Options
Please help with MIRAR virus... I think
Here is the log stuff... and a brief description.
Computer is a family system, using IE and Firefox, primarily IE. Things have been running smoothly, then literally, the system drops to it's knees while on the net. MIRAR seems to be the thing that turns up in searching the net... we are getting a good deal less pop-ups now, but the system seems to churn and struggle. I am able to access the net on Firefox with relative ease, but the pop-ups still show from time.
Now the Mirar toolbar is taken off... but the computer WILL NOT allow me to access the net without running a fast scan with SpyHunter. This problem has grown to make the computer an absolute waste of time to use for ANY web work. The laptop seems to be my only access.
I wrote for some help in another forum, but it is not being looked into from what I can tell. I hope it doesn't sound rude, I know everyone needs some help, but to not even acknowlege that I posted a thread about this problem?
I have all but given up, not that seeking help from you guys is the last resort... but I am just soooo tired of dealing with this problem.
Here is the log...
DDS (Version 1.0) - NTFSx86
Run by Change My Name at 10:59:36.40 on Wed 12/10/2008
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_07
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3326.2657 [GMT -5:00]
============== Running Processes ===============
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\sesinetd.exe
C:\WINDOWS\system32\hserver.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\Pen_Tablet.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\AT&T\Internet Security Wizard\ISW.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
J:\Program Files\Alias\Alias SketchBook Pro 2.0\AliasSketchSnap.exe
C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Change My Name\Desktop\dds.com
============== Pseudo HJT Report ===============
uStart Page = www.att.net
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - c:\progra~1\atttoo~1\ATTTOO~1.DLL
BHO: {53707962-6F74-2D53-2644-206D7942484F} - j:\program files\spybot - search & destroy\SDHelper.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {9471023d-6a2e-42c9-a0e2-349145951dfd} - c:\windows\system32\zisuruhi.dll
BHO: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - c:\progra~1\atttoo~1\ATTTOO~1.DLL
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - c:\progra~1\atttoo~1\ATTTOO~1.DLL
TB: {AC6C1A78-FB89-4AD9-B6A8-0770211AB22C} - c:\windows\system32\winqc77.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [igndlm.exe] c:\program files\download manager\DLM.exe /windowsstart /startifwork
uRun: [<NO NAME>]
uRun: [cdloader] "c:\documents and settings\change my name\application data\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [PinnacleDriverCheck] c:\windows\system32\\PSDrvCheck.exe
mRun: [KBD] c:\hp\kbd\KBD.EXE
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [AlcxMonitor] ALCXMNTR.EXE
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [ISW.exe] "c:\program files\at&t\internet security wizard\ISW.exe" /AUTORUN
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [wehizedezu] Rundll32.exe "c:\windows\system32\ponimero.dll",s
