Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hello I have problems


  • This topic is locked This topic is locked
2 replies to this topic

#1 mycatwilatackyou

mycatwilatackyou

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:09 AM

Posted 24 December 2008 - 07:49 PM

Not sure what all this means. I have combofix and HJthis ready to go. Please help me.. Thanks in advance
Mike


DDS (Version 1.1.0) - NTFSx86
Run by Ranger at 16:44:27.00 on 2008-12-24
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_07
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3582.2928 [GMT -8:00]

AV: AVG 7.5.552 *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\RapidSolution\Scramby\ScrambyServer.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\Program Files\Common Files\AOL\1207398632\ee\AOLSoftware.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\BOINC\boinctray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Power DVD Player\PowerDVDPlayer.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\BOINC\boincmgr.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\SEC\Natural Color Pro\NCProTray.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\explorer.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\PROGRA~1\Grisoft\AVG7\avgwb.dat
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Ranger\Desktop\HiJackThis.exe
C:\Program Files\AOL 9.1\waol.exe
C:\Program Files\AOL 9.1\shellmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Ranger\Desktop\ADMIN__\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: D'Accord Music Software Toolbar: {c4225628-e1f3-4fd1-ab0b-b24c84bcf12f} - c:\program files\d'accord_music_software\tbD'Ac.dll
BHO: N/A: {11b52e0a-ad2a-4d13-b3c7-9a5efb8e3a0d} - c:\windows\system32\zelovumi.dll
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
TB: D'Accord Music Software Toolbar: {c4225628-e1f3-4fd1-ab0b-b24c84bcf12f} - c:\program files\d'accord_music_software\tbD'Ac.dll
uRun: [igndlm.exe] c:\program files\download manager\DLM.exe /windowsstart /startifwork
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [Power DVD Player] "c:\program files\power dvd player\PowerDVDPlayer.exe" hmw
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [AdobeUpdater] c:\program files\common files\adobe\updater5\AdobeUpdater.exe
uRun: [AOL Fast Start] "c:\program files\aol 9.1\AOL.EXE" -b
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SkyTel] SkyTel.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [razer] c:\program files\razer\copperhead\razerhid.exe
mRun: [HostManager] c:\program files\common files\aol\1207398632\ee\AOLSoftware.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [AVG7_CC] c:\progra~1\grisoft\avg7\avgcc.exe /STARTUP
mRun: [boinctray] "c:\program files\boinc\boinctray.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [UVS10 Preload] c:\program files\ulead systems\ulead videostudio se dvd\uvPL.exe
mRun: [CPM03591ba8] Rundll32.exe "c:\windows\system32\fupipivo.dll",a
mRun: [herokipobo] Rundll32.exe "c:\windows\system32\zehigipu.dll",s
dRun: [AVG7_Run] c:\progra~1\grisoft\avg7\avgw.exe /RUNONCE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\boincm~1.lnk - c:\program files\boinc\boincmgr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\interv~1.lnk - c:\program files\intervideo\common\bin\WinCinemaMgr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ncprot~1.lnk - c:\program files\sec\natural color pro\NCProTray.exe
IE: Add Hyperlink iComment - c:\program files\icomment 1.0.21\iComment.dll/267
IE: Add Picture iComment - c:\program files\icomment 1.0.21\iComment.dll/267
IE: Add Text iComment - c:\program files\icomment 1.0.21\iComment.dll/267
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {9005D5D6-4DD4-4D15-B550-2CCE057D6E86} - {9005D5D6-4DD4-4D15-B550-2CCE057D6E86}
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: moove.com
AppInit_DLLs: c:\windows\system32\fupipivo.dll,c:\windows\system32\yitefuko.dll
SSODL: SmartChkMsg - {006313C4-E1F2-4202-C58C-077F78BBAE59} - c:\program files\igqgqwb\SmartChkMsg.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\fupipivo.dll
STS: c:\windows\system32\fupipivo.dll
LSA: Notification Packages = scecli c:\windows\system32\yitefuko.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\ranger\applic~1\mozilla\firefox\profiles\ppm0xvvd.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\program files\download manager\npfpdlm.dll
FF - plugin: c:\program files\google\google updater\2.4.1368.5602\npCIDetect13.dll
FF - plugin: c:\program files\microsoft silverlight\npctrl.1.0.20926.0.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R1 Avg7Core;AVG7 Kernel;c:\windows\system32\drivers\avg7core.sys [2008-6-21 821856]
R1 Avg7RsW;AVG7 Wrap Driver;c:\windows\system32\drivers\avg7rsw.sys [2008-6-21 4224]
R1 Avg7RsXP;AVG7 Resident Driver XP;c:\windows\system32\drivers\avg7rsxp.sys [2008-6-21 27776]
R1 AvgClean;AVG7 Clean Driver;c:\windows\system32\drivers\avgclean.sys [2008-6-21 10760]
R2 aawservice;Lavasoft Ad-Aware Service;"c:\program files\lavasoft\ad-aware\aawservice.exe" [2008-7-7 611664]
R2 Avg7Alrt;AVG7 Alert Manager Server;c:\progra~1\grisoft\avg7\avgamsvr.exe [2008-6-21 418816]
R2 Avg7UpdSvc;AVG7 Update Service;c:\progra~1\grisoft\avg7\avgupsvc.exe [2008-6-21 49664]
R2 AVGEMS;AVG E-mail Scanner;c:\progra~1\grisoft\avg7\avgemc.exe [2008-6-21 406528]
R2 AvgTdi;AVG Network Redirector;c:\windows\system32\drivers\avgtdi.sys [2008-6-21 4960]
R2 BOINC;BOINC;"c:\program files\boinc\boinc.exe" -daemon [2008-9-19 721664]
R2 ScrambyServer;Scramby Server;"c:\program files\rapidsolution\scramby\ScrambyServer.exe" [2008-2-15 675840]
R3 scramby_out;Scramby Output;c:\windows\system32\drivers\scramby_out.sys [2007-8-8 23840]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2007-12-19 21920]
S3 AODService;AODService;c:\program files\amd\overdrive\AODAssist []
S3 Razerlow;Razer Copperhead Driver;c:\windows\system32\drivers\Razerlow.sys [2008-4-4 19020]
S3 STV679;NMS Video Camera (Webcam);c:\windows\system32\drivers\STV679.sys [2008-7-23 91648]
S3 STV679m;NMS Video Camera (Webcam)m;c:\windows\system32\drivers\STV679m.sys [2008-7-23 6144]

