• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
Amber Lynn

Vista - Check up & HijackThis Trouble

6 posts in this topic

Hello!

I am new to this site an have read the FAQ forum. My computer is only a little over a year old, but my Systematic Endpoint Protection expired about 2 months ago and I don't really have the cash to update it. I haven't noticed much wrong, but I am very paranoid. I have run Spybot - Search & Destroy (which found no problems) and Malwarebytes (which found one problem, which it resolved). I have included the Malwarebytes logfile below.

I also downloaded the newest version of HijackThis (2.0.2); however, because I am so computer illiterate, I have no idea where the zipped folder was saved. Due to this, I am unable to extract the files and move them from a temprary folder to a permanent folder. This may attribute to the fact that I was unable to obtain a logfile from HijackThis. I was given this message instead:

 

"For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, HijackThis may NOT be able to fix this.

 

If that happens, you need to edit the file yourself. To do this, click Start, Run and type:

 

notepad C:\Windows\System32\drivers\etc\hosts

 

and press Enter. Find the line(s) HijackThis reports and delete them.

Save the file as 'hosts.' (with quotes), and reboot.

 

For Vista: simply, exit HijackThis, right click on the HijackThis icon, choose 'Run as administrator'."

 

I would be very grateful if you could help me to resolve my HijackThis dilemma and just check on my computer to ensure that everything is running smoothly.

 

Thank you,

Amber

 

Malwarebytes' Anti-Malware 1.38

Database version: 2374

Windows 6.0.6001 Service Pack 1

 

7/4/2009 10:10:59 PM

mbam-log-2009-07-04 (22-10-59).txt

 

Scan type: Quick Scan

Objects scanned: 95711

Time elapsed: 11 minute(s), 50 second(s)

 

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

 

Memory Processes Infected:

(No malicious items detected)

 

Memory Modules Infected:

(No malicious items detected)

 

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

 

Registry Values Infected:

(No malicious items detected)

 

Registry Data Items Infected:

(No malicious items detected)

 

Folders Infected:

(No malicious items detected)

 

Files Infected:

(No malicious items detected)

Share this post


Link to post
Share on other sites

Welcome to SWI. We apologize for the delay; our helpers have been very busy.

If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

 

Thank you for your patience.

 

[this is an automated reply]

Share this post


Link to post
Share on other sites

Hi,

 

Download DDS from here:

http://www.forospyware.com/sUBs/dds

 

Double-click on the icon and let the scan run. When it has run two logs will be produced, please post the one that is not minimised.

 

jedi

Share this post


Link to post
Share on other sites

DDS (Ver_09-06-26.01) - NTFSx86

Run by Amber at 17:54:34.58 on Thu 07/09/2009

Internet Explorer: 8.0.6001.18783

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2037.600 [GMT -4:00]

 

AV: Symantec Endpoint Protection *On-access scanning enabled* (Outdated) {FB06448E-52B8-493A-90F3-E43226D3305C}

SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

SP: Symantec Endpoint Protection *enabled* (Outdated) {6C85A515-B91D-4D2B-AF18-40984A4A8493}

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FW: Symantec Endpoint Protection *enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Dell\DellDock\DockLogin.exe

C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\WLTRYSVC.EXE

C:\Windows\System32\bcmwltry.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\aestsrv.exe

C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\rpcnet.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\Windows\system32\STacSV.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe

C:\Windows\System32\TSKMAN.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe

C:\Program Files\Dell\DellDock\DellDock.exe

C:\Windows\system32\conime.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Windows\OEM02Mon.exe

C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Windows\System32\WLTRAY.EXE

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Dell\MediaDirect\PCMService.exe

C:\Program Files\Common Files\AOL\1217543721\ee\aolsoftware.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\AIM\aim.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe

C:\Program Files\Creative Live! Cam\VideoFX\StartFX.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\vssvc.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\System32\wscript.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Common Files\Symantec Shared\COH\coh32.exe

C:\Users\Amber\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FERO9ITK\dds[1].pif

