Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AntiVirus 2010


  • This topic is locked This topic is locked
2 replies to this topic

#1 tlflight

tlflight

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:36 AM

Posted 10 November 2009 - 04:32 PM

DDS (Ver_09-10-26.01) - NTFSx86
Run by Staff at 14:58:02.40 on Tue 11/10/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.450 [GMT -6:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Common Files\AOL\1227562337\ee\AOLSoftware.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
c:\program files\common files\aol\1227562337\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe
c:\program files\common files\aol\1227562337\ee\aolsoftware.exe
C:\Program Files\America Online 9.0a\waol.exe
C:\Program Files\America Online 9.0a\shellmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Staff\Local Settings\Temporary Internet Files\Content.IE5\5CYKPEKN\dds[1].scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mDefault_Search_URL = hxxp://www.google.com/ie
mSearch Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
uURLSearchHooks: H - No File
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [<NO NAME>]
mRun: [IntelWireless] 1c:\program files\intel\wireless\bin\ifrmewrk.exe /tf Intel PROSet/Wireless
mRun: [SigmatelSysTrayApp] 1stsystra.exe
mRun: [DVDLauncher] 1"c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [dla] 1c:\windows\system32\dla\tfswctrl.exe
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [ECenter] 1"c:\dell\e-center\gtb.exe"
mRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exe
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [HostManager] c:\program files\common files\aol\1227562337\ee\AOLSoftware.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
uPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
IE: &AOL Toolbar search - c:\program files\aol toolbar\toolbar.dll/SEARCH.HTML
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
Trusted Zone: alpa.org\concur
Trusted Zone: musicmatch.com\online
DPF: {2B1AA38D-2D12-11D5-AAD0-00C04FA03D78} - hxxp://www.mymesaba.com/nps/portal/gadgets/com.novell.nps.gadgets.shortcut.ShortcutGadget/LocalExec.CAB
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1252544124218
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
Notify: IntelWireless - c:\program files\intel\wireless\bin\LgNotify.dll
AppInit_DLLs: cru629.dat

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-9-17 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-9-17 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-9-17 297752]
S3 USB200M;Linksys USB 2.0 Network Adapter ver.2;c:\windows\system32\drivers\USB200M2.sys [2006-7-19 18048]

=============== Created Last 30 ================

2009-11-10 14:24:02 0 d-----w- c:\program files\Touch by HTC User Guide
2009-11-02 00:31:51 152119 ----a-w- c:\windows\system32\wisdstr.exe
2009-10-29 13:33:53 6144 ----a-w- c:\windows\cru629.dat
2009-10-26 12:19:00 6144 ----a-w- c:\windows\system32\cru629.dat
2009-10-25 02:16:16 0 d-----w- c:\docume~1\alluse~1\applic~1\Gogii
2009-10-25 02:14:32 0 d-----w- c:\windows\BabySitting Mania
2009-10-25 02:14:32 0 d-----w- c:\program files\BabySitting Mania
2009-10-21 20:42:15 54156 ---ha-w- c:\windows\QTFont.qfn
2009-10-21 20:42:15 1409 ----a-w- c:\windows\QTFont.for