mRun: [CPMb7134bff] Rundll32.exe "c:\windows\system32\vebenone.dll",a
mRun: [b4207863] rundll32.exe "c:\windows\system32\hejapive.dll",b
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\change~1\startm~1\programs\startup\memturbo.lnk - c:\documents and settings\change my name\local settings\temp\rarsfx0\MemTurbo.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\aliass~1.lnk - j:\program files\alias\alias sketchbook pro 2.0\AliasSketchSnap.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\datavi~1.lnk - c:\program files\common files\dataviz\DvzIncMsgr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hotsyn~1.lnk - c:\program files\palm\Hotsync.exe
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {2D663D1A-8670-49D9-A1A5-4C56B4E14E84}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {FB858B22-55E2-413f-87F5-30ADC5552151} - c:\program files\plotsoft\pdfill\DownloadPDF.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {FB858B22-55E2-413f-87F5-30ADC5552151} - c:\program files\plotsoft\pdfill\DownloadPDF.exe
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp3.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: NavLogon - c:\windows\system32\NavLogon.dll
Notify: WRNotifier - WRLogonNTF.dll
AppInit_DLLs: c:\windows\system32\rivonugo.dll c:\windows\system32\vebenone.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\vebenone.dll
STS: {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\vebenone.dll
SEH: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - c:\progra~1\wifd1f~1\MpShHook.dll
LSA: Notification Packages = scecli c:\windows\system32\rivonugo.dll
============= SERVICES / DRIVERS ===============
R1 c2scsi;c2scsi;c:\windows\system32\drivers\c2scsi.sys [2007-5-30 241664]
R1 SAVRT;SAVRT;\??\c:\program files\symantec antivirus\savrt.sys [2005-2-4 324232]
R1 SAVRTPEL;SAVRTPEL;\??\c:\program files\symantec antivirus\Savrtpel.sys [2005-2-4 53896]
R1 vcdrom;Virtual CD-ROM Device Driver;\??\c:\virtual_iso\VCdRom.sys [2001-12-19 8576]
R2 aawservice;Ad-Aware 2007 Service;"c:\program files\lavasoft\ad-aware 2007\aawservice.exe" [2007-9-25 574808]
R2 ccSetMgr;Symantec Settings Manager;"c:\program files\common files\symantec shared\ccSetMgr.exe" [2005-6-2 161392]
R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2007-10-18 1373480]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine;"c:\program files\webroot\spy sweeper\SpySweeper.exe" [2008-12-8 3379264]
R2 WinDefend;Windows Defender;"c:\program files\windows defender\MsMpEng.exe" [2006-11-3 13592]
R3 NAVENG;NAVENG;\??\c:\progra~1\common~1\symant~1\virusd~1\20081205.008\naveng.sys [2008-12-5 89104]
R3 NAVEX15;NAVEX15;\??\c:\progra~1\common~1\symant~1\virusd~1\20081205.008\navex15.sys [2008-12-5 876112]
S3 ccEvtMgr;Symantec Event Manager;"c:\program files\common files\symantec shared\ccEvtMgr.exe" [2005-6-2 185968]
S3 ccPwdSvc;Symantec Password Validation;"c:\program files\common files\symantec shared\ccPwdSvc.exe" [2005-6-2 83568]
S3 hamachi_oem;PlayLinc Adapter;c:\windows\system32\drivers\gan_adapter.sys [2006-8-28 10664]
S3 HPUATA;HP CD Writer Plus Controller Driver;c:\windows\system32\drivers\HPUATA.sys [2008-11-8 92704]
S3 IKFileSec;File Security Driver;c:\windows\system32\drivers\ikfilesec.sys [2008-12-7 40840]
