Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HijackThis and DDS logs


  • This topic is locked This topic is locked
2 replies to this topic

#1 aroc604

aroc604

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 25 July 2009 - 11:15 PM

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:25:52, on 7/25/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.emachines.com/
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\RunOnce: [NSSInstallation] C:\WINDOWS\system32\Adobe\Shockwave 11\nssstub.exe /runonce
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" -autorun
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/...can8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1244585519921
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 3723 bytes


______________________________________________________________________________________________________



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-06-26.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 8/30/2003 5:02:10 PM
System Uptime: 7/24/2009 12:53:43 PM (33 hours ago)

Motherboard: | | KM266-8235
Processor: AMD Athlon™ XP 2200+ | Socket A | 1795/133mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 25.566 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is CDROM ()
G: is CDROM (CDFS)
H: is CDROM ()
I: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID:
Description: USB Cable Modem
Device ID: USB\VID_07B2&PID_5101\0017EE8EF6F4
Manufacturer:
Name: USB Cable Modem
PNP Device ID: USB\VID_07B2&PID_5101\0017EE8EF6F4
Service:

==== System Restore Points ===================

RP1396: 4/27/2009 9:26:27 AM - System Checkpoint
RP1397: 4/28/2009 10:39:22 AM - System Checkpoint
RP1398: 4/29/2009 11:19:56 AM - System Checkpoint
RP1399: 4/30/2009 6:22:09 PM - System Checkpoint
RP1400: 5/1/2009 7:46:48 PM - System Checkpoint
RP1401: 5/2/2009 8:45:23 PM - System Checkpoint
RP1402: 5/3/2009 9:40:22 PM - System Checkpoint
RP1403: 5/4/2009 9:41:26 PM - System Checkpoint
RP1404: 5/5/2009 10:09:40 PM - System Checkpoint
RP1405: 5/6/2009 10:13:03 PM - System Checkpoint
RP1406: 5/7/2009 10:19:01 PM - System Checkpoint
RP1407: 5/8/2009 11:19:03 PM - System Checkpoint
RP1408: 5/10/2009 12:43:16 AM - System Checkpoint
RP1409: 5/10/2009 10:37:44 PM - Installed Java™ 6 Update 13
RP1410: 5/10/2009 11:15:23 PM - Restore Operation
RP1411: 5/12/2009 1:56:27 AM - System Checkpoint
RP1412: 5/13/2009 2:16:40 AM - System Checkpoint
RP1413: 5/13/2009 3:00:21 AM - Software Distribution Service 3.0
RP1414: 5/14/2009 3:15:30 AM - System Checkpoint
RP1415: 5/15/2009 4:15:33 AM - System Checkpoint
RP1416: 5/16/2009 1:06:28 PM - System Checkpoint
RP1417: 5/17/2009 1:25:17 PM - System Checkpoint
RP1418: 5/18/2009 2:12:31 PM - System Checkpoint
RP1419: 5/19/2009 2:26:34 PM - System Checkpoint
RP1420: 5/20/2009 3:25:37 PM - System Checkpoint
RP1421: 5/21/2009 5:04:24 PM - System Checkpoint
RP1422: 5/22/2009 5:53:05 PM - System Checkpoint
RP1423: 5/23/2009 5:54:21 PM - System Checkpoint
RP1424: 5/24/2009 6:53:05 PM - System Checkpoint
RP1425: 5/25/2009 7:14:34 PM - System Checkpoint
RP1426: 5/26/2009 7:57:38 PM - System Checkpoint
RP1427: 5/27/2009 8:57:37 PM - System Checkpoint
RP1428: 5/28/2009 11:52:42 PM - System Checkpoint
RP1429: 5/29/2009 11:57:41 PM - System Checkpoint
RP1430: 5/31/2009 12:43:57 AM - System Checkpoint
RP1431: 6/1/2009 1:37:31 AM - System Checkpoint
RP1432: 6/2/2009 1:37:51 AM - System Checkpoint
RP1433: 6/2/2009 6:43:47 PM - Software Distribution Service 3.0
RP1434: 6/3/2009 9:16:58 AM - Software Distribution Service 3.0
RP1435: 6/4/2009 9:43:41 AM - System Checkpoint
RP1436: 6/5/2009 10:06:07 AM - System Checkpoint
RP1437: 6/6/2009 10:41:14 AM - System Checkpoint
RP1438: 6/7/2009 10:41:58 AM - System Checkpoint
RP1439: 6/7/2009 9:17:51 PM - Software Distribution Service 3.0
RP1440: 6/9/2009 12:40:11 PM - Removed Windows Backup Utility
RP1441: 6/9/2009 1:38:00 PM - RegRun Virus Scan
RP1442: 6/9/2009 2:05:29 PM - RegRun Virus Scan
RP1443: 6/9/2009 2:25:30 PM - RegRun Virus Scan
RP1444: 6/9/2009 2:27:03 PM - Removed LiveUpdate Notice (Symantec Corporation)
RP1445: 6/9/2009 2:33:32 PM - Removed LiveUpdate (Symantec Corporation)
RP1446: 6/9/2009 2:46:14 PM - Installed SUPERAntiSpyware Free Edition
RP1447: 6/9/2009 3:14:10 PM - Software Distribution Service 3.0
RP1448: 6/9/2009 3:17:10 PM - Software Distribution Service 3.0
RP1449: 6/21/2009 9:54:06 AM - System Checkpoint
RP1450: 6/22/2009 10:44:16 AM - System Checkpoint
RP1451: 6/22/2009 11:25:59 AM - Software Distribution Service 3.0
RP1452: 6/23/2009 8:13:01 PM - System Checkpoint
RP1453: 6/24/2009 3:00:17 AM - Software Distribution Service 3.0
RP1454: 6/24/2009 10:37:35 AM - Installed AVG 8.5
RP1455: 6/25/2009 4:45:33 PM - System Checkpoint
RP1456: 6/26/2009 4:46:02 PM - System Checkpoint
RP1457: 6/28/2009 10:25:16 AM - System Checkpoint
RP1458: 6/29/2009 10:44:05 AM - System Checkpoint
RP1459: 6/30/2009 5:08:20 PM - System Checkpoint
RP1460: 7/1/2009 5:41:53 PM - System Checkpoint
RP1461: 7/3/2009 8:56:13 AM - System Checkpoint
RP1462: 7/8/2009 5:22:32 PM - System Checkpoint
RP1463: 7/14/2009 8:25:30 AM - System Checkpoint
RP1464: 7/15/2009 3:00:19 AM - Software Distribution Service 3.0
RP1465: 7/16/2009 3:17:28 AM - System Checkpoint
RP1466: 7/16/2009 4:43:49 PM - SPTD setup V1.58
RP1467: 7/17/2009 7:13:51 PM - System Checkpoint
RP1468: 7/18/2009 7:29:59 PM - System Checkpoint
RP1469: 7/19/2009 8:15:14 PM - System Checkpoint
RP1470: 7/20/2009 9:10:26 PM - System Checkpoint
RP1471: 7/21/2009 9:49:32 PM - System Checkpoint
RP1472: 7/22/2009 9:55:59 PM - System Checkpoint
RP1473: 7/24/2009 1:45:37 AM - System Checkpoint
RP1474: 7/25/2009 2:12:15 AM - System Checkpoint

