Jump to content

sarah27

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hey, I am encountering the same problems as Speedr on my rather old laptop with ping.exe, MDM.exe, and a few other things, though I might send you guys my logs/etc. Had redirect issues for a while, as well as some fake software called "XP Spyware 2012" running. but ran malwarebytes and a few other things and that went away. ping.exe and MDM.exe still there. If you have any suggestions I would really appreciate it! Thank you. Sarah DDS: DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_03 Run by Sarah at 0:48:53 on 2011-11-29 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.15 [GMT -5:00] . . ============== Running Processes =============== . C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\Program Files\AppStream\WindowsClient\bin\AppMgrService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\AppStream\WindowsClient\Bin\AppMgrGui.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Print Manager Plus - Client\CheckPages.exe C:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\SNDVOL32.EXE C:\WINDOWS\System32\ping.exe C:\WINDOWS\System32\MDM.EXE . ============== Pseudo HJT Report =============== . BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_03\bin\ssv.dll BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe uRun: [ccleaner] "c:\program files\ccleaner\ccleaner.exe" /AUTO mRun: [synTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [sunJavaUpdateSched] "c:\program files\java\jre1.6.0_03\bin\jusched.exe" mRun: [iPHSend] c:\program files\common files\aol\iphsend\IPHSend.exe mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [HostManager] c:\program files\common files\aol\1139604976\ee\AOLSoftware.exe mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe mRun: [ATIModeChange] Ati2mdxx.exe mRun: [AGRSMMSG] AGRSMMSG.exe mRun: [AppMgrGui] c:\program files\appstream\windowsclient\bin\exeForService.exe mRun: [spybotSnD] "c:\program files\spybot - search & destroy\SpybotSD.exe" /autocheck /autoclose /waitprograms StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\printm~1.lnk - c:\program files\print manager plus - client\CheckPages.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\symant~1.lnk - c:\program files\microsoft office\office\1033\OLFSNT40.EXE IE: &AOL Toolbar search - c:\program files\aol toolbar\toolbar.dll/SEARCH.HTML IE: Send To &Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_03\bin\ssv.dll LSP: mswsock.dll DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} - hxxp://h20278.www2.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{5DBEF54A-19C5-496C-A1BF-DECD3F8EB217} : DhcpNameServer = 192.168.1.1 Notify: ASWLNDLL - ASWLNDLL.dll Notify: LMIinit - LMIinit.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\sarah\application data\mozilla\firefox\profiles\chhwx6vg.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll . ============= SERVICES / DRIVERS =============== . R1 APPSTREAM;APPSTREAM;c:\windows\system32\drivers\AppStream.sys [2006-9-27 114964] . =============== Created Last 30 ================ . 2011-11-29 05:36:02 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-11-28 23:45:09 -------- d-----w- c:\program files\ESET 2011-11-28 23:40:50 -------- d-----w- c:\documents and settings\sarah\application data\Malwarebytes 2011-11-28 23:40:31 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2011-11-28 23:40:25 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-28 23:40:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-11-28 17:08:08 -------- d-----w- c:\program files\Combined Community Codec Pack . ==================== Find3M ==================== . 2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll 2011-09-26 15:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll 2011-09-26 15:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-26 15:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll 2011-09-16 01:18:09 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys 1998-12-09 02:53:54 99840 ----a-w- c:\program files\common files\IRAABOUT.DLL 1998-12-09 02:53:54 70144 ----a-w- c:\program files\common files\IRAMDMTR.DLL 1998-12-09 02:53:54 48640 ----a-w- c:\program files\common files\IRALPTTR.DLL 1998-12-09 02:53:54 31744 ----a-w- c:\program files\common files\IRAWEBTR.DLL 1998-12-09 02:53:54 186368 ----a-w- c:\program files\common files\IRAREG.DLL 1998-12-09 02:53:54 17920 ----a-w- c:\program files\common files\IRASRIAL.DLL . ============= FINISH: 0:51:12.14 =============== attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.