Jump to content

Davec43333

Members
 View Profile  See their activity

  • Posts

    8

  • Joined

  • Last visited

 Content Type 

Everything posted by Davec43333

  1. Davec43333
    Appreciate the help!
  2. Davec43333
    Ok, found them. Thanks you.
  3. Davec43333
    My computer seems to be running fine. I guess the virus deleted all my shortcuts but I've been able to put them back onto the task-bar, they are still missing from the start up bar but I should be able to drag and drop. ComboFix 11-11-22.01 - Dave 11/28/2011 10:24:02.4.2 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.3545.1874 [GMT -5:00] Running from: c:\users\Dave\Downloads\ComboFix.exe AV: AVG Anti-Virus 2011 *Disabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus 2011 *Disabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . - REDUCED FUNCTIONALITY MODE - . . ((((((((((((((((((((((((( Files Created from 2011-10-28 to 2011-11-28 ))))))))))))))))))))))))))))))) . . 2011-11-28 15:24 . 2011-11-28 15:24 -------- d-----w- c:\users\Dave\AppData\Local\temp 2011-11-28 15:24 . 2011-11-28 15:24 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp 2011-11-28 15:24 . 2011-11-28 15:24 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-11-25 06:25 . 2011-11-25 06:25 -------- d-----w- c:\programdata\Roxio 2011-11-25 06:25 . 2011-11-25 06:25 -------- d-----w- c:\users\Dave\AppData\Roaming\Roxio 2011-11-22 15:05 . 2011-11-22 15:05 -------- d-----w- c:\users\Dave\AppData\Roaming\Malwarebytes 2011-11-22 15:05 . 2011-11-22 15:05 -------- d-----w- c:\programdata\Malwarebytes 2011-11-22 15:05 . 2011-11-22 15:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-11-22 15:05 . 2011-08-31 22:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-10 13:48 . 2011-06-23 19:43 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-04-01 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-04-01 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-04-01 150552] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-12-22 3810304] "dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-06-03 206064] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208] . c:\users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-2-27 1316192] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist] 2009-07-15 23:33 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Dell Remote Access.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Dell Remote Access.lnk backup=c:\windows\pss\Dell Remote Access.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Dave^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk] path=c:\users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk backup=c:\windows\pss\Dell Dock.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-06-12 07:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint] 2009-04-01 06:18 217088 ----a-w- c:\program files\DellTPad\Apoint.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_TRAY] 2011-04-18 21:40 2334560 ----a-w- c:\program files\AVG\AVG10\avgtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell DataSafe Online] 2009-04-09 21:29 1762032 ----a-w- c:\program files\Dell DataSafe Online\DataSafeOnline.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central] 2008-06-03 20:54 446635 ------w- c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dellsupportcenter] 2009-06-03 19:46 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DSUpdateLauncher] 2009-03-09 07:12 374 ------w- c:\program files\Dell DataSafe Local Backup\Components\DSUpdate\runhstart.bat . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 17:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] 2008-05-07 22:41 178712 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-03-07 19:33 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launcher] 2009-04-17 15:18 165104 ------w- c:\program files\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\masqform.exe] 2005-07-04 14:50 643072 ----a-w- c:\program files\PureEdge\Viewer 6.5\masqform.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] 2010-06-01 14:17 5252408 ----a-w- c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv] 2008-05-23 19:06 128296 ------w- c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickSet] 2008-08-27 05:29 1662032 ----a-w- c:\program files\Dell\QuickSet\quickset.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 21:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seagate Dashboard] 2010-04-30 14:47 79112 ----a-w- c:\program files\Seagate\Seagate Dashboard\MemeoLauncher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar] 2008-01-21 02:32 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2010-03-09 15:02 26100520 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-10-11 10:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp] 2009-04-01 07:00 483428 ----a-w- c:\program files\IDT\WDM\sttray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2008-01-21 02:33 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] 2008-01-21 02:35 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection] 2010-06-14 04:47 296248 ----a-w- c:\program files\Yahoo!\Search Protection\YspService.exe . R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-04-18 7398752] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784] R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2010-07-20 117248] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992] S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-03-16 32592] S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-01-07 248656] S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-04-05 297168] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe [2009-04-01 81920] S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152] S2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2010-04-30 14088] S2 SftService;SoftThinks Agent Service;c:\program files\Dell DataSafe Local Backup\sftservice.EXE [2009-04-17 636144] S2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32coinst,serviceStartProc [x] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-04-15 134480] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 24144] S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-02-10 28624] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216] S3 OA009Ufd;Creative Camera OA009 Upper Filter Driver;c:\windows\system32\DRIVERS\OA009Ufd.sys [2008-09-03 144672] S3 OA009Vid;Creative Camera OA009 Function Driver;c:\windows\system32\DRIVERS\OA009Vid.sys [2008-09-03 269216] S3 PCD5SRVC{3F6A8B78-EC003E00-05040104};PCD5SRVC{3F6A8B78-EC003E00-05040104} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms [2008-11-04 22904] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{93c60f50-2a39-11e0-8b16-0023ae335855}] \shell\AutoRun\command - "G:\WD SmartWare.exe" autoplay=true . