Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to defrag, several redirectors and other fun stuff


  • Please log in to reply
1 reply to this topic

#1 Charles_Atlanta1

Charles_Atlanta1

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:32 AM

Posted 05 January 2009 - 01:50 AM

I know I have some nasty problems. I have Spyware Doctor on my box but now can't connect with it's server to update definitions nor can I connect for Windows Updates from Microsoft or Northon's site.
I can't run my defrag program either nor can I get CHKDSK to run at bootup.
I was able to use the CD to run Recovery Console and chkdsk but that didn't fix anything.
I've been able to run Spybot Search & Destroy and found lots of things (including redirectors) which the program claimed it removed but I'm still plagued with the above mentioned problems.
I've just run Microsoft's OneCare which found 2 things (Worm: Win32/Bugbear,A@mm and Exploit: Java/byteverifty G) which it removed but still I have the same problems mentioned above.


DDS (Version 1.1.0) - NTFSx86
Run by Charles Adams at 20:14:08.46 on Sun 01/04/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1409 [GMT -5:00]


============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PowerPanelPlus\upssrv.exe
C:\PowerPanelPlus\upsio.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
c:\program files\winamp toolbar\WinampTbServer.exe
C:\Documents and Settings\Charles Adams.250-A\Desktop\dds.scr
C:\WINDOWS\System32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = localhost;*.local
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Uniblue Registry Booster] c:\program files\uniblue\registry booster\RegistryBooster.exe /S
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [BJCFD] c:\program files\broadjump\client foundation\CFD.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [Lexmark X5100 Series] "c:\program files\lexmark x5100 series\lxbabmgr.exe"
mRun: [Ulead AutoDetector v2] c:\program files\common files\ulead systems\autodetector\monitor.exe
mRun: [Ulead Quick-Drop] "c:\program files\ulead systems\ulead dvd moviefactory 4 suite deluxe\ulead quick-drop 1.0\Quick-Drop.exe" WINDOWCALL
mRun: [ADUserMon] c:\program files\iomega\autodisk\ADUserMon.exe
mRun: [LVCOMS] c:\program files\common files\logitech\qcdriver\LVCOMS.EXE
mRun: [zBrowser Launcher] c:\program files\logitech\itouch\iTouch.exe
mRun: [Logitech Utility] Logi_MwX.Exe
mRun: [RoxioDragToDisc] "c:\program files\roxio\easy media creator 7\drag to disc\DrgToDsc.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_01\bin\jusched.exe"
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [HelpCenter4.1] c:\program files\fastaccessdsl\helpcenter43\bin\sprtcmd.exe /P HelpCenter4.1
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Iomega Drive Icons] c:\program files\iomega\driveicons\ImgIcon.exe
mRun: [Deskup] c:\program files\iomega\driveicons\deskup.exe /IMGSTART
mRun: [TrueImageMonitor.exe] c:\program files\acronis\trueimagehome\TrueImageMonitor.exe
mRun: [AcronisTimounterMonitor] c:\program files\acronis\trueimagehome\TimounterMonitor.exe
mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
mRun: [Corel Photo Downloader] c:\program files\corel\corel snapfire plus\Corel Photo Downloader.exe
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\interv~1.lnk - c:\program files\intervideo\common\bin\WinCinemaMgr.exe
IE: &Winamp Search - c:\documents and settings\all users.windows\application data\winamp toolbar\ietoolbar\resources\en-us\local\search.html
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - c:\progra~1\yahoo!\messen~1\YPager.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 relog_ap

============= SERVICES / DRIVERS ===============

R0 IKFileSec;File Security Driver;c:\windows\system32\drivers\ikfilesec.sys [2009-1-4 40840]
R0 ppa;Iomega Parallel Port Filter Driver;c:\windows\system32\drivers\ppa.sys [2007-4-17 17792]
R1 crlscsi;crlscsi;c:\windows\system32\drivers\crlscsi.sys [2007-4-19 6144]
R1 IKSysFlt;System Filter Driver;c:\windows\system32\drivers\iksysflt.sys [2009-1-4 66952]
R1 IKSysSec;System Security Driver;c:\windows\system32\drivers\iksyssec.sys [2009-1-4 81288]
R4 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-1-4 356920]
R4 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2009-1-4 1079176]
S3 MicroVAX_3900_Demo;MicroVAX_3900_Demo;c:\program files\charon\build_88\mv3k9_demo.exe [2008-11-26 978944]

=============== Created Last 30 ================

2009-01-04 16:01 <DIR> --d----- c:\program files\common files\Diskeeper Corporation
2009-01-04 16:01 <DIR> --d----- c:\docume~1\alluse~1.win\applic~1\Diskeeper Corporation
2009-01-04 07:16 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-01-04 07:16 <DIR> --d----- c:\docume~1\alluse~1.win\applic~1\Spybot - Search & Destroy
2009-01-04 06:47 81,288 a------- c:\windows\system32\drivers\iksyssec.sys
2009-01-04 06:47 66,952 a------- c:\windows\system32\drivers\iksysflt.sys
2009-01-04 06:47 40,840 a------- c:\windows\system32\drivers\ikfilesec.sys
2009-01-04 06:47 29,576 a------- c:\windows\system32\drivers\kcom.sys
2009-01-04 06:47 <DIR> --d----- c:\program files\Spyware Doctor
2009-01-03 17:19 102,664 a------- c:\windows\system32\drivers\tmcomm.sys
2009-01-03 17:19 <DIR> --d----- c:\documents and settings\charles adams.250-a\.housecall6.6
2009-01-03 17:14 <DIR> --d----- c:\program files\Norton Security Scan
2009-01-03 09:23 <DIR> --d----- c:\program files\videosoft
2008-12-25 03:06 <DIR> --d----- c:\program files\Virtual Earth 3D
2008-12-25 01:59 <DIR> --d----- c:\program files\iTunes
2008-12-25 01:59 <DIR> --d----- c:\docume~1\alluse~1.win\applic~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-17 18:56 <DIR> --d----- c:\docume~1\charle~1.250\applic~1\AVS4YOU
2008-12-17 18:55 <DIR> --d----- c:\docume~1\alluse~1.win\applic~1\AVS4YOU
2008-12-17 18:54 <DIR> --d----- c:\program files\common files\AVSMedia
2008-12-17 18:54 974,848 a------- c:\windows\system32\mfc70.dll
2008-12-17 18:54 487,424 a------- c:\windows\system32\msvcp70.dll
2008-12-17 18:54 344,064 a------- c:\windows\system32\msvcr70.dll
2008-12-17 18:54 <DIR> --d----- c:\program files\AVS4YOU
2008-12-13 03:53 <DIR> --d----- c:\docume~1\charle~1.250\applic~1\BitTorrent
2008-12-13 03:53 <DIR> --d----- c:\program files\DNA
2008-12-13 03:53 <DIR> --d----- c:\docume~1\charle~1.250\applic~1\DNA
2008-12-12 20:15 33 a------- c:\windows\logimail.INI
2008-12-08 23:55 240 a------- c:\windows\DREAM3D.INI
2008-12-08 23:43 <DIR> --d----- C:\D3DTEMP

