Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot update Antivirus programs and cannot go to certain sites


  • This topic is locked This topic is locked
2 replies to this topic

#1 Underdog1960

Underdog1960

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 28 February 2010 - 08:02 PM

I've tried very hard to fix this on my own but to no avail. About a week ago I could not update Superantispyware Professional. From that point I have discovered I cannot update Malware either nor am I able to download certain anti-spyware programs, and even if I do, they will not update. I figure this to be a virus, so any help would be appreciated. BTW, I removed IE8 and am now using IE7 which tends to freeze up. Never did that before. I am running Win XP SP3.

DDS Text follows:

DDS (Ver_09-12-01.01) - NTFSx86
Run by ed at 19:17:01.10 on Sun 02/28/2010
Internet Explorer: 6.0.2900.2180

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
C:\WINDOWS\system32\Pmxmiced.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Microsoft SQL Server\MSSQL$PCTOOLS\Binn\sqlservr.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Common Files\ParetoLogic\PLAS\plasservice.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\ed\Desktop\dds.scr
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter

============== Pseudo HJT Report ===============

BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: IEButton Class: {f81d52bf-f2f1-4f49-bf5f-05664e803039} - c:\program files\unh solutions\flash saving plugin\FlashSButton.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.playhub.com/sports-games/110/Battle-Boards.html"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [PMX Daemon] ICO.EXE
mRun: [dlccmon.exe] "c:\program files\dell photo aio printer 924\dlccmon.exe"
mRun: [VOBRegCheck] c:\windows\system32\VOBREGCheck.exe -CheckReg
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [DLCCCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCCtime.dll,_RunDLLEntry@16
dRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: Save Flash - c:\program files\unh solutions\flash saving plugin\FlashSButton.dll/210
IE: Save YouTube Video - c:\program files\unh solutions\flash saving plugin\FlashSButton.dll/217
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1266252419375
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: {6638329A-1C06-4D6F-A380-59DDB13B876B} = 93.188.163.220,93.188.166.60
Notify: AtiExtEvent - Ati2evxx.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R? DockLoginService;Dock Login Service
R? LLUSBFLT;LLUSBFLT
R? PLUsbbc2;High-Speed USB Bridge Cable Driver
R? samhid;samhid
R? SASENUM;SASENUM
R? SQLAgent$PCTOOLS;SQLAgent$PCTOOLS
S? MSSQL$PCTOOLS;MSSQL$PCTOOLS
S? pmxmouse;pmxmouse
S? pmxusblf;pmxusblf
S? SASDIFSV;SASDIFSV
S? SASKUTIL;SASKUTIL
S? ZeppelinService;plasservice