==== Installed Programs ======================

µTorrent
AAC Decoder
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.2
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Adobe Shockwave Player 11.5
Adobe® Photoshop® Album Starter Edition 3.2
AutoUpdate
Avance AC'97 Audio
avast! Antivirus
CCleaner (remove only)
CD Viewer
CompuServe
Conexant SoftK56 Modem(M)
Critical Update for Windows Media Player 11 (KB959772)
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
Google Toolbar for Internet Explorer
H.264 Decoder
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
iPod for Windows 2006-03-23
iPod for Windows 2006-06-28
iTunes
Java 2 Runtime Environment Standard Edition v1.3.1_02
Java™ 6 Update 13
Logitech Desktop Messenger
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows Journal Viewer
Microsoft Works 6.0
MKV Splitter
MoviesPlay
Mozilla Firefox (3.0.12)
MSN Music Assistant
MSN Toolbar
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Pando Media Booster
Plaxo Toolbar for Outlook and Outlook Express
PowerISO
ProSavageDDR and Utilities
QuickTime
RealPlayer
S3Display
S3Gamma2
S3Info2
S3Overlay
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB973346)
SUPERAntiSpyware Free Edition
The Sims 2
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
VC80CRTRedist - 8.0.50727.762
Viewpoint Media Player (Remove Only)
VLC media player 0.9.9
WebCam for MSN Messenger
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Player 11
Windows Rights Management client
Windows XP Service Pack 3
WinRAR archiver
Xvid 1.2.1 final uninstall
Yahoo! Internet Mail

