Jump to content

LonnieRoy

Members
  • Posts

    2
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Merry Christmas everyone. Please cancel this request. The computer is now repaired and working as good as new.
  2. I'm running Windows XP SP3 on an old HP a387x. Yesterday it became infected and I believed it had been sucessfully removed using malwarebytes. Anyway I no longer get the irritating pop up to register, but I have been unable to access the internet and windows firewall remains disabled. Any help will be greatly appreciated. Sorry, I forgot to include the DDS.txt file. Here it is: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26 Run by Lonnie R Shoemaker at 11:17:55 on 2011-12-21 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.959.643 [GMT -7:00] . AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe C:\Program Files\Avast\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avast\avastUI.exe C:\Documents and Settings\Lonnie R Shoemaker\Application Data\mjusbsp\cdloader2.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft Office\Office\1033\msoffice.exe svchost.exe C:\WINDOWS\system32\netdde.exe C:\WINDOWS\system32\nvsvc32.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.foxnews.com/ uRun: [cdloader] "c:\documents and settings\lonnie r shoemaker\application data\mjusbsp\cdloader2.exe" MAGICJACK uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [avast] "c:\program files\avast\avastUI.exe" /nogui dRunOnce: [RunNarrator] Narrator.exe StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/Dcode/ActiveX/MSDcode.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} - hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab DPF: {62789780-B744-11D0-986B-00609731A21D} - hxxp://www.maricopa.gov/assessor/gis/plugin/mgaxctrl.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1237284453313 DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: Interfaces\{9EBCA567-C272-43EA-A600-12EE91E93A95} : DhcpNameServer = 192.168.2.1 AppInit_DLLs: prio.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\lonnie r shoemaker\application data\mozilla\firefox\profiles\0ittmpvf.default\ FF - prefs.js: browser.startup.homepage - hxxp://foxnews.com FF - prefs.js: network.proxy.http_port - 64323 FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\adobe\reader\air\nppdf32.dll FF - plugin: c:\program files\adobe\reader\browser\nppdf32.dll FF - plugin: c:\program files\firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\firefox\plugins\npdjvu.dll FF - plugin: c:\program files\java\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\java\bin\new_plugin\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-18 435032] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-12-18 314456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-12-18 20568] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast\AvastSvc.exe [2011-12-18 44768] R2 WLNdis50;Wireless Lan NDIS Protocol I/O Control;c:\windows\system32\drivers\WLNdis50.sys [2011-12-18 20480] R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [2011-12-18 588032] S1 MpKsl32f89590;MpKsl32f89590;\??\c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{88d1c033-2256-4ca0-91ad-f2488ae354fe}\mpksl32f89590.sys --> c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{88d1c033-2256-4ca0-91ad-f2488ae354fe}\MpKsl32f89590.sys [?] S1 MpKsl36c9fe9a;MpKsl36c9fe9a;\??\c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{b1b3cc1c-04ed-4aa1-93ea-ef108d6c6678}\mpksl36c9fe9a.sys --> c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{b1b3cc1c-04ed-4aa1-93ea-ef108d6c6678}\MpKsl36c9fe9a.sys [?] S1 MpKsl67bc5ba5;MpKsl67bc5ba5;\??\c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{c70e8a27-3bd8-4e44-83cd-f26872ac962d}\mpksl67bc5ba5.sys --> c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{c70e8a27-3bd8-4e44-83cd-f26872ac962d}\MpKsl67bc5ba5.sys [?] S1 MpKsl7b01dcb6;MpKsl7b01dcb6;\??\c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{5eaa0b29-d481-4e66-b8e0-7629be9cb216}\mpksl7b01dcb6.sys --> c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{5eaa0b29-d481-4e66-b8e0-7629be9cb216}\MpKsl7b01dcb6.sys [?] S1 MpKsl7ffefdd4;MpKsl7ffefdd4;\??\c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{3e91b2dc-d0bc-4c01-95df-b699845484b3}\mpksl7ffefdd4.sys --> c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{3e91b2dc-d0bc-4c01-95df-b699845484b3}\MpKsl7ffefdd4.sys [?] S1 MpKsl80ca64c2;MpKsl80ca64c2;\??\c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{355d2bcf-fd04-4c69-a9c8-c0d6ee96c05a}\mpksl80ca64c2.sys --> c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{355d2bcf-fd04-4c69-a9c8-c0d6ee96c05a}\MpKsl80ca64c2.sys [?] S1 MpKsl8c95e3ab;MpKsl8c95e3ab;\??\c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{10205639-4756-45b4-97e1-2c869e864461}\mpksl8c95e3ab.sys --> c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{10205639-4756-45b4-97e1-2c869e864461}\MpKsl8c95e3ab.sys [?] S1 MpKsl8d027c56;MpKsl8d027c56;\??