Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My system needs ur help!!!!


  • This topic is locked This topic is locked
4 replies to this topic

#1 swami007

swami007

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:44 AM

Posted 31 August 2013 - 06:47 PM

Hi,

   My system is really slow and my browser has some bydbest.com site as default. I cant download most of the time..99% complete then the download stops. I cant install java, any plugin, cant download any drivers. I am really thankful for what you are doing out here..PFB the log details..

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 6.0.2900.2180
Run by vaio at 4:56:07 on 2013-09-01
Microsoft Windows XP Professional  5.1.2600.2.1252.1.1033.18.2046.968 [GMT 5.5:30]
.
.
============== Running Processes ================
.
F:\WINDOWS\system32\Ati2evxx.exe
F:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\system32\AstSrv.exe
F:\Program Files\Intel\Wireless\Bin\EvtEng.exe
F:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
F:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
F:\Program Files\Sony\VAIO Event Service\VESMgr.exe
F:\WINDOWS\system32\wscript.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
F:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Program Files\Mozilla Firefox\plugin-container.exe
F:\DOCUME~1\vaio\LOCALS~1\Temp\bvdqn.exe
F:\DOCUME~1\vaio\LOCALS~1\Temp\winfgwwp.exe
F:\Program Files\Mozilla Firefox\plugin-container.exe
F:\Program Files\Mozilla Firefox\plugin-container.exe
F:\Program Files\Google\Chrome\Application\chrome.exe
F:\Program Files\Google\Chrome\Application\chrome.exe
F:\Program Files\Google\Chrome\Application\chrome.exe
F:\Program Files\Google\Chrome\Application\chrome.exe
F:\Program Files\Google\Chrome\Application\chrome.exe
F:\Program Files\Google\Chrome\Application\chrome.exe
F:\Program Files\Google\Chrome\Application\chrome.exe
F:\WINDOWS\system32\wbem\wmiprvse.exe
F:\WINDOWS\System32\svchost.exe -k netsvcs
F:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
F:\WINDOWS\system32\svchost.exe -k NetworkService
F:\WINDOWS\system32\svchost.exe -k LocalService
F:\WINDOWS\system32\svchost.exe -k LocalService
F:\WINDOWS\system32\svchost.exe -k imgsvc
F:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bydbest.com/music/mp4/mp4/mp3/
uWindow Title = bydbest.com    the ultimate choice
uProxyOverride = 127.0.0.1
uURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - f:\program files\utorrentcontrol_v2\prxtbuTo0.dll
mWinlogon: Userinit = f:\windows\system32\userinit.exe,f:\windows\system32\wscript.exe f:\windows\system32\Rahul'sVirusprotection.vbe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - f:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - 
BHO: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - f:\program files\utorrentcontrol_v2\prxtbuTo0.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - f:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - 
TB: SpeedBit Video Downloader: {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - 
TB: uTorrentControl_v2 Toolbar: {7473B6BD-4691-4744-A82B-7854EB3D70B6} - f:\program files\utorrentcontrol_v2\prxtbuTo0.dll
TB: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - f:\program files\utorrentcontrol_v2\prxtbuTo0.dll
uRun: [Google Update] "f:\documents and settings\vaio\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] f:\windows\system32\ctfmon.exe
mRun: [MotiveReportAgent] "f:\program files\common files\motive\mccibootstrapper.exe" /url="-appkey=motive -windowcontext=reportagent -url=file://f:\program files\common files\motive\reportagent.html" /browsertype=custommsie /browserpath="f:\program files\common files\motive\MotiveBrowser.exe" /hidden
dRun: [CTFMON.EXE] f:\windows\system32\CTFMON.EXE
StartupFolder: f:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - f:\program files\widcomm\bluetooth software\BTTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: EnableLUA = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: DisableTaskMgr = dword:1
mPolicies-System: DisableRegistryTools = dword:1
IE: E&xport to Microsoft Excel - f:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - f:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - f:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - f:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - f:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - f:\program files\messenger\msmsgs.exe
DPF: Microsoft XML Parser for Java - file:///F:/WINDOWS/Java/classes/xmldso.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - 
TCP: NameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{29C10A2A-4941-43B9-8F4F-E97806F760ED} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - f:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - f:\program files\common files\skype\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: psfus - f:\windows\system32\psqlpwd.dll
Notify: VESWinlogon - VESWinlogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - f:\windows\system32\WPDShServiceObj.dll
LSA: Notification Packages =  scecli psqlpwd
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "f:\program files\google\chrome\application\29.0.1547.62\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - f:\documents and settings\vaio\application data\mozilla\firefox\profiles\zyww90og.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.in/
FF - prefs.js: network.proxy.type - 0
FF - component: f:\documents and settings\vaio\application data\mozilla\firefox\profiles\zyww90og.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: f:\documents and settings\vaio\application data\mozilla\firefox\profiles\zyww90og.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - plugin: f:\documents and settings\vaio\application data\mozilla\firefox\profiles\zyww90og.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\plugins\np-mswmp.dll
FF - plugin: f:\documents and settings\vaio\application data\mozilla\firefox\profiles\zyww90og.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: f:\documents and settings\vaio\application data\mozilla\firefox\profiles\zyww90og.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\plugins\np-mswmp.dll
FF - plugin: f:\documents and settings\vaio\application data\mozilla\plugins\npatgpc.dll
FF - plugin: f:\documents and settings\vaio\local settings\application data\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: f:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: f:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: f:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: f:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: f:\program files\mozilla firefox\plugins\npatgpc.dll
FF - plugin: f:\windows\system32\npdeployJava1.dll
FF - plugin: f:\windows\system32\npptools.dll
FF - ExtSQL: !HIDDEN! 2010-05-24 14:15; {20a82645-c095-46ed-80e3-08825760534b}; f:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R2 Ast Service;Ast Service;f:\windows\system32\AstSrv.exe [2010-4-3 57344]
R2 Skype C2C Service;Skype C2C Service;f:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2013-8-14 3291008]
R3 abp470n5;abp470n5;\??\f:\windows\system32\drivers\igmmkn.sys --> f:\windows\system32\drivers\igmmkn.sys [?]
R3 R5U870FLx86;R5U870 UVC Lower Filter  ;f:\windows\system32\drivers\R5U870FLx86.sys [2010-3-30 73472]
R3 R5U870FUx86;R5U870 UVC Upper Filter  ;f:\windows\system32\drivers\R5U870FUx86.sys [2010-3-30 43904]
R3 SonyImgF;Sony Image Conversion Filter Driver;f:\windows\system32\drivers\SonyImgF.sys [2010-3-30 30976]
R3 ti21sony;ti21sony;f:\windows\system32\drivers\ti21sony.sys [2010-3-30 808448]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;f:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;f:\program files\skype\updater\Updater.exe [2012-7-13 238768]
S3 ggflt;SEMC USB Flash Driver Filter;f:\windows\system32\drivers\ggflt.sys [2011-9-11 13224]
S3 Sony PC Companion;Sony PC Companion;f:\program files\sony\sony pc companion\PCCService.exe [2011-4-15 229048]
S3 u302bus;HSPADataCard WMC Bus Driver (WDM);f:\windows\system32\drivers\u302bus.sys --> f:\windows\system32\drivers\u302bus.sys [?]
S3 u302mdfl;HSPADataCard Modem Filter;f:\windows\system32\drivers\u302mdfl.sys --> f:\windows\system32\drivers\u302mdfl.sys [?]
S3 u302mdm;HSPADataCard Modem Driver;f:\windows\system32\drivers\u302mdm.sys --> f:\windows\system32\drivers\u302mdm.sys [?]
S3 u302mgmt;HSPADataCard USB Device Management Drivers (WDM);f:\windows\system32\drivers\u302mgmt.sys --> f:\windows\system32\drivers\u302mgmt.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;f:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
ShellExec: Foxit Reader.exe: print="d:\softwares\freader-320303-pro-portable\Foxit Reader.exe"/p "%1" 
ShellExec: Foxit Reader.exe: printto="d:\softwares\freader-320303-pro-portable\Foxit Reader.exe"/t "%1" "%2" "%3" "%4" 
ShellExec: FOXITR~1.EXE: print="d:\softwa~1\freade~1\FOXITR~1.EXE"/p "%1" 
ShellExec: FOXITR~1.EXE: printto="d:\softwa~1\freade~1\FOXITR~1.EXE"/t "%1" "%2" "%3" "%4" 
.
=============== Created Last 30 ================
.
2013-08-14 05:41:04 4774272 ----a-w- f:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
2013-08-14 05:41:04 4774272 ----a-w- f:\program files\mozilla firefox\browser\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
.
==================== Find3M  ====================
.
2011-06-08 05:20:41 320 -c--a-w- f:\program files\DE.bin
.
============= FINISH:  4:56:56.98 ===============
 