=============== Created Last 30 ================

2008-12-24 14:42 1,603,494 ---sh--- c:\windows\system32\avamuboz.ini
2008-12-24 14:37 2,885,786 a----r-- C:\ComboFix.exe
2008-12-24 14:30 88,576 a------- c:\windows\system32\AntiXPVSTFix.exe
2008-12-22 22:31 97 a------- c:\windows\wininit.ini
2008-12-22 15:04 45,056 a------- c:\windows\system32\cbXQklLE.dll
2008-12-21 09:37 54,156 a---h--- c:\windows\QTFont.qfn
2008-12-21 09:37 1,409 a------- c:\windows\QTFont.for
2008-12-18 09:38 <DIR> --d----- c:\docume~1\ranger\applic~1\MySpace
2008-12-18 09:38 <DIR> --d----- c:\program files\MySpace
2008-12-15 09:49 13,030 a------- C:\PDOXUSRS.NET
2008-12-15 09:49 <DIR> --d----- c:\program files\Minerals
2008-12-11 12:37 42,320 a------- c:\windows\system32\xfcodec.dll
2008-12-07 12:47 <DIR> --d----- C:\Makena
2008-12-07 12:18 <DIR> --d----- c:\program files\ffdshow
2008-12-07 12:12 <DIR> --d----- c:\program files\Utherverse Digital Inc
2008-12-07 09:53 237,568 a------- c:\windows\system32\demoover.exe
2008-12-07 09:53 91,072 a------- c:\windows\system32\RoseCo2.dll
2008-12-07 09:53 82,896 a------- c:\windows\system32\KickCom2.dll
2008-12-07 09:53 974,848 a------- c:\windows\system32\mfc70.dll
2008-12-07 09:53 3,310 a------- c:\windows\system32\advanced.ico
2008-12-07 09:53 1,078 a------- c:\windows\system32\rosewaste.ico
2008-12-07 09:53 <DIR> --d----- C:\moove
2008-12-05 10:15 <DIR> --d----- c:\program files\Multiwinia
2008-12-05 10:15 <DIR> --d----- C:\multiwinia
2008-12-05 10:13 <DIR> --d----- C:\farcry
2008-11-29 20:39 <DIR> --d----- C:\vids