==================== Find3M ====================

2009-11-10 20:12:20 11264 ----a-w- c:\windows\system32\braviax.exe
2009-11-10 20:12:20 11264 ----a-w- c:\windows\braviax.exe
2009-10-22 09:19:04 5939712 ------w- c:\windows\system32\dllcache\mshtml.dll
2009-09-27 13:45:19 12999 ----a-w- c:\program files\common files\josipaseru._dl
2009-09-24 11:34:05 14252 ----a-w- c:\docume~1\staff\applic~1\vyfasakyx.dat
2009-09-18 21:33:16 19569 ----a-w- c:\windows\tykuhana.reg
2009-09-18 21:33:16 17124 ----a-w- c:\docume~1\staff\applic~1\ezohufazos.dat
2009-09-18 21:33:16 16915 ----a-w- c:\windows\tuvituly.reg
2009-09-18 21:33:16 14984 ----a-w- c:\program files\common files\rupytapaw.dll
2009-09-18 21:33:16 14522 ----a-w- c:\program files\common files\noxokikub.bin
2009-09-18 21:33:16 12873 ----a-w- c:\docume~1\alluse~1\applic~1\hyjyhaho.bat
2009-09-18 21:33:16 11891 ----a-w- c:\windows\surypekafa.com
2009-09-18 21:33:15 10750 ----a-w- c:\docume~1\staff\applic~1\gewyve.scr
2009-09-18 21:33:15 10619 ----a-w- c:\program files\common files\ehodo.dll
2009-09-18 02:02:30 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-09-18 02:02:30 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-09-18 02:02:24 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-09-17 14:10:41 18987 ----a-w- c:\docume~1\staff\applic~1\ylaruzaxin.reg
2009-09-17 14:10:41 17475 ----a-w- c:\docume~1\alluse~1\applic~1\azun.sys
2009-09-17 14:10:41 16779 ----a-w- c:\windows\system32\lajyw.bat
2009-09-17 14:10:41 16477 ----a-w- c:\windows\avedydyd.pif
2009-09-17 14:10:41 14816 ----a-w- c:\docume~1\alluse~1\applic~1\ciwidovo.bat
2009-09-17 14:10:41 12695 ----a-w- c:\docume~1\staff\applic~1\cype.pif
2009-09-17 14:10:41 12502 ----a-w- c:\docume~1\staff\applic~1\mitefonymi.reg
2009-09-17 14:10:41 12436 ----a-w- c:\program files\common files\mokoby.dl
2009-09-17 14:10:41 11975 ----a-w- c:\windows\cygobabupe.dll
2009-09-17 14:10:41 11973 ----a-w- c:\windows\system32\dewad.bin
2009-09-17 14:10:41 10501 ----a-w- c:\program files\common files\xare.scr
2009-09-17 14:10:41 10390 ----a-w- c:\docume~1\staff\applic~1\ajofahytu.dat
2009-09-15 11:53:13 10221 ----a-w- c:\program files\common files\famatucu.com
2009-09-11 14:22:17 19803 ----a-w- c:\docume~1\staff\applic~1\itypy.bat
2009-09-11 14:22:17 15653 ----a-w- c:\windows\system32\osasa.bat
2009-09-11 14:22:17 14588 ----a-w- c:\windows\hivajijyk.vbs
2009-09-11 14:22:17 13413 ----a-w- c:\docume~1\staff\applic~1\zujabuq.com
2009-09-11 14:22:17 13337 ----a-w- c:\program files\common files\evefipasu.sys
2009-09-11 14:22:16 19573 ----a-w- c:\docume~1\staff\applic~1\nuxe.scr
2009-09-11 14:22:16 16669 ----a-w- c:\windows\system32\pecujycez.pif
2009-09-11 14:22:16 16331 ----a-w- c:\docume~1\staff\applic~1\tefygag.dat
2009-09-11 14:22:16 14659 ----a-w- c:\windows\yvot.dat
2009-09-11 14:22:16 11872 ----a-w- c:\docume~1\alluse~1\applic~1\bujazi.com
2009-09-11 14:22:16 11583 ----a-w- c:\windows\system32\ovahotoxy.dll
2009-09-11 14:22:16 10445 ----a-w- c:\windows\kubykofi.dll
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-11 14:18:39 136192 ------w- c:\windows\system32\dllcache\msv1_0.dll
2009-09-10 02:18:30 18922 ----a-w- c:\windows\puvedofy.dat
2009-09-10 02:18:30 18597 ----a-w- c:\docume~1\staff\applic~1\temiv.pif
2009-09-10 02:18:30 18066 ----a-w- c:\windows\japofyky.vbs
2009-09-10 02:18:30 18038 ----a-w- c:\windows\vyqidofe.reg
2009-09-10 02:18:30 16490 ----a-w- c:\docume~1\staff\applic~1\jizohycyne.bat
2009-09-10 02:18:30 15787 ----a-w- c:\windows\pyxe.vbs
2009-09-10 02:18:30 13948 ----a-w- c:\docume~1\staff\applic~1\akuw.vbs