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b045af7e-4f96-11e0-affa-0023ae335855}] \shell\AutoRun\command - G:\LaunchU3.exe -a . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b207472f-0c13-11e0-9a76-0023ae335855}] \shell\AutoRun\command - D:\AutoRun.exe . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dd245df8-943f-11de-85f8-0023ae335855}] \SHeLl\auTopLAY\command - D:\miiam.cmd \SHeLl\AutoRun\command - D:\miiam.cmd \SHeLl\EXpLOrE\COMmaNd - D:\miiam.cmd \SHeLl\opEn\commAnd - D:\miiam.cmd . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com mStart Page = hxxp://www.yahoo.com uInternet Settings,ProxyOverride = local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 10.71.118.144 FF - ProfilePath - c:\users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\v8byf7m2.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-11-28 10:24 Windows 6.0.6001 Service Pack 1 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCD5SRVC{3F6A8B78-EC003E00-05040104}] "ImagePath"="\??\c:\progra~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Completion time: 2011-11-28 10:26:16 ComboFix-quarantined-files.txt 2011-11-28 15:26 . Pre-Run: 87,152,246,784 bytes free Post-Run: 87,129,571,328 bytes free . - - End Of File - - D1C1105FAB8DED7255FAA2894A2FC02D
  4. Davec43333
    I scanned c:\programdata\JMfjhzgstuAwW2.exe with Virusscann.jotti and it only popped as Malware on one of the 20 searches I couldn't find c:\programdata\GOdHEJIBdCd.exe
  5. Davec43333
    I used unhide and it restored all the files on my desktop. I still can't see the shortcuts in my task bar. Appreciate the help!
  6. Davec43333
    The virus keeps popping up from time to time but gets blocked from Malwarebytes. How do I restore everything so I can view the desktop or eliminate the virus completely?
  7. Davec43333
    I can't view anything on my desktop. I'll appreciate any help. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_17 Run by Dave at 20:57:44 on 2011-11-22 . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe C:\Windows\system32\SLsvc.exe C:\Program Files\Dell\DellDock\DockLogin.exe C:\Windows\System32\WLTRYSVC.EXE C:\Windows\System32\bcmwltry.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG10\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe c:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Windows\system32\RUNDLL32.EXE C:\Windows\system32\igfxsrvc.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\WLTRAY.EXE C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe c:\PROGRA~1\mcafee\msc\mcuimgr.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Users\Dave\Downloads\dds.scr C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.yahoo.com mStart Page = hxxp://www.yahoo.com mDefault_Page_URL = hxxp://www.yahoo.com uInternet Settings,ProxyOverride = local BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Yahooo Search Protection: {25bc7718-0bfa-40ea-b381-4b2d9732d686} - c:\program files\yahoo!\search protection\ysp.dll BHO: McAfee Phishing Filter: {377c180e-6f0e-4d4c-980f-f45bd3d40cf4} - c:\progra~1\mcafee\msk\mcapbho.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL IE: {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - c:\program files\yahoo!\search protection\ysp.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab TCP: DhcpNameServer = 10.71.118.144 TCP: Interfaces\{92CF4AAF-330C-4EB4-BD38-67AC5EB676AD} : DhcpNameServer = 10.71.118.144 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll Notify: igfxcui - igfxdev.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\dave\appdata\roaming\mozilla\firefox\profiles\v8byf7m2.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll FF - plugin: c:\program files\nos\bin\np_gp.dll . ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true ============= SERVICES / DRIVERS =============== . R? AVGIDSAgent;AVGIDSAgent R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86 R? ew_hwusbdev;Huawei MobileBroadband USB PNP Device R? ewusbnet;HUAWEI USB-NDIS miniport R? MBAMSwissArmy;MBAMSwissArmy R? McComponentHostService;McAfee Security Scan Component Host Service R? mferkdk;McAfee Inc. mferkdk R? PCD5SRVC{3F6A8B78-EC003E00-05040104};PCD5SRVC{3F6A8B78-EC003E00-05040104} - PCDR Kernel Mode Service Helper Driver R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0 S? AESTFilters;Andrea ST Filters Service S? AVGIDSDriver;AVGIDSDriver S? AVGIDSEH;AVGIDSEH S? AVGIDSFilter;AVGIDSFilter S? AVGIDSShim;AVGIDSShim S? Avgldx86;AVG AVI Loader Driver S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield S? Avgrkx86;AVG Anti-Rootkit Driver S? Avgtdix;AVG TDI Driver S? avgwd;AVG WatchDog S? DockLoginService;Dock Login Service S? MBAMProtector;MBAMProtector S? MBAMService;MBAMService S? McProxy;McAfee Proxy Service S? McShield;McAfee Real-time Scanner S? McSysmon;McAfee SystemGuards S? mfeavfk;McAfee Inc. mfeavfk S? mfebopk;McAfee Inc. mfebopk S? mfehidk;McAfee Inc. mfehidk S? mfesmfk;McAfee Inc. mfesmfk S? OA009Ufd;Creative Camera OA009 Upper Filter Driver S? OA009Vid;Creative Camera OA009 Function Driver S? SeagateDashboardService;Seagate Dashboard Service S? SftService;SoftThinks Agent Service S? yksvc;Marvell Yukon Service . =============== Created Last 30 ================ . 2011-11-22 15:05:41 -------- d-----w- c:\users\dave\appdata\roaming\Malwarebytes 2011-11-22 15:05:27 -------- d-----w- c:\programdata\Malwarebytes 2011-11-22 15:05:23 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-22 15:05:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-11-21 22:37:23 382976 ---ha-w- c:\programdata\JMfjhzgstuAwW2.exe 2011-11-21 22:34:08 493568 ---ha-w- c:\programdata\GOdHEJIBdCd.exe . ==================== Find3M ==================== . . ============= FINISH: 20:58:11.78 =============== Attach.txt DDS.txt
  8. Davec43333
    I can't view anything on my desktop! I'd appreciate any help! Attach.txt DDS.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.