=============== Created Last 30 ================

2010-02-28 22:12:40 0 ----a-w- c:\documents and settings\ed\defogger_reenable
2010-02-28 21:47:31 1728 ----a-w- c:\windows\system32\tmp.reg
2010-02-28 21:40:07 0 d-----w- C:\hijackthis
2010-02-28 17:04:19 0 d-----w- c:\program files\TrendMicro
2010-02-28 16:18:55 702297 ----a-w- c:\windows\unins001.exe
2010-02-28 16:18:55 37356 ----a-w- c:\windows\unins001.dat
2010-02-28 16:18:03 702297 ----a-w- c:\windows\unins000.exe
2010-02-28 16:18:03 11702 ----a-w- c:\windows\unins000.dat
2010-02-28 15:35:49 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-28 15:35:47 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-28 15:35:47 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-28 00:47:24 50504 ----a-w- c:\windows\system32\drivers\pxrts.sys
2010-02-28 00:47:24 24368 ----a-w- c:\windows\system32\drivers\pxkbf.sys
2010-02-28 00:16:53 0 d-----w- c:\program files\Universal Extractor
2010-02-27 23:39:18 33340 ----a-w- c:\windows\system32\dbmsqlgc.dll
2010-02-27 23:39:18 24576 ----a-w- c:\windows\system32\dbmsgnet.dll
2010-02-27 23:38:59 0 d-----w- c:\program files\Microsoft SQL Server
2010-02-27 23:38:44 0 ----a-w- c:\windows\ODBC.INI
2010-02-27 02:26:14 0 d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software
2010-02-26 23:41:08 0 d-sha-r- C:\cmdcons
2010-02-26 23:40:14 98816 ----a-w- c:\windows\sed.exe
2010-02-26 23:40:14 77312 ----a-w- c:\windows\MBR.exe
2010-02-26 23:40:14 261632 ----a-w- c:\windows\PEV.exe
2010-02-26 23:40:14 161792 ----a-w- c:\windows\SWREG.exe
2010-02-22 13:24:54 61440 ----a-w- c:\windows\uninstall.exe
2010-02-17 12:26:38 0 d-----w- c:\docume~1\ed\applic~1\Windows Search
2010-02-17 03:12:41 0 d-----w- c:\documents and settings\ed\Tracing
2010-02-17 02:03:00 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2010-02-17 01:45:43 0 d-----w- c:\program files\common files\Windows Live
2010-02-17 01:44:44 0 d-----w- c:\windows\system32\GroupPolicy
2010-02-17 01:44:44 0 d-----w- c:\program files\Windows Desktop Search
2010-02-17 01:44:17 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll
2010-02-17 01:44:17 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll
2010-02-17 01:44:17 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll
2010-02-16 01:19:05 199680 ----a-w- c:\windows\system32\SET13FE.tmp
2010-02-16 01:19:03 177152 ----a-w- c:\windows\system32\SET13E6.tmp
2010-02-16 01:13:59 62464 ----a-w- c:\windows\system32\SET7E5.tmp
2010-02-16 01:12:58 58880 ----a-w- c:\windows\system32\SET559.tmp
2010-02-16 01:11:00 19569 ----a-w- c:\windows\003140_.tmp
2010-02-16 01:08:59 129792 ----a-w- c:\windows\system32\drivers\fltmgr.sys
2010-02-16 01:08:58 409088 ------w- c:\windows\system32\qmgr.dll
2010-02-16 01:08:56 272128 ----a-w- c:\windows\system32\drivers\bthport.sys
2010-02-16 00:45:14 24576 ----a-w- c:\windows\system32\SET1329.tmp
2010-02-16 00:45:14 177152 ----a-w- c:\windows\system32\SET1310.tmp
2010-02-16 00:45:13 80896 ----a-w- c:\windows\system32\SET12F0.tmp
2010-02-16 00:45:13 75776 ----a-w- c:\windows\system32\SET12F8.tmp
2010-02-16 00:45:13 354304 ----a-w- c:\windows\system32\SET12F3.tmp
2010-02-16 00:45:13 15872 ----a-w- c:\windows\system32\SET12F5.tmp
2010-02-16 00:45:13 13824 ----a-w- c:\windows\system32\SET12F1.tmp
2010-02-16 00:45:12 6656 ----a-w- c:\windows\system32\SET12EB.tmp
2010-02-16 00:42:59 67584 ----a-w- c:\windows\system32\SET538.tmp
2010-02-16 00:41:48 19569 ----a-w- c:\windows\003134_.tmp
2010-02-16 00:39:38 71040 ----a-w- c:\windows\system32\drivers\_004563_.tmp.dll
2010-02-15 21:50:40 71040 ----a-w- c:\windows\system32\drivers\_004556_.tmp.dll
2010-02-15 21:26:07 71040 ----a-w- c:\windows\system32\drivers\_004549_.tmp.dll
2010-02-15 20:07:30 71040 ----a-w- c:\windows\system32\drivers\_004541_.tmp.dll
2010-02-15 19:57:58 69120 -c--a-w- c:\windows\system32\dllcache\iecompat.dll
2010-02-15 19:57:41 594432 -c--a-w- c:\windows\system32\dllcache\msfeeds.dll
2010-02-15 19:57:41 55296 -c--a-w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-15 19:57:41 246272 -c--a-w- c:\windows\system32\dllcache\ieproxy.dll
2010-02-15 19:57:41 1985536 -c--a-w- c:\windows\system32\dllcache\iertutil.dll
2010-02-15 19:57:41 12800 -c--a-w- c:\windows\system32\dllcache\xpshims.dll
2010-02-15 19:57:41 11070464 -c--a-w- c:\windows\system32\dllcache\ieframe.dll
2010-02-15 19:56:47 68608 ----a-w- c:\windows\system32\dllcache\plugin.ocx
2010-02-15 19:56:47 1492480 ----a-w- c:\windows\system32\dllcache\shdocvw.dll
2010-02-15 19:56:47 1022976 ----a-w- c:\windows\system32\dllcache\browseui.dll
2010-02-15 19:46:17 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-02-15 19:45:55 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-02-15 19:45:45 33280 -c----w- c:\windows\system32\dllcache\csrsrv.dll
2010-02-15 19:45:42 474112 -c----w- c:\windows\system32\dllcache\shlwapi.dll
2010-02-15 19:45:38 1089593 -c----w- c:\windows\system32\dllcache\ntprint.cat
2010-02-15 19:45:34 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-02-15 19:45:34 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-02-15 19:44:28 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll
2010-02-15 19:44:28 1291776 -c----w- c:\windows\system32\dllcache\quartz.dll
2010-02-15 19:44:16 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-02-15 19:44:04 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2010-02-15 19:41:15 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-02-15 19:40:37 343040 -c----w- c:\windows\system32\dllcache\mspaint.exe
2010-02-15 19:40:29 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-02-15 19:40:19 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-02-15 19:36:11 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-15 19:36:09 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-02-15 18:52:06 128512 -c--a-w- c:\windows\system32\dllcache\dhtmled.ocx
2010-02-15 18:52:04 38912 -c--a-w- c:\windows\system32\dllcache\hmmapi.dll
2010-02-15 18:52:03 93184 -c--a-w- c:\windows\system32\dllcache\iexplore.exe
2010-02-15 18:47:48 121856 ----a-w- c:\windows\system32\SET1214.tmp
2010-02-15 18:46:59 56320 ----a-w- c:\windows\system32\SET5D4.tmp
2010-02-15 17:58:57 84992 -c----w- c:\windows\system32\dllcache\avifil32.dll
2010-02-15 17:58:57 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll
2010-02-15 17:58:57 11264 -c----w- c:\windows\system32\dllcache\msrle32.dll
2010-02-15 17:55:29 884736 ----a-w- c:\windows\system32\msimsg.dll
2010-02-15 17:55:29 78848 ----a-w- c:\windows\system32\msiexec.exe
2010-02-15 17:55:29 2843136 ----a-w- c:\windows\system32\msi.dll
2010-02-15 17:55:29 271360 ----a-w- c:\windows\system32\msihnd.dll
2010-02-15 17:55:29 15360 ----a-w- c:\windows\system32\msisip.dll
2010-02-15 15:22:58 229439 -c--a-w- c:\windows\system32\dllcache\multibox.dll
2010-02-15 15:21:52 45056 -c--a-w- c:\windows\system32\dllcache\EXCH_aqadmin.dll
2010-02-15 15:21:45 5632 -c--a-w- c:\windows\system32\dllcache\EXCH_adsiisex.dll
2010-02-15 15:18:40 488 ---ha-r- c:\windows\system32\logonui.exe.manifest
2010-02-15 15:18:34 749 ---ha-r- c:\windows\WindowsShell.Manifest
2010-02-15 15:18:34 749 ---ha-r- c:\windows\system32\wuaucpl.cpl.manifest
2010-02-15 15:18:34 749 ---ha-r- c:\windows\system32\sapi.cpl.manifest
2010-02-15 15:18:34 749 ---ha-r- c:\windows\system32\ncpa.cpl.manifest
2010-02-15 15:18:25 0 d--h--w- c:\program files\WindowsUpdate
2010-02-15 15:18:15 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2010-02-15 15:05:43 1024840 ----a-w- c:\windows\setupapi.log.0.old
2010-02-15 09:56:47 0 d-----w- c:\windows\dell
2010-02-14 01:25:02 120 ----a-w- c:\windows\Uzikobun.dat
2010-02-14 01:25:02 0 ----a-w- c:\windows\Gmemucatofokeyib.bin
2010-02-13 00:07:42 0 d-----w- c:\program files\PeerGuardian2