2009-09-10 02:18:30 11696 ----a-w- c:\windows\xomuq.com
2009-09-10 02:18:30 11374 ----a-w- c:\docume~1\alluse~1\applic~1\sacyrihuro.exe
2009-09-10 02:18:30 10168 ----a-w- c:\docume~1\alluse~1\applic~1\ygirevasu.dat
2009-09-10 02:14:10 17728 ----a-w- c:\windows\wolyhaqit.pif
2009-09-10 02:14:09 17452 ----a-w- c:\docume~1\alluse~1\applic~1\acumawijy.pif
2009-09-10 02:14:09 17433 ----a-w- c:\program files\common files\oruti.dat
2009-09-10 02:14:09 17370 ----a-w- c:\docume~1\alluse~1\applic~1\utybutu.dat
2009-09-10 02:14:09 15611 ----a-w- c:\docume~1\alluse~1\applic~1\qoga.vbs
2009-09-10 02:14:09 15420 ----a-w- c:\docume~1\staff\applic~1\yqelone.scr
2009-09-10 02:14:09 15271 ----a-w- c:\windows\zymu.scr
2009-09-10 02:14:09 14677 ----a-w- c:\windows\system32\hyxaret.dat
2009-09-10 02:14:09 12749 ----a-w- c:\docume~1\alluse~1\applic~1\tefeq.dat
2009-09-10 02:14:09 12467 ----a-w- c:\program files\common files\inamej.bin
2009-09-10 02:14:09 11564 ----a-w- c:\windows\system32\yzymigylav.com
2009-09-09 18:09:00 13425 ----a-w- c:\program files\common files\gewylulid.exe
2009-09-09 18:09:00 10737 ----a-w- c:\docume~1\staff\applic~1\ecicus.sys
2009-09-09 18:08:59 19033 ----a-w- c:\windows\lebynawuhi.reg
2009-09-09 18:08:59 18282 ----a-w- c:\windows\ijaleqa.pif
2009-09-09 18:08:59 18276 ----a-w- c:\docume~1\staff\applic~1\ykuvopo.dat
2009-09-09 18:08:59 17311 ----a-w- c:\windows\system32\ikaq.scr
2009-09-09 18:08:59 15191 ----a-w- c:\windows\zetonisusu.dll
2009-09-09 18:08:59 12780 ----a-w- c:\docume~1\staff\applic~1\kipynesom.com
2009-09-09 18:08:59 12104 ----a-w- c:\docume~1\staff\applic~1\tuxejy.bat
2009-09-09 18:08:59 10789 ----a-w- c:\program files\common files\woxy.sys
2009-09-09 18:08:59 10428 ----a-w- c:\windows\uzole.dat
2009-09-09 18:08:59 10005 ----a-w- c:\windows\kavemy.scr
2009-09-09 16:28:45 19815 ----a-w- c:\windows\pixucyk.reg
2009-09-09 16:28:45 16729 ----a-w- c:\windows\system32\lunafu.bin
2009-09-09 16:28:45 14520 ----a-w- c:\docume~1\alluse~1\applic~1\rajyf.bin
2009-09-09 16:28:45 14326 ----a-w- c:\program files\common files\hiqix.bin
2009-09-09 16:28:45 13706 ----a-w- c:\windows\egymonuj.vbs
2009-09-09 16:28:45 12748 ----a-w- c:\windows\oqawafyg.sys
2009-09-09 16:28:45 12383 ----a-w- c:\docume~1\alluse~1\applic~1\niqubo.scr
2009-09-09 16:28:45 11287 ----a-w- c:\windows\system32\ygeguwyf.scr
2009-09-09 16:28:45 10410 ----a-w- c:\windows\axibu.exe
2009-09-09 11:23:45 29184 ----a-w- c:\windows\system32\dllcache\beep.sys
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-04 21:03:36 58880 ------w- c:\windows\system32\dllcache\msasn1.dll
2009-08-28 10:35:52 173056 ------w- c:\windows\system32\dllcache\ie4uinit.exe
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-26 08:00:21 247326 ------w- c:\windows\system32\dllcache\strmdll.dll
2002-09-11 14:26:52 63730 ----a-w- c:\program files\viewsonicinstruct_xp.pdf
2008-12-21 20:12:12 88 --sh--r- c:\windows\system32\B608BD15FE.sys
2007-04-22 22:41:51 56 --sh--r- c:\windows\system32\FE15BD08B6.sys
2008-12-21 20:12:17 4704 --sha-w- c:\windows\system32\KGyGaAvL.sys
2008-11-07 18:25:52 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008110720081108\index.dat

============= FINISH: 14:58:39.12 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:36 AM

Posted 16 November 2009 - 07:20 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :(
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:36 AM

Posted 20 November 2009 - 06:29 PM

Since this issue appears to be resolved ... this topic has been closed. Glad we could help. :(

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users