\c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{b1b3cc1c-04ed-4aa1-93ea-ef108d6c6678}\mpksl8d027c56.sys --> c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{b1b3cc1c-04ed-4aa1-93ea-ef108d6c6678}\MpKsl8d027c56.sys [?] S1 MpKsl99c80186;MpKsl99c80186;\??\c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{59823040-1a5e-4b65-949b-a67f5ef2cd79}\mpksl99c80186.sys --> c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{59823040-1a5e-4b65-949b-a67f5ef2cd79}\MpKsl99c80186.sys [?] S1 MpKslb692d310;MpKslb692d310;\??\c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{6740d94e-6d41-4e7d-b496-a28523217e58}\mpkslb692d310.sys --> c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{6740d94e-6d41-4e7d-b496-a28523217e58}\MpKslb692d310.sys [?] S1 MpKslc585b489;MpKslc585b489;\??\c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{49181c38-a696-48db-af85-cb15c31dcd3d}\mpkslc585b489.sys --> c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{49181c38-a696-48db-af85-cb15c31dcd3d}\MpKslc585b489.sys [?] S1 MpKslcc44391d;MpKslcc44391d;\??\c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{b1b3cc1c-04ed-4aa1-93ea-ef108d6c6678}\mpkslcc44391d.sys --> c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{b1b3cc1c-04ed-4aa1-93ea-ef108d6c6678}\MpKslcc44391d.sys [?] S1 MpKslcd663726;MpKslcd663726;\??\c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{19746c8e-1cc1-4c20-9ecf-898ad24893d7}\mpkslcd663726.sys --> c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{19746c8e-1cc1-4c20-9ecf-898ad24893d7}\MpKslcd663726.sys [?] S1 MpKslf1554d1d;MpKslf1554d1d;\??\c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{804e3637-1ce3-4503-9df2-ccb171b3cd31}\mpkslf1554d1d.sys --> c:\documents and settings\all users.windows\application data\microsoft\microsoft antimalware\definition updates\{804e3637-1ce3-4503-9df2-ccb171b3cd31}\MpKslf1554d1d.sys [?] S1 prio;Prio;c:\windows\system32\drivers\prio.sys [2010-7-28 51408] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 WLSVC;WLSVC;c:\program files\d-link\WLSVC.exe [2011-12-18 167936] S3 hcw18bda;Hauppauge WinTV 418 Driver;c:\windows\system32\drivers\hcw18bda.sys [2010-6-16 706304] S3 HCWBT8xx;Hauppauge WinTV 848/9 WDM Video Driver;c:\windows\system32\drivers\HCWBT8XX.sys [2009-3-17 465988] S3 sxuptp;SXUPTP Driver;c:\windows\system32\drivers\sxuptp.sys --> c:\windows\system32\drivers\sxuptp.sys [?] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2011-12-21 07:31:42 5632 -c--a-w- c:\windows\system32\dllcache\smimsgif.dll 2011-12-21 07:31:42 5632 -c--a-w- c:\windows\system32\dllcache\smierrsy.dll 2011-12-21 07:31:42 5632 ----a-w- c:\windows\system32\wbem\snmp\smimsgif.dll 2011-12-21 07:31:42 5632 ----a-w- c:\windows\system32\wbem\snmp\smierrsy.dll 2011-12-21 07:31:42 15872 -c--a-w- c:\windows\system32\dllcache\smierrsm.dll 2011-12-21 07:31:42 15872 ----a-w- c:\windows\system32\wbem\snmp\smierrsm.dll 2011-12-21 07:31:42 10240 -c--a-w- c:\windows\system32\dllcache\snmpstup.dll 2011-12-21 07:31:42 10240 ----a-w- c:\windows\system32\wbem\snmpstup.dll 2011-12-21 02:30:44 616024 ----a-w- c:\windows\system32\COMCTL32.OCX 2011-12-19 19:11:38 -------- d-----w- c:\windows\system32\system32 2011-12-19 05:58:41 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys 2011-12-19 05:58:17 20480 ----a-w- c:\windows\system32\wlndis50.sys 2011-12-19 05:58:17 20480 ----a-w- c:\windows\system32\drivers\WLNdis50.sys 2011-12-19 05:57:39 588032 ----a-w- c:\windows\system32\drivers\RTL8192su.sys 2011-12-19 05:57:39 -------- d-----w- c:\windows\pcidevice 2011-12-19 05:57:16 -------- d-----w- c:\program files\D-Link 2011-12-19 03:52:41 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-12-19 03:52:29 41184 ----a-w- c:\windows\avastSS.scr 2011-12-19 03:52:19 -------- d-----w- c:\program files\Avast 2011-12-19 01:38:37 -------- d-----w- c:\documents and settings\lonnie r shoemaker\local settings\application data\Google 2011-12-18 23:21:46 -------- d-----w- c:\documents and settings\all users.windows\application data\AVAST Software 2011-12-01 21:29:41 -------- d-----w- c:\program files\PrintScreen 2011-11-27 07:41:51 -------- d-----w- c:\program files\Auslogics . ==================== Find3M ==================== . 2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys 2011-11-04 19:20:51 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:20:51 43520 ------w- c:\windows\system32\licmgr10.dll 2011-11-04 19:20:51 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:23:59 385024 ------w- c:\windows\system32\html.iec 2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll 2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-25 13:33:08 2192768 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-25 12:52:03 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-18 11:13:22 186880 ----a-w- c:\windows\system32\encdec.dll 2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll 2011-09-26 18:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll 2011-09-26 18:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-26 18:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll . ============= FINISH: 11:18:36.20 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.