S3 IKSysFlt;System Filter Driver;c:\windows\system32\drivers\iksysflt.sys [2008-12-7 66952]
S3 IKSysSec;System Security Driver;c:\windows\system32\drivers\iksyssec.sys [2008-12-7 81288]
S3 SavRoam;SAVRoam;"c:\program files\symantec antivirus\SavRoam.exe" [2005-6-23 124608]
S3 sdAuxService;PC Tools Auxiliary Service;j:\program files\spyware doctor\pctsAuxs.exe [2008-12-7 356920]
S3 sdCoreService;PC Tools Security Service;j:\program files\spyware doctor\pctsSvc.exe [2008-12-7 1079176]
S3 Symantec AntiVirus;Symantec AntiVirus;"c:\program files\symantec antivirus\Rtvscan.exe" [2005-6-23 1715904]
=============== Created Last 30 ================
2008-12-10 01:26 1,494,311 ---sh--- c:\windows\system32\evipajeh.ini
2008-12-09 21:56 <DIR> --d
C:\SDFix
2008-12-09 13:25 1,493,474 ---sh--- c:\windows\system32\utiwabon.ini
2008-12-09 10:44 <DIR> --d
c:\program files\Enigma Software Group
2008-12-09 05:23 2,695 a
c:\windows\system32\TDSSdxcp.dll
2008-12-09 05:23 485 a
c:\windows\system32\TDSSmtve.dat
2008-12-09 05:23 60,416 a
c:\windows\system32\drivers\TDSSmxjt.sys
2008-12-09 01:24 1,472,183 ---sh--- c:\windows\system32\ekerujew.ini
2008-12-08 22:55 144,960 a
c:\windows\system32\drivers\ssidrv.sys
2008-12-08 22:55 22,080 a
c:\windows\system32\drivers\sshrmd.sys
2008-12-08 22:55 21,056 a
c:\windows\system32\drivers\sskbfd.sys
2008-12-08 22:55 20,544 a
c:\windows\system32\drivers\SSFS0509.sys
2008-12-08 22:55 <DIR> --d
c:\program files\Webroot
2008-12-08 22:55 <DIR> --d
c:\docume~1\alluse~1\applic~1\Webroot
2008-12-08 22:53 <DIR> --d
c:\docume~1\change~1\applic~1\Webroot
2008-12-08 22:53 <DIR> --d
c:\program files\TeaTimer (Spybot - Search & Destroy)
2008-12-08 22:53 <DIR> --d
c:\program files\SDHelper (Spybot - Search & Destroy)
2008-12-08 22:53 <DIR> --d
c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2008-12-08 22:53 <DIR> --d
c:\program files\File Scanner Library (Spybot - Search & Destroy)
2008-12-08 22:52 <DIR> --d
c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2008-12-08 22:41 <DIR> --d
c:\windows\system32\GroupPolicy
2008-12-07 22:45 <DIR> --d
c:\docume~1\change~1\applic~1\temp
2008-12-07 21:33 81,288 a
c:\windows\system32\drivers\iksyssec.sys
2008-12-07 21:33 66,952 a
c:\windows\system32\drivers\iksysflt.sys
2008-12-07 21:33 40,840 a
c:\windows\system32\drivers\ikfilesec.sys
2008-12-07 21:33 29,576 a
c:\windows\system32\drivers\kcom.sys
2008-12-07 21:33 <DIR> --d
c:\docume~1\change~1\applic~1\PC Tools
2008-12-05 00:41 <DIR> --d
c:\docume~1\change~1\applic~1\DAZ 3D
2008-11-29 21:50 <DIR> --d
c:\docume~1\change~1\applic~1\Autodesk
2008-11-23 02:54 57,436 a
c:\windows\DASShp.dll
2008-11-21 13:54 455,296 -c
c:\windows\system32\dllcache\mrxsmb.sys
2008-11-21 13:53 1,106,944 -c
c:\windows\system32\dllcache\msxml3.dll
2008-11-21 11:01 <DIR> --d
c:\docume~1\change~1\applic~1\AT&T
2008-11-21 11:01 <DIR> --d
c:\program files\AT&T
2008-11-21 11:01 <DIR> --d
c:\docume~1\alluse~1\applic~1\AT&T
2008-11-21 11:01 <DIR> --d
c:\docume~1\alluse~1\applic~1\ATTToolbar
2008-11-21 11:01 <DIR> --d
c:\program files\ATTToolbar
2008-11-21 11:01 <DIR> --d
c:\docume~1\change~1\applic~1\ATTToolbar
2008-11-21 11:01 <DIR> --d
c:\program files\Yahoo!