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://www.google.com/

uWindow Title = Internet Explorer provided by Dell

uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1080725

uInternet Settings,ProxyOverride = *.local

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll

BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.15642\swg.dll

BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll

TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll

uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe

uRun: [AIM] c:\program files\aim\aim.exe -cnetwait.odl

uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [ECenter] c:\dell\e-center\EULALauncher.exe

mRun: [Apoint] c:\program files\delltpad\Apoint.exe

mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe

mRun: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s

mRun: [iAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"

mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"

mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"

mRun: [<NO NAME>]

mRun: [HostManager] c:\program files\common files\aol\1217543721\ee\AOLSoftware.exe

mRun: [DSKEY] c:\windows\system32\DsKey.exe

mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [Microsoft Pinyin IME Migration] c:\progra~1\common~1\micros~1\ime12l~1\imesc\IMSCMig.exe /INSTALL

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

StartupFolder: c:\users\amber\appdata\roaming\micros~1\windows\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www1.snapfish.com/SnapfishActivia.cab

DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUplden-us.cab

DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab

DPF: {700EF03F-A472-4D26-8ACB-300F4D04FD96} - hxxps://www.lojackforlaptops.com/ctmweb/testoc.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {95D88B35-A521-472B-A182-BB1A98356421} - hxxp://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab

DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {E5168F0C-8591-11D4-BCDF-006008B7FEA4} - hxxp://www.platoweb01.com/pathways/pway_iis.dll/pwln/02040611/fullcab/pwlninst.cab

DPF: {E6D23284-0E9B-417D-A782-03E4487FC947} - hxxp://asp.mathxl.com/books/_Players/MathPlayer.cab

Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll

Notify: igfxcui - igfxdev.dll

AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL

 

============= SERVICES / DRIVERS ===============

 

R2 {2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7};{2E444BE9-B8EC-4CE6-8C2B-6536FB7F4FB7};c:\program files\dell\mediadirect\000.fcl [2008-7-24 39408]

R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2008-7-24 73728]

R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-4-28 161048]

R3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-7-16 23888]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-3-3 101936]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-7-24 111616]

R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\system32\drivers\OEM02Dev.sys [2008-7-24 235648]

R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\system32\drivers\OEM02Vfx.sys [2008-7-24 7424]

S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxLiveShare10.exe [2008-5-14 309744]

S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxWatch10.exe [2008-5-14 166384]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-7-4 1153368]

S2 SessionLauncher;SessionLauncher;c:\users\admini~1\appdata\local\temp\dx9\sessionlauncher.exe --> c:\users\admini~1\appdata\local\temp\dx9\SessionLauncher.exe [?]

S3 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe [2008-5-14 1120752]

S3 Smcinst;Symantec Auto-upgrade Agent;c:\program files\symantec\symantec endpoint protection\smclu\setup\smcinst.exe --> c:\program files\symantec\symantec endpoint protection\smclu\setup\smcinst.exe [?]

 

=============== Created Last 30 ================

 

2009-07-04 21:56 <DIR> --d----- c:\users\amber\appdata\roaming\Malwarebytes

2009-07-04 21:56 <DIR> --d----- c:\program files\Trend Micro

2009-07-04 21:56 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys

2009-07-04 21:56 19,096 a------- c:\windows\system32\drivers\mbam.sys

2009-07-04 21:56 <DIR> --d----- c:\programdata\Malwarebytes

2009-07-04 21:56 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware

2009-07-04 21:56 <DIR> --d----- c:\progra~2\Malwarebytes

2009-07-04 21:56 <DIR> --d----- c:\programdata\Spybot - Search & Destroy

2009-07-04 21:56 <DIR> --d----- c:\program files\Spybot - Search & Destroy

2009-07-04 21:56 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy

2009-07-04 21:15 97,800 a------- c:\windows\system32\infocardapi.dll

2009-07-04 21:15 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2009-07-04 21:15 622,080 a------- c:\windows\system32\icardagt.exe

