 updates.symantec.com
Hosts: 192.168.200.3 updates5.kaspersky-labs.com
Hosts: 192.168.200.3 us.mcafee.com
Hosts: 192.168.200.3 vil.nai.com
Hosts: 192.168.200.3 viruslist.com
Hosts: 192.168.200.3 viruslist.ru
Hosts: 192.168.200.3 virusscan.jotti.org
Hosts: 192.168.200.3 virustotal.com
Hosts: 192.168.200.3 windowsupdate.microsoft.com
Hosts: 192.168.200.3 www.avp.ch
Hosts: 192.168.200.3 www.avp.com
Hosts: 192.168.200.3 www.avp.ru
Hosts: 192.168.200.3 www.awaps.net
Hosts: 192.168.200.3 www.ca.com
Hosts: 192.168.200.3 www.f-secure.com
Hosts: 192.168.200.3 www.kaspersky.com
Hosts: 192.168.200.3 www.kaspersky.ru
Hosts: 192.168.200.3 www.mcafee.com
Hosts: 192.168.200.3 www.microsoft.com
Hosts: 192.168.200.3 www.my-etrust.com
Hosts: 192.168.200.3 www.nai.com
Hosts: 192.168.200.3 www.networkassociates.com
Hosts: 192.168.200.3 www.pandasoftware.com
Hosts: 192.168.200.3 www.sophos.com
Hosts: 192.168.200.3 www.symantec.com
Hosts: 192.168.200.3 www.symantec.com
Hosts: 192.168.200.3 www.trendmicro.com
Hosts: 192.168.200.3 www.viruslist.com
Hosts: 192.168.200.3 www.viruslist.ru
Hosts: 192.168.200.3 www.virustotal.com
Hosts: 192.168.200.3 www3.ca.com
==== Installed Programs ======================
Adobe Flash Player ActiveX
Adobe Reader 7.0.5
AIM 6
Ancient Sudoku
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoImpression 4
Belkin N Wireless USB Adapter Setup
Blackhawk Striker 2
Bookworm Deluxe
Bounce Symphony
BufferChm
Chuzzle Deluxe
Compaq Connections (remove only)
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_LightScribeConfig
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
cp_PosterPrintConfig
cp_UpdateProjectsConfig
Csvnro
CueTour
Dasher
Data Fax SoftModem with SmartCP
Destinations
DeviceManagementQFolder
Diner Dash
Easy Internet Sign-up
ERUNT 1.1j
Fairies
FATE
Flip Words
FullDPAppQFolder
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB893357)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Hotfix for Windows XP (KB906569)
Hotfix for Windows XP (KB912024)
Hotfix for Windows XP (KB935448)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB979306)
HP DVD Play 2.1
HP Game Console
HP Imaging Device Functions 7.0
HP Photosmart Premier Software 6.5
HP Rhapsody
HP Software Update
HP Support Overview
HPPhotoSmartExpress
HpSdpAppCoreApp
Insaniquarium Deluxe
InstantShareDevices
iTunes
Jewel Quest
LightScribe 1.4.84.1
Mah Jong Quest
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Away Mode
Microsoft Money 2006
Microsoft Office 2000 Disc 2
Microsoft Office 2003 Edition 60 Days Trial Welcome Tour
Microsoft Office Standard Edition 2003
Microsoft Works
MSN
MSXML 4.0 SP2 (KB973688)
Netscape Browser (remove only)
OptionalContentQFolder
PC-Doctor 5 for Windows
PC Confidential 2008
PhoTags Express
PhotoGallery
Poker Superstars
Polar Bowler
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
Quicken 2006
QuickTime
RandMap
RCT3 Soaked
RealPlayer
Realtek High Definition Audio Driver
Remove WeatherBug Installer
Rhapsody
Rhapsody Player Engine
Ricochet Lost Worlds
RollerCoaster TycoonŽ 3
Safari
SCRABBLE
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978706)
Seekeen 1.0 build 155
SkinsHP1
SlideShow
SlideShowMusic
Slingo Deluxe
Snowy The Bears Adventure
Sonic Express Labeler
Sonic MyDVD Plus
Sonic_PrimoSDK
Spybot - Search & Destroy
Tennis Titans
Tornado Jockey
Tradewinds
Unload
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB912945)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Update for Windows XP (KB953356)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB978207)
Update Rollup 2 for Windows XP Media Center Edition 2005
Viewpoint Media Player
WebFldrs XP
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB892050
Windows XP Hotfix - KB893066
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB912067
Windows XP Media Center Edition 2005 KB973768
==== Event Viewer Messages From Past Week ========
2/28/2010 11:07:46 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 1.1 Service Pack 1 Security Update for Windows 2000, Windows XP, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 (KB953297).