2008-11-19 22:50 <DIR> --d
c:\program files\att-nap
2008-11-19 22:50 <DIR> --d
c:\program files\common files\Motive
2008-11-14 18:02 <DIR> --d
c:\windows\system32\XPSViewer
2008-11-14 18:01 14,048
c:\windows\system32\spmsg2.dll
2008-11-14 18:00 <DIR> --d
c:\windows\system32\xlive
==================== Find3M ====================
2008-12-10 01:25 87,137 a--sh--- c:\windows\system32\hejapive.dll
2008-12-10 01:25 94,389 a--sh--- c:\windows\system32\vebenone.dll
2008-12-09 13:24 94,489 a--sh--- c:\windows\system32\hozegupo.dll
2008-12-09 13:24 86,626
c:\windows\system32\nobawitu.dll
2008-12-09 01:24 89,289
c:\windows\system32\wejureke.dll
2008-12-09 01:24 93,784 a--sh--- c:\windows\system32\vafubamu.dll
2008-11-09 01:11 4,096 a
c:\windows\d3dx.dat
2008-10-28 22:10 3,341,824 a
c:\windows\system32\drivers\ati2mtag.sys
2008-10-28 21:23 425,984 a
c:\windows\system32\ATIDEMGX.dll
2008-10-28 21:22 314,880 a
c:\windows\system32\ati2dvag.dll
2008-10-28 21:11 188,416 a
c:\windows\system32\atipdlxx.dll
2008-10-28 21:11 147,456 a
c:\windows\system32\Oemdspif.dll
2008-10-28 21:11 26,112 a
c:\windows\system32\Ati2mdxx.exe
2008-10-28 21:11 43,520 a
c:\windows\system32\ati2edxx.dll
2008-10-28 21:10 10,973,184 a
c:\windows\system32\atioglxx.dll
2008-10-28 21:10 143,360 a
c:\windows\system32\ati2evxx.dll
2008-10-28 21:09 585,728 a
c:\windows\system32\ati2evxx.exe
2008-10-28 21:07 53,248 a
c:\windows\system32\ATIDDC.DLL
2008-10-28 21:05 593,920
c:\windows\system32\ati2sgag.exe
2008-10-28 20:57 4,041,472 a
c:\windows\system32\ati3duag.dll
2008-10-28 20:49 307,200 a
c:\windows\system32\atiiiexx.dll
2008-10-28 20:41 2,472,832 a
c:\windows\system32\ativvaxx.dll
2008-10-28 20:25 48,640 a
c:\windows\system32\amdpcom32.dll
2008-10-28 20:21 389,120 a
c:\windows\system32\atikvmag.dll
2008-10-28 20:19 44,032 a
c:\windows\system32\atiadlxx.dll
2008-10-28 20:19 17,408 a
c:\windows\system32\atitvo32.dll
2008-10-28 20:18 53,248 a
c:\windows\system32\drivers\ati2erec.dll
2008-10-28 20:18 253,952 a
c:\windows\system32\atiok3x2.dll
2008-10-28 20:12 577,536 a
c:\windows\system32\ati2cqag.dll
2008-10-24 06:21 455,296 a
c:\windows\system32\drivers\mrxsmb.sys
2008-10-21 12:51 118,784 a
c:\windows\system32\atibrtmon.exe
2008-10-16 14:06 268,648 a
c:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 a
c:\windows\system32\muweb.dll
2008-10-06 23:25 107,888 a
c:\windows\system32\CmdLineExt.dll
2008-09-30 16:43 1,286,152 a
c:\windows\system32\msxml4.dll
2008-09-15 07:12 1,846,400 a
c:\windows\system32\win32k.sys
2008-07-12 21:15 2,516 a--sh--- c:\docume~1\alluse~1\applic~1\KGyGaAvL.sys
2008-07-10 23:55 8 ---shr-- c:\docume~1\alluse~1\applic~1\2BA15D7CE6.sys
2007-11-28 22:28 4 a--shr-t c:\docume~1\alluse~1\applic~1\sysqcl1129139270.dat
2008-09-09 01:18 62,976 a--sh--- c:\windows\system32\ponimero.dll
2008-09-09 01:18 62,976 a--sh--- c:\windows\system32\rivonugo.dll
2008-09-09 01:18 62,976 a--sh--- c:\windows\system32\zisuruhi.dll
2008-07-27 22:07 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008072720080728\index.dat
============= FINISH: 11:00:09.57 ===============
Computer is a family system, using IE and Firefox, primarily IE. Things have been running smoothly, then literally, the system drops to it's knees while on the net. MIRAR seems to be the thing that turns up in searching the net... we are getting a good deal less pop-ups now, but the system seems to churn and struggle. I am able to access the net on Firefox with relative ease, but the pop-ups still show from time.