==== End Of File ===========================








DDS (Ver_09-06-26.01) - NTFSx86
Run by janet at 21:01:51.45 on Sat 07/25/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.479.187 [GMT -7:00]

AV: avast! antivirus 4.8.1335 [VPS 090725-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\janet\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.emachines.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File
TB: {3A013211-87A5-4118-AFDA-A5D4984958CC} - No File
TB: {F790854B-FEE7-42E7-8BB2-2D6AACB0A6E8} - No File
TB: {9308C42A-5A3C-4D6C-8B7B-3C3D665FE468} - No File
TB: {523493A7-6B65-4F49-A417-74FC39463D28} - No File
TB: {D3501262-F183-4A8A-A1AD-437719B6A127} - No File
TB: {A9C71808-EF2F-4D07-9A2A-45BEB73F648F} - No File
TB: {8E993B29-4C30-45B3-816D-C9A3A0FC92DB} - No File
TB: {45C25F86-D128-4FFF-AE45-D8CD461023B0} - No File
TB: {749AD26D-474D-4B92-8D96-B73CCE0D485C} - No File
TB: {6932B938-9045-4721-B958-05955F69D090} - No File
TB: {A162C579-DF06-430A-A345-FAACDB8C06D2} - No File
TB: {81019148-62DB-4E73-802B-BF4C29E321EE} - No File
TB: {1483084B-473F-471D-85D7-FC8164F0F397} - No File
TB: {12F86750-1511-4647-BA53-F5761B5C9FC1} - No File
TB: {3D501847-E4E9-4FA2-BA53-B1927D8DF855} - No File
TB: {4E74712C-8782-43DA-ABC0-9D20ACBC6D89} - No File
TB: {DE021ED0-E5AA-4427-B2AA-D182AF962DAC} - No File
TB: {F4962A52-557E-4787-A51B-986EE428E5D2} - No File
TB: {4A519C6B-D0E3-4D47-BD0D-37B655C9E708} - No File
TB: {C0712A4D-BEF6-4594-81DA-41FBB20AD4B2} - No File
TB: {2035F7DD-641F-406B-9FF4-D518FEFE5D46} - No File
TB: {DED821C8-38E2-498B-B27C-E8BD79832D98} - No File
TB: {C00B0888-B0AD-41AA-8B41-81BA3F9CB3EF} - No File
TB: {9C0B758A-3967-4C1E-9DAD-72A75B875A7F} - No File
TB: {4B571B41-3A11-4932-A046-AE8D456B8600} - No File
TB: {781701B2-661A-4CFD-9BF1-E58F484298BE} - No File
TB: {E36DDAF3-522D-4204-9DFE-D4D139E3A54B} - No File
TB: {46AE04C0-BCFA-4728-90E7-00EB4A8B3863} - No File
TB: {C25F106E-CC3B-451C-B4E8-316E8EDDACBC} - No File
TB: {E1FF896B-5855-4EAC-B424-F78C50F4488B} - No File
TB: {AF0F1EC5-A90C-455F-9CA7-65C663EB44A3} - No File
TB: {DE349BDA-647D-46B7-AEA7-E1B4AB0750D6} - No File
TB: {9ECF9BDB-57A2-417A-BF77-56D82A856225} - No File
TB: {C1104275-AE81-4FFD-8286-CFD5412EB541} - No File
TB: {421ACE76-6012-41F1-A3EC-8E3B309F98A9} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {7B0831DD-2BEC-BEE6-CADA-44AC2D69A97A} - No File
TB: MSN: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\01.02.5000.1021\en-ca\msntb.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar4.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
EB: {1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [DAEMON Tools Pro Agent] "c:\program files\daemon tools pro\DTProAgent.exe" -autorun
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE
mRunOnce: [NSSInstallation] c:\windows\system32\adobe\shockwave 11\nssstub.exe /runonce
mExplorerRun: [NoActiveDesktopChanges] 00000000
mExplorerRun: [NoActiveDesktop] 0 (0x0)
mExplorerRun: [NoSaveSettings] 0 (0x0)
mExplorerRun: [ClassicShell] 0 (0x0)
uPolicies-explorer: NoActiveDesktopChanges = 00000000
uPolicies-explorer: NoThemesTab = 0 (0x0)
uPolicies-explorer: NoSimpleStartMenu = 0 (0x0)
uPolicies-explorer: NoWindowsUpdate = 0 (0x0)
uPolicies-system: NoDispAppearancePage = 0 (0x0)
uPolicies-system: NoColorChoice = 0 (0x0)
uPolicies-system: NoSizeChoice = 0 (0x0)
uPolicies-system: NoVisualStyleChoice = 0 (0x0)
uPolicies-system: NoDispSettingsPage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1244585519921
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\janet\applic~1\mozilla\firefox\profiles\klu7caje.default\
FF - prefs.js: network.proxy.type - 1
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-6-9 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-1-15 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-1-15 55024]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-6-9 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-6-9 138680]
R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [2003-2-21 14336]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-6-9 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-6-9 352920]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-3-25 101936]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-1-15 7408]
S3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2009-6-24 29208]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2009-6-24 29208]