2/28/2010 11:02:44 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
==== End Of File ===========================
-
2nd
DDS (Ver_09-12-01.01) - NTFSx86
Run by Compaq_Administrator at 14:10:55.42 on Sun 02/28/2010
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.702.353 [GMT -5:00]
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\{7C622FEF-089C-1033-0413-060405060001}\Update.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\lphctvoj0e57v.exe
C:\WINDOWS\IA\command.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\COMMON~1\ikzo\ikzom.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Csvnro\Csvnro.exe
C:\Program Files\Belkin\F5D8053v4\BelkinWCUI.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Documents and Settings\All Users\Application Data\SeekeenSrch\seekeen155.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\pphctvoj0e57v.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\SeekeenSrch\seekeen.exe
C:\Program Files\Safari\Safari.exe
C:\PROGRA~1\COMMON~1\ikzo\ikzol.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Compaq_Administrator\Desktop\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.hotmail.com/
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=63&bd=PRESARIO&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PRESARIO&pf=desktop
uSearch Bar = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=63&bd=PRESARIO&pf=desktop
mDefault_Search_URL = hxxp://www.google.com/ie
mSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PRESARIO&pf=desktop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=63&bd=PRESARIO&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PRESARIO&pf=desktop
uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=63&bd=PRESARIO&pf=desktop
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: PCCBHO.CPCCBHO: {22fc6ce8-7d47-479f-b74a-bfbb04adb9af} - c:\program files\winferno\pc confidential\PCCBHO.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {C1B4DEC2-2623-438E-9CA2-C9043AB28508} - No File
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
EB: {12DA1BC4-5384-42fd-A119-3C99D2D146A2} - No File
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Sxpv] c:\windows\s?mantec\w?auboot.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [ikzo] c:\progra~1\common~1\ikzo\ikzom.exe
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
uRun: [Uhqif] c:\windows\?racle\r?ndll32.exe
uRun: [Atdntep] "c:\documents and settings\compaq_administrator\my documents\?dobe\j?vaw.exe"
uRun: [Dbbxpi] c:\windows\system32\s?stem32\?ti2evxx.exe
uRun: [Wvrmaf] c:\windows\?racle\m?iexec.exe
uRun: [Mdlhgl] c:\windows\system32\?ymantec\??rvices.exe
uRun: [QdrModule12] "c:\program files\qdrmodule\QdrModule12.exe"
uRun: [Csvnro] c:\program files\csvnro\Csvnro.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [AlwaysReady Power Message APP] ARPWRMSG.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [<NO NAME>]
mRun: [PCDrProfiler]
mRun: [Reminder] "c:\windows\creator\Remind_XP.exe"
mRun: [{7C622FEF-089C-1033-0413-060405060001}] "c:\program files\common files\{7c622fef-089c-1033-0413-060405060001}\Update.exe" te-110-12-0000213
mRun: [HP Software Update] c:\program files\hp\hp software update\HPwuSchd2.exe
mRun: [{7C622FEF-089B-1033-0413-060405060001}] "c:\program files\common files\{7c622fef-089b-1033-0413-060405060001}\Update.exe" te-110-12-0000213
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [{7C622FEF-089D-1033-0413-060405060001}] "c:\program files\common files\{7c622fef-089d-1033-0413-060405060001}\Update.exe" te-110-12-0000213
mRun: [ALCMTR] ALCMTR.EXE
mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe
mRun: [lphctvoj0e57v] c:\windows\system32\lphctvoj0e57v.exe
mRun: [SMrhcpvoj0e57v] c:\program files\rhcpvoj0e57v\rhcpvoj0e57v.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil9e.exe
StartupFolder: c:\docume~1\compaq~1\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\belkin~1.lnk - c:\program files\belkin\f5d8053v4\BelkinWCUI.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - c:\program files\winferno\pc confidential\PCConfidential.exe
IE: {925DAB62-F9AC-4221-806A-057BFB1014AA} - c:\program files\winferno\pc confidential\PCConfidential.exe