Now the Mirar toolbar is taken off... but the computer WILL NOT allow me to access the net without running a fast scan with SpyHunter. This problem has grown to make the computer an absolute waste of time to use for ANY web work. The laptop seems to be my only access.
I wrote for some help in another forum, but it is not being looked into from what I can tell. I hope it doesn't sound rude, I know everyone needs some help, but to not even acknowlege that I posted a thread about this problem?
I have all but given up, not that seeking help from you guys is the last resort... but I am just soooo tired of dealing with this problem.
Here is the log...
DDS (Version 1.0) - NTFSx86
Run by Change My Name at 10:59:36.40 on Wed 12/10/2008
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_07
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3326.2657 [GMT -5:00]
============== Running Processes ===============
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\sesinetd.exe
C:\WINDOWS\system32\hserver.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\Pen_Tablet.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\AT&T\Internet Security Wizard\ISW.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
J:\Program Files\Alias\Alias SketchBook Pro 2.0\AliasSketchSnap.exe
C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Change My Name\Desktop\dds.com
============== Pseudo HJT Report ===============
uStart Page = www.att.net
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - c:\progra~1\atttoo~1\ATTTOO~1.DLL
BHO: {53707962-6F74-2D53-2644-206D7942484F} - j:\program files\spybot - search & destroy\SDHelper.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {9471023d-6a2e-42c9-a0e2-349145951dfd} - c:\windows\system32\zisuruhi.dll
BHO: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - c:\progra~1\atttoo~1\ATTTOO~1.DLL
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - c:\progra~1\atttoo~1\ATTTOO~1.DLL
TB: {AC6C1A78-FB89-4AD9-B6A8-0770211AB22C} - c:\windows\system32\winqc77.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [igndlm.exe] c:\program files\download manager\DLM.exe /windowsstart /startifwork
uRun: [<NO NAME>]
uRun: [cdloader] "c:\documents and settings\change my name\application data\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [PinnacleDriverCheck] c:\windows\system32\\PSDrvCheck.exe
mRun: [KBD] c:\hp\kbd\KBD.EXE
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [AlcxMonitor] ALCXMNTR.EXE
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [ISW.exe] "c:\program files\at&t\internet security wizard\ISW.exe" /AUTORUN
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [wehizedezu] Rundll32.exe "c:\windows\system32\ponimero.dll",s
mRun: [CPMb7134bff] Rundll32.exe "c:\windows\system32\vebenone.dll",a
mRun: [b4207863] rundll32.exe "c:\windows\system32\hejapive.dll",b
