Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't download the DDS program on the infected computer


  • This topic is locked This topic is locked
2 replies to this topic

#1 maw4bc

maw4bc

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:23 AM

Posted 30 December 2008 - 04:44 PM

I have been hit with the Spyware Gaurd 2008 virus and anytime I try to go to a security website like the bleepingcomputer.com then it redirects me more doesn't allow me to connect to the specific files. ie, DDS.

http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

I am reading through that post above right now trying to go step by step but I cant get the computer to download DDS.

What should I do?

Here is the hijackthis log that I just ran. The spyware program keeps popping up but I keep ending the process.

*******HIJACKTHIS LOG STARTS BELOW************
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:46:52 PM, on 12/30/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32alg.exe
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32winscenter.exe
C:WINDOWSsystem32hkcmd.exe
C:WINDOWSBCMSMMSG.exe
C:Program FilesJavajre1.6.0_05binjusched.exe
C:Program FilesGoogleGmail Notifiergnotify.exe
C:Program FilesWinampwinampa.exe
C:Program FilesiTunesiTunesHelper.exe
C:WINDOWSsystem32rundll32.exe
C:DOCUME~1OwnerLOCALS~1Tempwinlogin.exe
C:DOCUME~1OwnerLOCALS~1Tempwinloggn.exe
C:WINDOWSsystem32rundll32.exe
C:WINDOWSsystem32devldr32.exe
C:WINDOWSsystem32ctfmon.exe
C:Documents and SettingsOwnerApplication Datagadcomgadcom.exe
C:Program FilespalmOneHotsync.exe
C:Program FilesKeyspanRemoteKDMRdmn.exe
C:Program FilesSouthwest AirlinesDingDing.exe
C:Program FilesiPodbiniPodService.exe
C:Program FilesJavajre1.6.0_05binjucheck.exe
C:DOCUME~1OwnerLOCALS~1Tempcsrssc.exe
C:Documents and SettingsOwnerDesktopHiJackThis.exe
C:Documents and SettingsOwnerApplication DataMicrosoftWindowsdpvewpy.exe
C:Documents and SettingsOwnerApplication DataSpeedRunnerSpeedRunner.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:WINDOWSsystem32wbemwmiprvse.exe

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: UserInit=C:WINDOWSsystem32userinit.exe,C:WINDOWSsystem32wsnpoema.exe,
O4 - HKLM..Run: [IgfxTray] C:WINDOWSsystem32igfxtray.exe
O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSsystem32hkcmd.exe
O4 - HKLM..Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.6.0_05binjusched.exe"
O4 - HKLM..Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:Program FilesGoogleGmail Notifiergnotify.exe
O4 - HKLM..Run: [ppmate] C:Program FilesPPMatePPMateppmate.exe -autoplay
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKLM..Run: [AppleSyncNotifier] C:Program FilesCommon FilesAppleMobile Device SupportbinAppleSyncNotifier.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeQTTask.exe" -atboottime
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [prunnet] "C:WINDOWSsystem32prunnet.exe"
O4 - HKLM..Run: [74caf52a] rundll32.exe "C:WINDOWSsystem32sbdhaner.dll",b
O4 - HKLM..Run: [xsjfn83jkemfofght] C:DOCUME~1OwnerLOCALS~1Tempwinlogin.exe
O4 - HKLM..Run: [jsf8j34rgfght] C:DOCUME~1OwnerLOCALS~1Tempwinloggn.exe
O4 - HKLM..Run: [Wtobiyuno] rundll32.exe "C:WINDOWSGrorisixejig.dll",e
O4 - HKLM..Run: [spywareguard] C:Program FilesSpyware Guard 2008spywareguard.exe
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [prunnet] "C:WINDOWSsystem32prunnet.exe"
O4 - HKCU..Run: [gadcom] "C:Documents and SettingsOwnerApplication Datagadcomgadcom.exe" 61A847B5BBF728173599284503996897C881250221C8670836AC4FA7C8833201749139
O4 - HKCU..Run: [xsjfn83jkemfofght] C:DOCUME~1OwnerLOCALS~1Tempwinlogin.exe
O4 - HKCU..Run: [jsf8j34rgfght] C:DOCUME~1OwnerLOCALS~1Tempwinloggn.exe
O4 - HKCU..Run: [Jnskdfmf9eldfd] C:DOCUME~1OwnerLOCALS~1Tempcsrssc.exe
O4 - HKCU..Run: [SpeedRunner] C:Documents and SettingsOwnerApplication DataSpeedRunnerSpeedRunner.exe
O4 - HKCU..Run: [SfKg6wIP] C:Documents and SettingsOwnerApplication DataMicrosoftWindowsdpvewpy.exe
O4 - Startup: DING!.lnk = C:Program FilesSouthwest AirlinesDingDing.exe
O4 - Startup: palmOne Registration.lnk = C:Program FilespalmOneregister.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: HotSync Manager.lnk = C:Program FilespalmOneHotsync.exe
O4 - Global Startup: Keyspan Remote.lnk = C:Program FilesKeyspanRemoteKDMRdmn.exe
O7 - HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem, DisableRegedit=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_05binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_05binssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1163036061928
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1163117847546
O17 - HKLMSystemCCSServicesTcpip..{BDCD6AD3-97FC-4283-B95E-F1BF9DD8C7B0}: NameServer = 194.54.89.145 194.54.89.145
O20 - AppInit_DLLs: dbowiv.dll
O21 - SSODL: ieModule - {556A364A-ED3C-4299-A5DE-4E0407449BDF} - C:Documents and SettingsAll UsersApplication DataMicrosoftInternet ExplorerDLLsieModule.dll
O21 - SSODL: InternetConnection - {2503365E-1E65-4094-A30C-C5C082A07564} - C:Documents and SettingsAll UsersApplication DataMicrosoftInternet ExplorerDLLsiajrpilsxi.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe

--
End of file - 7320 bytes

Merged posts. ~ OB

Edited by Orange Blossom, 30 December 2008 - 10:30 PM.


BC AdBot (Login to Remove)

 


#2 maw4bc

maw4bc
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:23 AM

Posted 01 January 2009 - 02:53 PM

please lock this thread. I am getting help elsewhere. thanks

#3 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:02:23 PM

Posted 05 January 2009 - 09:54 AM

Thank you for notify us.. I will now close this topic.. Please pm any Moderator or HijackThis Team should you need to re-open this topic..


Regards
fenzodahl512

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users