Jump to content

Swimy101

Members
  • Posts

    15
  • Joined

  • Last visited

Reputation

0 Neutral
  1. So I'm trying to fix a computer for a Friend, and I'm having some troubles. I found VIRUSfighter on it, but i researched what it was and it seems to actually be a virus. With all the popups and random errors that I don't understand, I need some help. I'm trying to run a DDS for you guys to work off of, But it has been running for about 15 minutes now, with no luck getting a DDS.txt or Attach.txt. Its ust stuck with #### and So on. It seems to be an Emachine with Windows XP Service pack 2. I'm posting from a Clean computer, and I will switch when needed to do so, I can access the internet with it. I'm not computer savy so please bear with me. Thanks!
  2. I would love some assistance please! its been around 3 days now, almost 4
  3. Also, my windows Security keeps coming up, even when i go into settings to not show it, and after every start up, it re-appears. assistance would be greatly appreciated..
  4. I guess I don't have any problems, since 2 days have passed. But the only thing concerning me is I did a scan before bed last night and I'm constantly finding the same Log as the first one posted.
  5. Did a 2nd scan today with Malwarebytes. Had the exact same results at the previously posted Malwarebytes log.
  6. . DDS (Ver_11-05-19.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20 Run by Douglas at 18:42:33 on 2011-05-28 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1791.1194 [GMT -7:00] . AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ============== Running Processes =============== . C:\PROGRA~1\AVG\AVG10\avgchsvx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe C:\Program Files\AVG\AVG10\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\AVG\AVG10\avgnsx.exe C:\Program Files\AVG\AVG10\avgemcx.exe C:\WINDOWS\system32\lxdvcoms.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\Pen_Tablet.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\system32\Pen_Tablet.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\PROGRA~1\AVG\AVG10\avgrsx.exe C:\Program Files\AVG\AVG10\avgcsrvx.exe C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe C:\WINDOWS\system32\Pen_Tablet.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe C:\Program Files\Lexmark X5400 Series\lxdvamon.exe C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVG\AVG10\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\Douglas\My Documents\Downloads\dds.scr C:\WINDOWS\system32\WSCRIPT.exe . ============== Pseudo HJT Report =============== . uInternet Connection Wizard,ShellNext = iexplore mSearchAssistant = hxxp://search.live.com/sphome.aspx BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName mRun: [DrvLsnr] c:\program files\analog devices\soundmax\DrvLsnr.exe mRun: [nwiz] nwiz.exe /install mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [lxdvmon.exe] "c:\program files\lexmark x5400 series\lxdvmon.exe" mRun: [lxdvamon] "c:\program files\lexmark x5400 series\lxdvamon.exe" mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop elements 5.0\apdproxy.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe" mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe" mRun: [DSS] c:\windows\bbstore\dss\DSSAGENT.EXE mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe mRunServices: [Keyboard Manager] c:\program files\netropa\one-touch multimedia keyboard\MMKeybd.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1305337887079 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\douglas\application data\mozilla\firefox\profiles\ybkq9p1z.default\ FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 251728] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 299984] R1 msikbd2k;Multimedia Keyboard Filter Driver;c:\windows\system32\drivers\Msikbd2k.sys [2010-12-12 6783] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656] R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-10-22 265400] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-9-15 54752] R2 lxdv_device;lxdv_device;c:\windows\system32\lxdvcoms.exe -service --> c:\windows\system32\lxdvcoms.exe -service [?] R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2009-3-26 1373480] R3 AE1000;Linksys AE1000 Driver;c:\windows\system32\drivers\AE1000XP.sys [2011-5-13 816672] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-8-3 136176] S2 lxdvCATSCustConnectService;lxdvCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdvserv.exe [2008-11-30 98984] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-8-3 136176] . =============== Created Last 30 ================ . 2011-05-14 04:00:59 816672 ----a-r- c:\windows\system32\drivers\AE1000XP.sys 2011-05-14 04:00:59 226592 ----a-r- c:\windows\system32\RaCoInst.dll 2011-05-14 02:50:10 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll 2011-05-14 02:50:10 79872 ------w- c:\windows\system32\msxml6r.dll 2011-05-14 02:50:10 1372672 -c----w- c:\windows\system32\dllcache\msxml6.dll 2011-05-14 02:50:10 1372672 ------w- c:\windows\system32\msxml6.dll 2011-05-14 02:50:00 9728 ------w- c:\windows\system32\rwnh.dll 2011-05-14 02:50:00 9728 ------w- c:\windows\system32\comsdupd.exe 2011-05-14 02:50:00 46592 ------w- c:\windows\system32\drivers\irbus.sys 2011-05-14 02:44:49 63663 ------w- c:\windows\system32\drivers\ati1rvxx.sys 2011-05-14 02:42:46 19569 ----a-w- c:\windows\003160_.tmp 2011-05-14 01:44:51 -------- d-----w- c:\documents and settings\all users\application data\Cisco Systems 2011-05-13 22:59:57 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl . ==================== Find3M ==================== . . ============= FINISH: 18:43:42.15 ===============
  7. here is my Last Log, I Just did this scan. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6696 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 5/27/2011 7:55:35 PM mbam-log-2011-05-27 (19-55-35).txt Scan type: Quick scan Objects scanned: 212597 Time elapsed: 22 minute(s), 30 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 3 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ANTIVIRUSDISABLENOTIFY (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FIREWALLDISABLENOTIFY (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UPDATESDISABLENOTIFY (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  8. Also, My apologies! I did not realize the time when I posted this! I will be back in the morning because I Got work tomorrow! And Thank you to whoever is going to assist me!
  9. Well, I'm having a slight problem. I've used Malwarebytes many times to get those annoying virus's off (Xp Anti-Spyware 2011 and Windows Internet Security 2011), but I seem to keep getting them, constantly. I've gotten it twice already int he past month, so I'm worried. Were files damaged or it something letting them in? My Current scanners are not Alerting me also, they are no use to these Virus's. I have a Windows XP Professional with service pack 3, if that's any help! Thanks! Also, I'm not very tech-savy, so please be patient with me!
  10. I Also can access my Task manager. I see a Image name mfc.exe with 21,344 k Usuage is probably the virus but I'm not sure
  11. Ok, I had a talk with microsoft, and went into all of that. I deleted my temp files and also the files in prefetch and deleted those. He/she had me go into note pad a start a new registry and start a new one. She had me download SUPERAntiSpyware and run it as a Quickscan in Safemode Networking. I did that and rebooted. Logged onto the account with administrator on it and problem was still there. I was able to get SUPERAnti-Spyware running on a complete scan on Normal mode, but still waiting for a reply back.
  12. My computer just got infected with the XP Anit-spyware virus and I have no idea where to go. Except to panic. Please help thank you!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.