2009-07-04 21:15 37,384 a------- c:\windows\system32\infocardcpl.cpl

2009-07-04 21:15 43,544 a------- c:\windows\system32\PresentationHostProxy.dll

2009-07-04 21:15 11,264 a------- c:\windows\system32\icardres.dll

2009-07-04 21:15 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll

2009-07-04 21:15 326,160 a------- c:\windows\system32\PresentationHost.exe

2009-07-04 21:07 96,760 a------- c:\windows\system32\dfshim.dll

2009-07-04 21:07 282,112 a------- c:\windows\system32\mscoree.dll

2009-07-04 21:07 41,984 a------- c:\windows\system32\netfxperf.dll

2009-07-04 21:07 158,720 a------- c:\windows\system32\mscorier.dll

2009-07-04 21:07 83,968 a------- c:\windows\system32\mscories.dll

2009-07-04 21:06 1,638,912 a------- c:\windows\system32\mshtml.tlb

2009-07-04 21:05 71,680 a------- c:\windows\system32\iesetup.dll

2009-07-04 21:05 915,456 a------- c:\windows\system32\wininet.dll

2009-07-04 21:05 1,469,440 a------- c:\windows\system32\inetcpl.cpl

2009-06-18 19:11 428,544 a------- c:\windows\system32\EncDec.dll

2009-06-18 19:11 293,376 a------- c:\windows\system32\psisdecd.dll

2009-06-18 19:11 217,088 a------- c:\windows\system32\psisrndr.ax

2009-06-18 19:11 177,664 a------- c:\windows\system32\mpg2splt.ax

2009-06-18 19:11 80,896 a------- c:\windows\system32\MSNP.ax

2009-06-09 19:19 2,033,152 a------- c:\windows\system32\win32k.sys

2009-06-09 19:19 636,928 a------- c:\windows\system32\localspl.dll

2009-06-09 19:19 784,896 a------- c:\windows\system32\rpcrt4.dll

 

==================== Find3M ====================

 

2009-07-09 17:48 17,408 a------- c:\windows\system32\rpcnetp.exe

2009-07-04 21:38 56,680 a------- c:\windows\system32\rpcnet.dll

2009-07-04 21:38 17,408 a------- c:\windows\system32\rpcnetp.dll

2009-06-07 19:35 56,680 a------- c:\windows\system32\rpcnet.exe

2009-05-01 18:20 348,160 a------- c:\windows\system32\msvcr71.dll

2009-04-14 15:54 143,360 a------- c:\windows\inf\infstrng.dat

2009-04-14 15:54 86,016 a------- c:\windows\inf\infstor.dat

2009-04-14 15:54 51,200 a------- c:\windows\inf\infpub.dat

2008-11-09 21:44 56 a---h--- c:\programdata\ezsidmv.dat

2008-11-09 21:44 56 a---h--- c:\progra~2\ezsidmv.dat

2008-08-26 12:21 61,224 a------- c:\users\amber\GoToAssistDownloadHelper.exe

2008-08-01 08:23 665,600 a------- c:\windows\inf\drvindex.dat

2008-08-01 08:12 1,844 a------- c:\users\amber\appdata\roaming\install.dat

2008-01-20 22:43 174 a--sh--- c:\program files\desktop.ini

2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat

2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat

2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat

2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat

2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat

2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat

2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat

2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

2008-07-24 19:55 76 ---shr-- c:\windows\CT4CET.bin

 

============= FINISH: 17:55:24.27 ===============

Share this post


Link to post
Share on other sites

Hi again,

 

I can't see anything obviously wrong, and no sign of infection. However, if you can't afford to update Symantec I suggest you remove it and replace with a free anti-virus such as AntiVir:

http://www.free-av.com/

as an out-of-date Anti-Virus gives a false sense of security and not much protection.

 

Download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

jedi

Share this post


Link to post
Share on other sites

Since the issue appears to be resolved this Topic is closed.

 

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

 

Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0