Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't remove virus!!


  • This topic is locked This topic is locked
1 reply to this topic

#1 kates_me

kates_me

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:45 PM

Posted 14 October 2010 - 11:04 PM

DDS (Ver_10-10-10.03) - NTFSx86
Run by compu at 23:46:59.92 on Thu 10/14/2010
Internet Explorer: 5.00.3700.1000 BrowserJavaVersion: 1.6.0_16
Microsoft Windows 2000 Professional 5.0.2195.4.1252.1.1033.18.511.235 [GMT -7:00]


============== Running Processes ===============

C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINNT\system32\hidserv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\BitTorrent1\BitTorrent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\NETGEAR\WG311v3\wlancfg5.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\compu\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.msn.com
mDefault_Page_URL = hxxp://www.msn.com
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [BitTorrent] "c:\program files\bittorrent1\BitTorrent.exe"
uRun: [Smupimayobiquye] rundll32.exe "c:\winnt\rolhint.dll",Startup
mRun: [Synchronization Manager] mobsync.exe /logon
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [Tkubaxovabuyu] rundll32.exe "c:\winnt\iketuket.dll",Startup
dRunOnce: [^SetupICWDesktop] c:\program files\internet explorer\connection wizard\icwconn1.exe /desktop
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg311v3\wlancfg5.exe
IE: {c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
DPF: DirectAnimation Java Classes - file://c:\winnt\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\winnt\java\classes\xmldso.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\compu\applic~1\mozilla\firefox\profiles\m4li0zrc.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: keyword.URL - hxxp://search.search-go.net/?sid=10101054100&s=
FF - plugin: c:\documents and settings\compu\application data\mozilla\firefox\profiles\m4li0zrc.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npitunes.dll
FF - HiddenExtension: XULRunner: {C9381708-A61C-48A9-A3BA-A5537CC2B535} - c:\documents and settings\compu\local settings\application data\{C9381708-A61C-48A9-A3BA-A5537CC2B535}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: browser.search.selectedEngine - Google
FF - user.js: browser.search.order.1 - Google
FF - user.js: keyword.URL - hxxp://search.search-go.net/?sid=10101054100&s=c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\winnt\system32\drivers\aswSP.sys [2010-10-14 165584]
R2 aswFsBlk;aswFsBlk;c:\winnt\system32\drivers\aswFsBlk.sys [2010-10-14 17744]
R2 aswMon;aswMon;c:\winnt\system32\drivers\aswmon.sys [2010-10-14 94544]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-14 40384]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-14 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-14 40384]
R3 usbhub20;USB 2.0 Root Hub Support;c:\winnt\system32\drivers\usbhub20.sys [2009-4-11 49776]
R3 W8335PCI;NETGEAR WG311v3 802.11g Wireless PCI Adapter for Windows 2K (8335);c:\winnt\system32\drivers\WG311v3.sys [2006-1-26 280576]

=============== Created Last 30 ================

2010-10-15 04:28:50 38848 ----a-w- c:\winnt\avastSS.scr
2010-10-15 04:28:38 -------- d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software
2010-10-15 04:18:05 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData
2010-10-15 03:12:09 1409 ----a-w- c:\winnt\QTFont.for

==================== Find3M ====================

2010-10-15 00:46:16 0 ----a-w- c:\winnt\Cdolahohilofeji.bin

============= FINISH: 23:48:22.87 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,651 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:11:45 PM

Posted 24 October 2010 - 06:38 PM

hi kates_me,

Your log is a few days old. If you still need help simply reply to my post.

How Can I Reduce My Risk to Malware?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users