Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't Find the Problem


  • This topic is locked This topic is locked
2 replies to this topic

#1 fuentes56

fuentes56

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:07 AM

Posted 21 May 2011 - 03:40 PM

I have a virus, and i cant find out what it is... i have tried avg, avast, pc pitstop and now system mechanic. Still have notfixed the problem. avg said it was in internet explore so i downloaded chrome and was going to uninstall chrome but chrome will now work. also pc pitstop extreminate will not run a scan it will just freeze everytime. the person who is missing with my computer also makes slide shows every now and then just to mess with me. Just yesterday a multicolored cube with pc pitstop came on the screen for 15 sec... sorry was alot to read but if you could read my log and find the issue

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:13:42 PM, on 5/21/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:Program Files (x86)Dell DataSafe OnlineDataSafeOnline.exe
C:Program Files (x86)CyberLinkPowerDVD DXPDVDDXSrv.exe
C:Program Files (x86)Dell WebcamDell Webcam CentralWebcamDell2.exe
C:Program Files (x86)RoxioRoxio BurnRoxioBurnLauncher.exe
C:Program Files (x86)DellDellCommsbinsprtcmd.exe
C:Program Files (x86)Dell Support Centerbinsprtcmd.exe
C:Program Files (x86)PCPitstopInfo CenterInfoCenter.exe
C:Program Files (x86)Windows LiveToolbarwltuser.exe
C:windowsSysWOW64MacromedFlashFlashUtil10q_ActiveX.exe
C:Program Files (x86)Internet Exploreriexplore.exe
C:Program Files (x86)Internet Exploreriexplore.exe
C:Program Files (x86)Internet Exploreriexplore.exe
C:Program Files (x86)Internet Exploreriexplore.exe
C:Program Files (x86)Internet Exploreriexplore.exe
C:Program Files (x86)Trend MicroHiJackThisHiJackThis.exe
C:Program Files (x86)Internet Exploreriexplore.exe
C:windowsSysWOW64DllHost.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://g.msn.com/USCON/1
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:Program Files (x86)Windows LiveToolbarwltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:Program Files (x86)Windows LiveToolbarwltcore.dll
O4 - HKLM..Run: [Dell DataSafe Online] "C:Program Files (x86)Dell DataSafe OnlineDataSafeOnline.exe" /m
O4 - HKLM..Run: [PDVDDXSrv] "C:Program Files (x86)CyberLinkPowerDVD DXPDVDDXSrv.exe"
O4 - HKLM..Run: [Dell Webcam Central] "C:Program Files (x86)Dell WebcamDell Webcam CentralWebcamDell2.exe" /mode2
O4 - HKLM..Run: [Desktop Disc Tool] "C:Program Files (x86)RoxioRoxio BurnRoxioBurnLauncher.exe"
O4 - HKLM..Run: [DellComms] "C:Program Files (x86)DellDellCommsbinsprtcmd.exe" /P DellComms
O4 - HKLM..Run: [DellSupportCenter] "C:Program Files (x86)Dell Support Centerbinsprtcmd.exe" /P DellSupportCenter
O4 - HKLM..Run: [PC Pitstop Diskmd3 Reminder] C:Program Files (x86)PCPitstopDiskMD3Reminder-Diskmd3.exe
O4 - HKLM..Run: [Info Center] C:Program Files (x86)PCPitstopInfo CenterInfoCenter.exe
O4 - HKLM..Run: [PC Pitstop PC Matic Reminder] C:Program Files (x86)PCPitstopPC MaticReminder-PCMatic.exe
O4 - HKLM..Run: [iolo Startup] "C:Program Files (x86)ioloCommonLibioloLManager.exe"
O4 - HKLM..RunOnce: [Launcher] C:Program Files (x86)Dell DataSafe Local BackupComponentsschedulerLauncher.exe
O4 - HKCU..Run: [Google Update] "C:UsersMatthewAppDataLocalGoogleUpdateGoogleUpdate.exe" /c
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:Program FilesDellDellDockDellDock.exe (User 'Default user')
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:windowssystem32iavlsp.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32iavlsp.dll
O10 - Unknown file in Winsock LSP: c:windowssystem32iavlsp.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} (PCPitstop AntiVirus) - http://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll
O16 - DPF: {94E5218F-9737-4FC2-8457-567B1FF23DC0} (diskhealth Class) - http://utilities.pcpitstop.com/DiskMD3/DiskMD3Ctrl.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:Program Files (x86)AdobeElements Organizer 8.0PhotoshopElementsFileAgent.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_amd64_neutral_58afa5ca50c7b5e7AESTSr64.exe
O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:windowsSystem32alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:windowssystem32atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:Program FilesWIDCOMMBluetooth Softwarebtwdins.exe