 

Regards,
Swaminathan.

 

Attached Files



BC AdBot (Login to Remove)

 


#2 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:09:14 PM

Posted 01 September 2013 - 05:02 PM

Good evening. :)

Can you tell me what security programs you use on this system - anti-virus, anti-spyware etc...


So long, and thanks for all the fish.

 

 


#3 swami007

swami007
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:44 AM

Posted 01 September 2013 - 08:57 PM

I use none :( No protection watsoever.



#4 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:09:14 PM

Posted 02 September 2013 - 02:42 PM

Good evening. :)

There are two issues here, the first being the lack of adequate security and the second being the time that this has been going on. Without any anti-virus program to protect your system there is no limit to either what can install itself on your machine or to the harm it can do. Also, according to one of the logs that you posted your copy of Windows was installed on 30/03/2010, so there has been considerable time for anything nasty to do it's worst.

 

Given that there is no way of knowing what may have been happened, system files infected, corrupted or replaced, security settings lowered to make reinfection more likely in the future, my best advice to you is to back up any important data and then reinstall Windows, and then getting some effective security before going back online.


So long, and thanks for all the fish.

 

 


#5 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:09:14 PM

Posted 08 September 2013 - 03:08 PM

As this issue appears to have been resolved, this thread is now closed.


So long, and thanks for all the fish.

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users