Jump to content

specialk

Members
  • Posts

    7
  • Joined

  • Last visited

Everything posted by specialk

  1. forgot to attach it, but didnt want to add a 2nd post till someone replied, per the forums rules here it is attach.zip
  2. allready posted in the PC help section, still no luck, something is wrong with my settings such that i have a perfect connection to my router and the internet, but cannot get any webpages up. please refer back to HERE. attached is more than just attach.txt, but also gmer.log and resetlog.txt here is my DDS.txt DDS (Ver_10-03-17.01) - NTFSx86 Run by Avogel at 22:41:57.59 on Mon 06/14/2010 Internet Explorer: 7.0.5730.13 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.416 [GMT -4:00] AV: AntiVir Desktop *On-access scanning enabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe svchost.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\Program Files\lotus\notes\ntmulti.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Network Associates\Common Framework\UdaterUI.exe C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Network Associates\Common Framework\McTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroDist.exe C:\Documents and Settings\Avogel\Desktop\dds.scr ============== Pseudo HJT Report =============== uInternet Settings,ProxyServer = http=127.0.0.1:5555 uInternet Settings,ProxyOverride = <local> BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [soundMan] SOUNDMAN.EXE mRun: [AlcWzrd] ALCWZRD.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe" mRun: [<NO NAME>] mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide mRun: [shStatEXE] "c:\program files\network associates\virusscan\SHSTAT.EXE" /STANDALONE mRun: [McAfeeUpdaterUI] "c:\program files\network associates\common framework\UdaterUI.exe" /StartedFromRunKey mRun: [Network Associates Error Reporting Service] "c:\program files\common files\network associates\talkback\TBMon.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k dRun: [kqpxcpfo] c:\documents and settings\networkservice\local settings\application data\suangquet\eyxkrpktssd.exe dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1268177875421 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1268177868218 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab DPF: {CAFECAFE-0013-0001-0028-ABCDEFABCDEF} DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll ============= SERVICES / DRIVERS =============== R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-6-8 11608] R1 NaiAvTdi1;NaiAvTdi1;c:\windows\system32\drivers\mvstdi5x.sys [2010-3-9 59904] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-6-8 135336] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-6-8 267432] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-6-8 60936] R2 McAfeeFramework;McAfee Framework Service;c:\program files\network associates\common framework\FrameworkService.exe [2010-3-9 103744] R2 McShield;Network Associates McShield;c:\program files\network associates\virusscan\Mcshield.exe [2007-11-27 221191] R2 McTaskManager;Network Associates Task Manager;c:\program files\network associates\virusscan\VsTskMgr.exe [2007-11-27 29184] R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-4 13592] R3 NaiAvFilter1;NaiAvFilter1;c:\windows\system32\drivers\naiavf5x.sys [2010-3-9 117024] =============== Created Last 30 ================ 2010-06-08 17:51:19 0 d-----w- c:\docume~1\avogel\applic~1\Avira 2010-06-08 16:48:22 0 ----a-w- c:\documents and settings\avogel\defogger_reenable 2010-06-08 16:42:22 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-06-08 16:42:16 0 d-----w- c:\program files\Avira 2010-06-08 16:42:16 0 d-----w- c:\docume~1\alluse~1\applic~1\Avira 2010-06-07 06:04:30 552 ----a-w- c:\windows\system32\d3d8caps.dat 2010-06-07 06:04:30 1324 ----a-w- c:\windows\system32\d3d9caps.dat 2010-06-07 01:39:41 0 d-----w- c:\docume~1\avogel\applic~1\Malwarebytes 2010-06-07 01:39:29 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-06-07 01:39:27 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2010-06-07 01:39:26 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-06-07 01:39:25 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-20 18:56:50 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll 2010-05-20 18:56:50 21504 ----a-w- c:\windows\system32\hidserv.dll ==================== Find3M ==================== 2010-05-12 21:21:16 221568 ------w- c:\windows\system32\MpSigStub.exe 2010-04-02 16:19:49 411368 ----a-w- c:\windows\system32\deploytk.dll ============= FINISH: 22:44:24.03 =============== Thanks in advance, guys.
  3. Back from summer break, finally can try what you suggested: no luck, still having the same problem after using the FixIt program...openning a malware thread like originally suggested (HERE), will link back to this thread.
  4. No luck with either attempt. I did notice a funny quirk, as i entered google.com , cnn.com, or any other website into IE, it said at the bottom: "connecting to site 127.0.0.1" which is certainly not google! Any thoughts?
  5. Just want to make sure: I have no issues with malware removal, i only mention them in passing, as they likely caused my PC issue of no internet connectivity....do you still want me to move this thread? Let me know, thanks!
  6. Then ran Network Diagnostics for Windows XP Heres ITS handwritten log. (yay) HTTP,HTTPS,FTP connectivity FTP(Passive): Successfully connected to ftp.microsoft.com. HTTP: Error 12029 connecting to www.microsoft.com: A connection with the server could not be established. HTTP: Error 12029 connecting to www.hotmail.com: A connection with the server could not be established. HTTPS: Error 12057 connecting to www.microsoft.com HTTPS: Error 12045 connecting to www.passport.net: The certficate authority is invalid or incorrect Cannot make an HTTP connection Cannot make an HTPPS connection DNS Client Diagnostic DNS - Not a home user scenario Using web proxy: yes No DNS servers DNS failure And the rest just looks like my personal IP addresses. Correct me if I'm wrong, but no positive point in posting the rest of this log? So There it is. I've rerun MBAM a few times to make sure that all the detected malware was gone, and i restored IE to its original factory settings, via the internet options, but i still have no internet. Any suggestions?
  7. got a pretty piece of malware, so installed and ran the latest MBAM. Either the malwares fracked up my internet connection on my little netbook, or MBAMs cleaning did.....I'm guessing it was the malware. Here is a hand copied log of the removal from MBAM. ********* Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4174 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 6/6/10 10:13:21 PM mbam-log-2010-06-06 (22-13-21).txt Scan Type: Quick scan Objects scanned: 126759 Time elapsed: 12 minutes, 28 seconds Memory processes infected: 0 Memory modules infected: 0 Registry keys infected:4 Registry values infected: 2 Registry data items infected: 0 Folders infected: 0 Files infected: 3 Memory processes infected: (no malicious items detected) Memory modules infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully. Registry values infected: HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Run\owhsmmed (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Currentversion\Run\owhsmmed (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully. Registry Data Items infected: (No malicious items detected) Files infected: C:\Documents and Settings\Avogel\Local Settings\Temp\1c6.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\1c8.tmp (Rootkit.TDSS) -> Delete on Reboot. C:\Documents and Settings\Avogel\Local Settings\Application Data\kjfboraex\pvvclhstssd.exe (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully. **********
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.