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\change~1\startm~1\programs\startup\memturbo.lnk - c:\documents and settings\change my name\local settings\temp\rarsfx0\MemTurbo.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\aliass~1.lnk - j:\program files\alias\alias sketchbook pro 2.0\AliasSketchSnap.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\datavi~1.lnk - c:\program files\common files\dataviz\DvzIncMsgr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hotsyn~1.lnk - c:\program files\palm\Hotsync.exe
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {2D663D1A-8670-49D9-A1A5-4C56B4E14E84}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {FB858B22-55E2-413f-87F5-30ADC5552151} - c:\program files\plotsoft\pdfill\DownloadPDF.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {FB858B22-55E2-413f-87F5-30ADC5552151} - c:\program files\plotsoft\pdfill\DownloadPDF.exe
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp3.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: NavLogon - c:\windows\system32\NavLogon.dll
Notify: WRNotifier - WRLogonNTF.dll
AppInit_DLLs: c:\windows\system32\rivonugo.dll c:\windows\system32\vebenone.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\vebenone.dll
STS: {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\vebenone.dll
SEH: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - c:\progra~1\wifd1f~1\MpShHook.dll
LSA: Notification Packages = scecli c:\windows\system32\rivonugo.dll
============= SERVICES / DRIVERS ===============
R1 c2scsi;c2scsi;c:\windows\system32\drivers\c2scsi.sys [2007-5-30 241664]
R1 SAVRT;SAVRT;\??\c:\program files\symantec antivirus\savrt.sys [2005-2-4 324232]
R1 SAVRTPEL;SAVRTPEL;\??\c:\program files\symantec antivirus\Savrtpel.sys [2005-2-4 53896]
R1 vcdrom;Virtual CD-ROM Device Driver;\??\c:\virtual_iso\VCdRom.sys [2001-12-19 8576]
R2 aawservice;Ad-Aware 2007 Service;"c:\program files\lavasoft\ad-aware 2007\aawservice.exe" [2007-9-25 574808]
R2 ccSetMgr;Symantec Settings Manager;"c:\program files\common files\symantec shared\ccSetMgr.exe" [2005-6-2 161392]
R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2007-10-18 1373480]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine;"c:\program files\webroot\spy sweeper\SpySweeper.exe" [2008-12-8 3379264]
R2 WinDefend;Windows Defender;"c:\program files\windows defender\MsMpEng.exe" [2006-11-3 13592]
R3 NAVENG;NAVENG;\??\c:\progra~1\common~1\symant~1\virusd~1\20081205.008\naveng.sys [2008-12-5 89104]
R3 NAVEX15;NAVEX15;\??\c:\progra~1\common~1\symant~1\virusd~1\20081205.008\navex15.sys [2008-12-5 876112]
S3 ccEvtMgr;Symantec Event Manager;"c:\program files\common files\symantec shared\ccEvtMgr.exe" [2005-6-2 185968]
S3 ccPwdSvc;Symantec Password Validation;"c:\program files\common files\symantec shared\ccPwdSvc.exe" [2005-6-2 83568]
S3 hamachi_oem;PlayLinc Adapter;c:\windows\system32\drivers\gan_adapter.sys [2006-8-28 10664]
S3 HPUATA;HP CD Writer Plus Controller Driver;c:\windows\system32\drivers\HPUATA.sys [2008-11-8 92704]
S3 IKFileSec;File Security Driver;c:\windows\system32\drivers\ikfilesec.sys [2008-12-7 40840]
S3 IKSysFlt;System Filter Driver;c:\windows\system32\drivers\iksysflt.sys [2008-12-7 66952]