==================== Find3M ====================

2008-12-24 13:10 84,732 a------- c:\windows\system32\zobumava.dll
2008-12-24 13:10 98,979 a------- c:\windows\system32\fupipivo.dll
2008-12-24 12:05 63,752 a--sh--- c:\windows\system32\gugakeje.dll
2008-10-27 10:04 514,384 a------- c:\windows\system32\XAudio2_3.dll
2008-10-27 10:04 235,856 a------- c:\windows\system32\xactengine3_3.dll
2008-10-27 10:04 23,376 a------- c:\windows\system32\X3DAudio1_5.dll
2008-10-27 10:04 70,992 a------- c:\windows\system32\XAPOFX1_2.dll
2008-10-17 09:04 1,522,584 a------- C:\SDFix.exe
2008-10-16 07:59 8 a------- c:\docume~1\alluse~1\applic~1\HCPQMYSGWPP.SYS
2008-10-11 09:55 7,127,456 a------- C:\boinc_6.2.19_windows_intelx86.exe
2008-10-10 04:52 4,379,984 a------- c:\windows\system32\D3DX9_40.dll
2008-10-10 04:52 2,036,576 a------- c:\windows\system32\D3DCompiler_40.dll
2008-10-10 04:52 452,440 a------- c:\windows\system32\d3dx10_40.dll
2008-10-07 16:20 4,905,832 a------- C:\D.Accord_Personal_Guitarist_39822.exe
2008-10-02 15:46 81,920 a------- c:\windows\system32\frapsvid.dll
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2008-04-04 12:53 22,328 a------- c:\docume~1\ranger\applic~1\PnkBstrK.sys
2008-09-24 12:05 43,008 a--sh--- c:\windows\system32\lutovute.dll
2008-09-24 12:05 63,752 a--sh--- c:\windows\system32\zehigipu.dll

============= FINISH: 16:44:52.31 ===============

BC AdBot (Login to Remove)

 


#2 chryssi2001

chryssi2001

  • Members
  • 1,930 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 06 January 2009 - 10:56 AM

Hello mycatwilatackyou,

I apologise for the delay, the forum is extremely busy.

I will be assisting you with your malware issues.
  • Whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.
  • Continue to respond to this thread until I give you the All Clean! If you have any question or you're stuck in there please reply it to me. I will try my best to help you!
  • Please bookmark or favourite this page. In case you need it as reference or etc.
  • If you fail to reply in 5 days period from now, this thread will close, and you will have to open another topic, and wait for another helper.
----------------------------------------------
If you still need help post a HijackThis log.

Do not run Combofix please.
Posted Image
Private Messages for personal support will be ignored. If you need help post in the forum.

#3 chryssi2001

chryssi2001

  • Members
  • 1,930 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 11 January 2009 - 02:57 AM

Due to the lack of feedback, this Topic is now closed and will not be reopened.
If you still need help, begin a new topic.

Applies only to the original poster, anyone else with similar problems please start a new topic.
Posted Image
Private Messages for personal support will be ignored. If you need help post in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users