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
Hosts: 192.168.200.3 ad.doubleclick.net
Hosts: 192.168.200.3 ad.fastclick.net
Hosts: 192.168.200.3 ads.fastclick.net
Hosts: 192.168.200.3 atdmt.com
Hosts: 192.168.200.3 avp.ch
Note: multiple HOSTS entries found. Please refer to Attach.txt
============= SERVICES / DRIVERS ===============
R2 cmdService;Command Service;c:\windows\ia\command.exe [2007-6-3 293888]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 SeekeenSrch Service;SeekeenSrch Service;c:\documents and settings\all users\application data\seekeensrch\seekeen155.exe [2010-2-26 4608]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2009-1-10 517632]
=============== Created Last 30 ================
2010-02-28 16:24:56 60512 ---ha-w- c:\windows\system32\mlfcache.dat
2010-02-28 16:21:33 94208 ----a-w- c:\windows\system32\pphctvoj0e57v.exe
2010-02-28 16:06:22 0 d-----w- c:\windows\ServicePackFiles
2010-02-28 16:05:42 0 d-----w- c:\program files\MSXML 4.0
2010-02-27 04:06:13 0 ----a-w- c:\windows\system32\atmtd.dll.tmp
2010-02-26 23:11:47 0 d-----w- c:\program files\Spybot - Search & Destroy
==================== Find3M ====================
2010-02-26 23:45:19 94208 ----a-w- c:\windows\system32\C7.tmp
2010-02-26 23:45:08 94208 ----a-w- c:\windows\system32\C6.tmp
2010-02-26 23:43:42 94208 ----a-w- c:\windows\system32\C5.tmp
2010-02-26 23:42:48 94208 ----a-w- c:\windows\system32\C4.tmp
2010-02-26 23:42:01 94208 ----a-w- c:\windows\system32\C3.tmp
2010-02-26 23:41:09 94208 ----a-w- c:\windows\system32\C2.tmp
2010-02-26 23:40:44 94208 ----a-w- c:\windows\system32\C1.tmp
2010-02-26 23:39:00 94208 ----a-w- c:\windows\system32\C0.tmp
2010-02-26 23:37:16 94208 ----a-w- c:\windows\system32\BF.tmp
2010-02-26 23:36:03 94208 ----a-w- c:\windows\system32\BE.tmp
2010-02-26 23:35:50 94208 ----a-w- c:\windows\system32\BD.tmp
2010-02-26 23:35:21 94208 ----a-w- c:\windows\system32\BC.tmp
2010-02-26 23:34:55 94208 ----a-w- c:\windows\system32\BB.tmp
2010-02-26 23:33:48 94208 ----a-w- c:\windows\system32\B9.tmp
2010-02-26 23:32:34 94208 ----a-w- c:\windows\system32\B8.tmp
2010-02-26 23:28:18 94208 ----a-w- c:\windows\system32\B7.tmp
2010-02-26 23:27:25 94208 ----a-w- c:\windows\system32\B6.tmp
2010-02-26 23:25:53 94208 ----a-w- c:\windows\system32\B5.tmp
2010-02-26 23:25:37 94208 ----a-w- c:\windows\system32\B2.tmp
2010-02-26 23:25:05 94208 ----a-w- c:\windows\system32\B1.tmp
2010-02-26 23:24:43 94208 ----a-w- c:\windows\system32\B0.tmp
2010-02-26 23:24:32 94208 ----a-w- c:\windows\system32\AF.tmp
2010-02-26 23:23:53 94208 ----a-w- c:\windows\system32\AE.tmp
2010-02-26 23:23:45 94208 ----a-w- c:\windows\system32\AD.tmp
2010-02-26 23:23:31 94208 ----a-w- c:\windows\system32\AC.tmp
2010-02-26 23:23:07 94208 ----a-w- c:\windows\system32\AB.tmp
2010-02-26 23:22:07 94208 ----a-w- c:\windows\system32\AA.tmp
2010-02-26 23:21:54 94208 ----a-w- c:\windows\system32\A9.tmp
2010-02-26 23:21:41 94208 ----a-w- c:\windows\system32\A8.tmp
2010-02-26 23:21:33 94208 ----a-w- c:\windows\system32\A7.tmp
2010-02-26 23:21:09 94208 ----a-w- c:\windows\system32\A6.tmp
2010-02-26 23:20:49 94208 ----a-w- c:\windows\system32\A5.tmp
2010-02-26 23:20:30 94208 ----a-w- c:\windows\system32\A4.tmp
2010-02-26 23:18:06 94208 ----a-w- c:\windows\system32\A3.tmp
2009-12-31 16:14:12 352640 ------w- c:\windows\system32\drivers\srv.sys
2009-12-31 16:14:12 352640 ------w- c:\windows\system32\dllcache\srv.sys
2009-12-16 13:35:58 18432 ------w- c:\windows\system32\dllcache\iedw.exe
2009-12-16 12:58:04 343040 ------w- c:\windows\system32\mspaint.exe
2009-12-16 12:58:04 343040 ------w- c:\windows\system32\dllcache\mspaint.exe
2009-12-14 07:35:35 33280 ------w- c:\windows\system32\dllcache\csrsrv.dll
2009-12-14 07:35:35 33280 ------w- c:\windows\system32\csrsrv.dll
2009-12-08 08:59:48 474112 ------w- c:\windows\system32\dllcache\shlwapi.dll
2009-12-04 14:41:55 453760 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2005-08-02 20:46:54 187904 --sha-r- c:\windows\ia\asappsrv.dll
2005-08-02 20:58:38 293888 --sha-r- c:\windows\ia\command.exe
2005-07-29 20:24:26 472 --sha-r- c:\windows\ia\KE.vbs
============= FINISH: 14:11:42.53 ===============
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules