Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't update anti-spyware or Windows update. Anti-spyware sites blocked


  • Please log in to reply
1 reply to this topic

#1 killerkabuto

killerkabuto

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:35 PM

Posted 19 May 2009 - 08:48 AM

here is my dds.txt


DDS (Ver_09-05-14.01) - NTFSx86
Run by Kuma at 9:44:17.19 on Tue 05/19/2009
Internet Explorer: 7.0.6000.16711
Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1252.1.1033.18.3582.1554 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Spybot - Search and Destroy *enabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Kuma\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\ArcSoft\Media Card Companion\MCC Monitor.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\PSIService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Users\Kuma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Users\Kuma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kuma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Users\Kuma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kuma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wbengine.exe
C:\Windows\System32\vds.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Users\Kuma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kuma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kuma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kuma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kuma\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/ig
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.2.2.28.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
uRun: [swg] c:\program files\google\googletoolbarnotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Google Update] "c:\users\kuma\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\monitor.lnk - c:\program files\arcsoft\media card companion\MCC Monitor.exe
mPolicies-system: EnableLUA = 0 (0x0)
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.2.2.28.dll/206
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
AppInit_DLLs: c:\windows\system32\avgrsstx.dll
STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\System32\DreamScene.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-5-7 325896]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-7 108552]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-4-28 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-4-28 72944]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-5-7 908568]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-5-7 298776]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-3-20 1153368]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-4-28 7408]
S0 OemBiosDevice;Royalty OEM BIOS Extension;c:\windows\system32\drivers\royal.sys [2008-5-6 240128]

=============== Created Last 30 ================

2009-05-18 14:51 <DIR> --d----- c:\programdata\SUPERAntiSpyware.com
2009-05-18 14:51 <DIR> --d----- c:\progra~2\SUPERAntiSpyware.com
2009-05-18 14:51 <DIR> --d----- c:\users\kuma\appdata\roaming\SUPERAntiSpyware.com
2009-05-18 14:51 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-05-18 14:47 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2009-05-18 14:22 <DIR> --d----- c:\users\kuma\appdata\roaming\Malwarebytes
2009-05-18 14:22 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-05-18 14:22 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-18 14:22 <DIR> --d----- c:\programdata\Malwarebytes
2009-05-18 14:22 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-05-18 14:22 <DIR> --d----- c:\progra~2\Malwarebytes
2009-05-18 12:03 <DIR> --dsh--- C:\$RECYCLE.BIN
2009-05-18 11:46 161,792 a------- c:\windows\SWREG.exe
2009-05-18 11:46 98,816 a------- c:\windows\sed.exe
2009-05-18 10:12 <DIR> --d----- c:\program files\Trend Micro
2009-05-18 09:42 <DIR> a-d----- c:\programdata\TEMP
2009-05-18 09:30 102,664 a------- c:\windows\system32\drivers\tmcomm.sys
2009-05-18 09:29 <DIR> --d----- c:\users\kuma\.housecall6.6
2009-05-18 08:15 <DIR> --d----- c:\programdata\Lavasoft
2009-05-18 03:02 304,589,022 a------- c:\windows\MEMORY.DMP
2009-05-15 13:43 <DIR> --d----- c:\program files\Amazon
2009-05-15 12:59 <DIR> --d----- c:\program files\common files\PX Storage Engine
2009-05-12 16:40 256 a------- c:\windows\system32\pool.bin
2009-05-08 08:30 410,984 a------- c:\windows\system32\deploytk.dll
2009-04-30 20:09 <DIR> --d----- c:\program files\Wizards of the Coast
2009-04-30 09:24 622,080 a------- c:\windows\system32\icardagt.exe
2009-04-30 09:24 97,800 a------- c:\windows\system32\infocardapi.dll
2009-04-30 09:24 37,384 a------- c:\windows\system32\infocardcpl.cpl
2009-04-30 09:24 11,264 a------- c:\windows\system32\icardres.dll
2009-04-30 09:24 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-04-30 09:24 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
2009-04-30 09:24 326,160 a------- c:\windows\system32\PresentationHost.exe
2009-04-30 09:24 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
2009-04-30 09:11 96,760 a------- c:\windows\system32\dfshim.dll
2009-04-30 09:11 41,984 a------- c:\windows\system32\netfxperf.dll
2009-04-30 09:11 282,112 a------- c:\windows\system32\mscoree.dll
2009-04-30 09:11 158,720 a------- c:\windows\system32\mscorier.dll
2009-04-30 09:11 83,968 a------- c:\windows\system32\mscories.dll
2009-04-24 22:26 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2009-04-23 14:52 <DIR> --d----- c:\program files\Microsoft IntelliPoint

==================== Find3M ====================

2009-05-12 16:54 86,016 a------- c:\windows\inf\infstrng.dat
2009-05-12 16:54 51,200 a------- c:\windows\inf\infpub.dat
2009-05-12 16:53 86,016 a------- c:\windows\inf\infstor.dat
2009-05-08 09:29 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-05-08 09:29 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-08 09:29 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2008-08-28 09:04 174 a--sh--- c:\program files\desktop.ini
2008-08-28 08:48 665,600 a------- c:\windows\inf\drvindex.dat
2008-08-27 19:18 56,128 a------- c:\users\kuma\appdata\roaming\GDIPFONTCACHEV1.DAT
2006-11-02 08:40 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 08:40 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 08:40 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 08:40 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 9:45:03.12 ===============



I tried a few things to fix it but to no avail. please help.


killerkabuto

BC AdBot (Login to Remove)

 


#2 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:08:35 PM

Posted 31 May 2009 - 09:53 AM

Hello killerkabuto

Welcome to Welcome to BleepingComputer :thumbup2:
=====================
  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTListIt2.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
===========

Edited by kahdah, 31 May 2009 - 09:54 AM.

Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users