S3 IKSysSec;System Security Driver;c:\windows\system32\drivers\iksyssec.sys [2008-12-7 81288]
S3 SavRoam;SAVRoam;"c:\program files\symantec antivirus\SavRoam.exe" [2005-6-23 124608]
S3 sdAuxService;PC Tools Auxiliary Service;j:\program files\spyware doctor\pctsAuxs.exe [2008-12-7 356920]
S3 sdCoreService;PC Tools Security Service;j:\program files\spyware doctor\pctsSvc.exe [2008-12-7 1079176]
S3 Symantec AntiVirus;Symantec AntiVirus;"c:\program files\symantec antivirus\Rtvscan.exe" [2005-6-23 1715904]
=============== Created Last 30 ================
2008-12-10 01:26 1,494,311 ---sh--- c:\windows\system32\evipajeh.ini
2008-12-09 21:56 <DIR> --d
C:\SDFix
2008-12-09 13:25 1,493,474 ---sh--- c:\windows\system32\utiwabon.ini
2008-12-09 10:44 <DIR> --d
c:\program files\Enigma Software Group
2008-12-09 05:23 2,695 a
c:\windows\system32\TDSSdxcp.dll
2008-12-09 05:23 485 a
c:\windows\system32\TDSSmtve.dat
2008-12-09 05:23 60,416 a
c:\windows\system32\drivers\TDSSmxjt.sys
2008-12-09 01:24 1,472,183 ---sh--- c:\windows\system32\ekerujew.ini
2008-12-08 22:55 144,960 a
c:\windows\system32\drivers\ssidrv.sys
2008-12-08 22:55 22,080 a
c:\windows\system32\drivers\sshrmd.sys
2008-12-08 22:55 21,056 a
c:\windows\system32\drivers\sskbfd.sys
2008-12-08 22:55 20,544 a
c:\windows\system32\drivers\SSFS0509.sys
2008-12-08 22:55 <DIR> --d
c:\program files\Webroot
2008-12-08 22:55 <DIR> --d
c:\docume~1\alluse~1\applic~1\Webroot
2008-12-08 22:53 <DIR> --d
c:\docume~1\change~1\applic~1\Webroot
2008-12-08 22:53 <DIR> --d
c:\program files\TeaTimer (Spybot - Search & Destroy)
2008-12-08 22:53 <DIR> --d
c:\program files\SDHelper (Spybot - Search & Destroy)
2008-12-08 22:53 <DIR> --d
c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2008-12-08 22:53 <DIR> --d
c:\program files\File Scanner Library (Spybot - Search & Destroy)
2008-12-08 22:52 <DIR> --d
c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2008-12-08 22:41 <DIR> --d
c:\windows\system32\GroupPolicy
2008-12-07 22:45 <DIR> --d
c:\docume~1\change~1\applic~1\temp
2008-12-07 21:33 81,288 a
c:\windows\system32\drivers\iksyssec.sys
2008-12-07 21:33 66,952 a
c:\windows\system32\drivers\iksysflt.sys
2008-12-07 21:33 40,840 a
c:\windows\system32\drivers\ikfilesec.sys
2008-12-07 21:33 29,576 a
c:\windows\system32\drivers\kcom.sys
2008-12-07 21:33 <DIR> --d
c:\docume~1\change~1\applic~1\PC Tools
2008-12-05 00:41 <DIR> --d
c:\docume~1\change~1\applic~1\DAZ 3D
2008-11-29 21:50 <DIR> --d
c:\docume~1\change~1\applic~1\Autodesk
2008-11-23 02:54 57,436 a
c:\windows\DASShp.dll
2008-11-21 13:54 455,296 -c
c:\windows\system32\dllcache\mrxsmb.sys
2008-11-21 13:53 1,106,944 -c
c:\windows\system32\dllcache\msxml3.dll
2008-11-21 11:01 <DIR> --d
c:\docume~1\change~1\applic~1\AT&T
2008-11-21 11:01 <DIR> --d
c:\program files\AT&T
2008-11-21 11:01 <DIR> --d
c:\docume~1\alluse~1\applic~1\AT&T
2008-11-21 11:01 <DIR> --d
c:\docume~1\alluse~1\applic~1\ATTToolbar
2008-11-21 11:01 <DIR> --d
c:\program files\ATTToolbar
2008-11-21 11:01 <DIR> --d
c:\docume~1\change~1\applic~1\ATTToolbar
2008-11-21 11:01 <DIR> --d
c:\program files\Yahoo!