=============== Created Last 30 ================

2009-07-16 16:48 <DIR> --d----- c:\program files\DAEMON Tools Pro
2009-07-16 16:48 <DIR> --d----- c:\docume~1\alluse~1\applic~1\DAEMON Tools Pro
2009-07-16 16:43 721,904 a------- c:\windows\system32\drivers\sptd.sys
2009-07-16 16:43 <DIR> --d----- c:\docume~1\janet\applic~1\DAEMON Tools Pro
2009-07-13 17:07 <DIR> --d----- c:\program files\EA GAMES
2009-07-13 17:07 442,368 a------- c:\windows\system32\vp6vfw.dll
2009-07-13 12:15 <DIR> --d----- c:\program files\PowerISO

==================== Find3M ====================

2009-06-24 10:33 29,208 a------- c:\windows\system32\drivers\avgfwdx.sys
2009-06-24 10:33 50,968 a------- c:\windows\system32\avgfwdx.dll
2009-06-16 07:36 119,808 a------- c:\windows\system32\t2embed.dll
2009-06-16 07:36 81,920 a------- c:\windows\system32\fontsub.dll
2009-06-03 12:09 1,291,264 a------- c:\windows\system32\quartz.dll
2009-05-10 22:39 410,984 a------- c:\windows\system32\deploytk.dll
2009-05-07 08:32 345,600 a------- c:\windows\system32\localspl.dll
2009-05-01 14:03 129,784 -------- c:\windows\system32\pxafs.dll
2009-05-01 14:03 120,056 -------- c:\windows\system32\pxcpyi64.exe
2009-05-01 14:03 118,520 -------- c:\windows\system32\pxinsi64.exe
2009-05-01 14:02 90,112 a------- c:\windows\system32\dpl100.dll
2009-05-01 14:02 823,296 a------- c:\windows\system32\divx_xx0c.dll
2009-05-01 14:02 823,296 a------- c:\windows\system32\divx_xx07.dll
2009-05-01 14:02 815,104 a------- c:\windows\system32\divx_xx0a.dll
2009-05-01 14:02 811,008 a------- c:\windows\system32\divx_xx16.dll
2009-05-01 14:02 802,816 a------- c:\windows\system32\divx_xx11.dll
2009-05-01 14:02 685,056 a------- c:\windows\system32\DivX.dll
2009-04-28 21:56 827,392 a------- c:\windows\system32\wininet.dll
2009-04-28 21:55 78,336 a------- c:\windows\system32\ieencode.dll
2008-12-28 16:02 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008122820081229\index.dat

============= FINISH: 21:02:15.06 ===============

BC AdBot (Login to Remove)

 


#2 Net_Surfer

Net_Surfer

  • Banned
  • 2,154 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:46 PM

Posted 05 August 2009 - 03:35 AM

Hello and :thumbup2: to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here
.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.


Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

Thanks and again sorry for the delay
.

-----------------------------------------------------------

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


Kind regards
Net_Surfer

:)

#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,011 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:11:46 PM

Posted 13 August 2009 - 12:47 PM

Due to the lack of feedback, this Topic is now closed.

In case you still have problems, please send me a Private message to reopen this topic within the next 5 days. Beyond that point, please start a new topic.

Orange Blossom :thumbup2:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users