==================== Find3M ====================

2010-02-15 15:17:31 23444 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-14 16:12:06 181120 ------w- c:\windows\system32\MpSigStub.exe
2009-12-31 16:50:03 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-16 18:43:27 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:08:23 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-08 19:26:15 2145280 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-08 18:43:51 2023936 ------w- c:\windows\system32\ntkrnlpa.exe
2009-06-06 01:10:54 245760 --sha-w- c:\windows\system32\config\systemprofile\ietldcache\index.dat
2008-05-07 00:06:16 32768 -csha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008050620080507\index.dat
2009-06-10 11:35:57 806432 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-10 11:35:57 43040 --sha-w- c:\windows\system32\drivers\fidbox2.dat

============= FINISH: 19:18:10.31 ===============

Sorry, I forgot to attatch the ARC file.

Merged posts. ~ OB

Attached Files


Edited by Orange Blossom, 28 February 2010 - 08:51 PM.


BC AdBot (Login to Remove)

 


#2 Underdog1960

Underdog1960
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 01 March 2010 - 09:21 PM

Problem fixed. I downloaded mbam-rules.exe on another computer, emailed it to me and updated Malwarebytes anti-virus. It found a dnschanger trojan and deleted it.
You can delete this post if you wish.

#3 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,115 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:18 AM

Posted 05 March 2010 - 07:58 AM

Since this issue seems to be resolved, this topic will now be closed.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users