==================== Find3M ====================

2009-01-01 04:22 8,404 a--sh--- c:\windows\system32\KGyGaAvL.sys
2008-10-28 21:23 425,984 a------- c:\windows\system32\ATIDEMGX.dll
2008-10-28 21:22 314,880 a------- c:\windows\system32\ati2dvag.dll
2008-10-28 21:11 188,416 a------- c:\windows\system32\atipdlxx.dll
2008-10-28 21:11 147,456 a------- c:\windows\system32\Oemdspif.dll
2008-10-28 21:11 26,112 a------- c:\windows\system32\Ati2mdxx.exe
2008-10-28 21:11 43,520 a------- c:\windows\system32\ati2edxx.dll
2008-10-28 21:10 10,973,184 a------- c:\windows\system32\atioglxx.dll
2008-10-28 21:10 143,360 a------- c:\windows\system32\ati2evxx.dll
2008-10-28 21:09 585,728 a------- c:\windows\system32\ati2evxx.exe
2008-10-28 21:07 53,248 a------- c:\windows\system32\ATIDDC.DLL
2008-10-28 21:05 593,920 -------- c:\windows\system32\ati2sgag.exe
2008-10-28 20:57 4,041,472 a------- c:\windows\system32\ati3duag.dll
2008-10-28 20:49 307,200 a------- c:\windows\system32\atiiiexx.dll
2008-10-28 20:41 2,472,832 a------- c:\windows\system32\ativvaxx.dll
2008-10-28 20:40 3,107,788 a------- c:\windows\system32\ativvaxx.dat
2008-10-28 20:40 3,107,788 a------- c:\windows\system32\ativva5x.dat
2008-10-28 20:40 887,724 a------- c:\windows\system32\ativva6x.dat
2008-10-28 20:25 48,640 a------- c:\windows\system32\amdpcom32.dll
2008-10-28 20:21 389,120 a------- c:\windows\system32\atikvmag.dll
2008-10-28 20:19 44,032 a------- c:\windows\system32\atiadlxx.dll
2008-10-28 20:19 17,408 a------- c:\windows\system32\atitvo32.dll
2008-10-28 20:18 253,952 a------- c:\windows\system32\atiok3x2.dll
2008-10-28 20:12 577,536 a------- c:\windows\system32\ati2cqag.dll
2008-10-28 17:36 823,296 a------- c:\windows\system32\divx_xx0c.dll
2008-10-28 17:36 823,296 a------- c:\windows\system32\divx_xx07.dll
2008-10-28 17:35 815,104 a------- c:\windows\system32\divx_xx0a.dll
2008-10-28 17:35 802,816 a------- c:\windows\system32\divx_xx11.dll
2008-10-28 17:35 684,032 a------- c:\windows\system32\DivX.dll
2008-10-23 07:36 286,720 a------- c:\windows\system32\gdi32.dll
2008-10-21 12:51 118,784 a------- c:\windows\system32\atibrtmon.exe
2008-10-16 15:38 826,368 a------- c:\windows\system32\wininet.dll
2008-10-16 14:06 268,648 a------- c:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 a------- c:\windows\system32\muweb.dll
2007-11-27 18:33 32 a------- c:\docume~1\alluse~1.win\applic~1\ezsid.dat
2007-04-15 21:59 1,893 a------- c:\program files\Installed Items.lnk
2006-12-23 15:32 250,976 a------- c:\program files\MovielinkManagerInstall.exe
2004-10-19 15:38 11,052,037 a------- c:\docume~1\charle~1.250\applic~1\HCSetup2.0_IW.5.1.exe
2007-08-20 20:34 88 ---shr-- c:\windows\system32\B03F78D0D7.sys
2008-05-16 00:06 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008051620080517\index.dat

============= FINISH: 20:14:47.67 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 SpotCheckBilly

SpotCheckBilly

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Twin Cities, MN
  • Local time:11:32 AM

Posted 18 January 2009 - 07:07 PM

Hi Charles_Atlanta1,

Welcome to the BleepingComputer forums.

We apologize for the delay in responding to your request for assistance. Every one of our team members is a volunteer and unfortunately, there are often just not enough to keep up with demand. Thank you so much for your patience.

If your issue has been resolved or you have received help elsewhere, please post a reply here and let us know so that we can close this thread.

If you still need assistance, my name is SpotCheckBilly (SCB for short) and I will be happy to help you.

Please post a new DDS scan.

I look forward to your reply. -- SCB :thumbsup:
Posted ImagePosted Image
ChrisRLG's Computer Safety Online

"I was worried 'bout rich and skinny,
'til I wound up poor and fat"
- Delbert McClinton
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users