O23 - Service: Dock Login Service (DockLoginService) - Unknown owner - C:Program FilesDellDellDockDockLogin.exe (file missing)
O23 - Service: @%SystemRoot%system32efssvc.dll,-100 (EFS) - Unknown owner - C:windowsSystem32lsass.exe (file missing)
O23 - Service: @%systemroot%system32fxsresm.dll,-118 (Fax) - Unknown owner - C:windowssystem32fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:Program Files (x86)Common FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:Program Files (x86)WildTangentDell GamesDell Game ConsoleGameConsoleService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:Program Files (x86)CitrixGoToAssist514g2aservice.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - iolo technologies, LLC - C:Program Files (x86)ioloCommonLibioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:Program Files (x86)ioloCommonLibioloServiceManager.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:windowssystem32lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:windowsSystem32msdtc.exe (file missing)
O23 - Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) - Unknown owner - C:windowssystem32lsass.exe (file missing)
O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:windowssystem32lsass.exe (file missing)
O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:windowssystem32locator.exe (file missing)
O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:windowssystem32lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks - C:Program Files (x86)Dell DataSafe Local Backupsftservice.EXE
O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:windowsSystem32snmptrap.exe (file missing)
O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:windowsSystem32spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%system32sppsvc.exe,-101 (sppsvc) - Unknown owner - C:windowssystem32sppsvc.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (DellComms) (sprtsvc_DellComms) - SupportSoft, Inc. - C:Program Files (x86)DellDellCommsbinsprtsvc.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:Program Files (x86)Dell Support Centerbinsprtsvc.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_amd64_neutral_58afa5ca50c7b5e7STacSV64.exe
O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:windowssystem32UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%system32vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:windowssystem32lsass.exe (file missing)
O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:windowsSystem32vds.exe (file missing)
O23 - Service: vseamps - Authentium, Inc - C:Program FilesCommon FilesAuthentiumAntiVirus5vseamps.exe
O23 - Service: vsedsps - Authentium, Inc - C:Program FilesCommon FilesAuthentiumAntiVirus5vsedsps.exe
O23 - Service: vseqrts - Authentium, Inc - C:Program FilesCommon FilesAuthentiumAntiVirus5vseqrts.exe
O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:windowssystem32vssvc.exe (file missing)
O23 - Service: @%systemroot%system32wbengine.exe,-104 (wbengine) - Unknown owner - C:windowssystem32wbengine.exe (file missing)
O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:windowssystem32wbemWmiApSrv.exe (file missing)

--
End of file - 10904 bytes

Thank you for the help

I also did dell back up to factory and still have problems.
Another thing every now and then i get a blue screen and the computer crashes. ( There are three different blues screens i get)

Merged posts. ~ OB

bump

EDIT: Please be patient. There are over 250 unanswered topics in this forum at present and the current average wait time to receive help is 9 days. ~Budapest

Edited by Budapest, 22 May 2011 - 04:47 PM.


BC AdBot (Login to Remove)

 


#2 snemelk

snemelk

    inżynier


  • Malware Response Team
  • 1,468 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:11:07 AM

Posted 28 May 2011 - 11:33 AM

Hi fuentes56, and welcome to Bleeping Computer.

Please follow our Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help, and post the logs requested! Since you're using a 64bit system, there is no need for a Gmer scan - post just the DDS.txt and Attach.txt logs...
Posted Image
snemelk.hekko.pl - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver


#3 snemelk

snemelk

    inżynier


  • Malware Response Team
  • 1,468 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:11:07 AM

Posted 10 June 2011 - 10:53 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
Posted Image
snemelk.hekko.pl - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users