2008-11-19 22:50 <DIR> --d
c:\program files\att-nap
2008-11-19 22:50 <DIR> --d
c:\program files\common files\Motive
2008-11-14 18:02 <DIR> --d
c:\windows\system32\XPSViewer
2008-11-14 18:01 14,048
c:\windows\system32\spmsg2.dll
2008-11-14 18:00 <DIR> --d
c:\windows\system32\xlive
==================== Find3M ====================
2008-12-10 01:25 87,137 a--sh--- c:\windows\system32\hejapive.dll
2008-12-10 01:25 94,389 a--sh--- c:\windows\system32\vebenone.dll
2008-12-09 13:24 94,489 a--sh--- c:\windows\system32\hozegupo.dll
2008-12-09 13:24 86,626
c:\windows\system32\nobawitu.dll
2008-12-09 01:24 89,289
c:\windows\system32\wejureke.dll
2008-12-09 01:24 93,784 a--sh--- c:\windows\system32\vafubamu.dll
2008-11-09 01:11 4,096 a
c:\windows\d3dx.dat
2008-10-28 22:10 3,341,824 a
c:\windows\system32\drivers\ati2mtag.sys
2008-10-28 21:23 425,984 a
c:\windows\system32\ATIDEMGX.dll
2008-10-28 21:22 314,880 a
c:\windows\system32\ati2dvag.dll
2008-10-28 21:11 188,416 a
c:\windows\system32\atipdlxx.dll
2008-10-28 21:11 147,456 a
c:\windows\system32\Oemdspif.dll
2008-10-28 21:11 26,112 a
c:\windows\system32\Ati2mdxx.exe
2008-10-28 21:11 43,520 a
c:\windows\system32\ati2edxx.dll
2008-10-28 21:10 10,973,184 a
c:\windows\system32\atioglxx.dll
2008-10-28 21:10 143,360 a
c:\windows\system32\ati2evxx.dll
2008-10-28 21:09 585,728 a
c:\windows\system32\ati2evxx.exe
2008-10-28 21:07 53,248 a
c:\windows\system32\ATIDDC.DLL
2008-10-28 21:05 593,920
c:\windows\system32\ati2sgag.exe
2008-10-28 20:57 4,041,472 a
c:\windows\system32\ati3duag.dll
2008-10-28 20:49 307,200 a
c:\windows\system32\atiiiexx.dll
2008-10-28 20:41 2,472,832 a
c:\windows\system32\ativvaxx.dll
2008-10-28 20:25 48,640 a
c:\windows\system32\amdpcom32.dll
2008-10-28 20:21 389,120 a
c:\windows\system32\atikvmag.dll
2008-10-28 20:19 44,032 a
c:\windows\system32\atiadlxx.dll
2008-10-28 20:19 17,408 a
c:\windows\system32\atitvo32.dll
2008-10-28 20:18 53,248 a
c:\windows\system32\drivers\ati2erec.dll
2008-10-28 20:18 253,952 a
c:\windows\system32\atiok3x2.dll
2008-10-28 20:12 577,536 a
c:\windows\system32\ati2cqag.dll
2008-10-24 06:21 455,296 a
c:\windows\system32\drivers\mrxsmb.sys
2008-10-21 12:51 118,784 a
c:\windows\system32\atibrtmon.exe
2008-10-16 14:06 268,648 a
c:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 a
c:\windows\system32\muweb.dll
2008-10-06 23:25 107,888 a
c:\windows\system32\CmdLineExt.dll
2008-09-30 16:43 1,286,152 a
c:\windows\system32\msxml4.dll
2008-09-15 07:12 1,846,400 a
c:\windows\system32\win32k.sys
2008-07-12 21:15 2,516 a--sh--- c:\docume~1\alluse~1\applic~1\KGyGaAvL.sys
2008-07-10 23:55 8 ---shr-- c:\docume~1\alluse~1\applic~1\2BA15D7CE6.sys
2007-11-28 22:28 4 a--shr-t c:\docume~1\alluse~1\applic~1\sysqcl1129139270.dat
2008-09-09 01:18 62,976 a--sh--- c:\windows\system32\ponimero.dll
2008-09-09 01:18 62,976 a--sh--- c:\windows\system32\rivonugo.dll
2008-09-09 01:18 62,976 a--sh--- c:\windows\system32\zisuruhi.dll
2008-07-27 22:07 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008072720080728\index.dat
============= FINISH: 11:00:09.57 ===============
0
Comments
Apologies for the delay; there are not enough helpers to respond to every thread.
If you still require help, I'd need to see a HijackThis log.
Download HJTInstall.exe to your Desktop.