Jump to content

Recommended Posts

Hi there,

Thank you very much for any help you can offer me. I've been trying to get rid of this virus for a while without success. Here are my files. I've pasted and attached them.

Attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 10/16/2009 9:55:21 AM

System Uptime: 12/9/2011 1:11:26 PM (143 hours ago)

.

Motherboard: Dell Inc. | | 0M863N

Processor: Intel Pentium III Xeon processor | CPU | 2926/1066mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 59 GiB total, 27.958 GiB free.

D: is FIXED (NTFS) - 117 GiB total, 112.487 GiB free.

E: is FIXED (NTFS) - 122 GiB total, 120.772 GiB free.

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP41: 11/3/2011 12:54:29 AM - System Checkpoint

RP42: 11/4/2011 1:54:29 AM - System Checkpoint

RP43: 11/5/2011 2:54:29 AM - System Checkpoint

RP44: 11/6/2011 2:54:29 AM - System Checkpoint

RP45: 11/7/2011 3:54:29 AM - System Checkpoint

RP46: 11/8/2011 4:54:29 AM - System Checkpoint

RP47: 11/9/2011 11:57:08 AM - System Checkpoint

RP48: 11/10/2011 3:13:12 PM - System Checkpoint

RP49: 11/11/2011 3:40:10 PM - System Checkpoint

RP50: 11/12/2011 3:52:10 PM - System Checkpoint

RP51: 11/13/2011 4:52:10 PM - System Checkpoint

RP52: 11/14/2011 5:02:55 PM - System Checkpoint

RP53: 11/15/2011 5:49:42 PM - System Checkpoint

RP54: 11/16/2011 6:00:32 PM - System Checkpoint

RP55: 11/17/2011 7:24:14 PM - System Checkpoint

RP56: 11/18/2011 8:24:14 PM - System Checkpoint

RP57: 11/19/2011 9:00:14 PM - System Checkpoint

RP58: 11/20/2011 9:48:14 PM - System Checkpoint

RP59: 11/21/2011 10:48:14 PM - System Checkpoint

RP60: 11/22/2011 11:48:14 PM - System Checkpoint

RP61: 11/23/2011 11:55:21 AM - Software Distribution Service 3.0

RP62: 11/23/2011 12:07:12 PM - Software Distribution Service 3.0

RP63: 11/24/2011 1:08:55 PM - System Checkpoint

RP64: 11/25/2011 2:29:55 PM - System Checkpoint

RP65: 11/26/2011 3:29:55 PM - System Checkpoint

RP66: 11/27/2011 3:53:55 PM - System Checkpoint

RP67: 11/28/2011 4:05:55 PM - System Checkpoint

RP68: 11/29/2011 4:50:09 PM - System Checkpoint

RP69: 11/30/2011 11:12:14 AM - Removed Adobe Reader 8.3.1

RP70: 11/30/2011 11:19:54 AM - Removed Adobe Reader 8.3.1

RP71: 11/30/2011 11:20:02 AM - Installed Adobe Reader X (10.1.1).

RP72: 12/1/2011 12:29:10 PM - System Checkpoint

RP73: 12/2/2011 12:47:37 PM - System Checkpoint

RP74: 12/3/2011 2:23:36 PM - System Checkpoint

RP75: 12/4/2011 2:59:37 PM - System Checkpoint

RP76: 12/5/2011 3:59:37 PM - System Checkpoint

RP77: 12/6/2011 4:23:36 PM - System Checkpoint

RP78: 12/7/2011 6:10:17 PM - System Checkpoint

RP79: 12/8/2011 7:22:14 PM - System Checkpoint

RP80: 12/9/2011 8:18:20 PM - System Checkpoint

RP81: 12/10/2011 9:18:20 PM - System Checkpoint

RP82: 12/11/2011 10:17:10 PM - System Checkpoint

RP83: 12/12/2011 10:18:20 PM - System Checkpoint

RP84: 12/13/2011 10:54:20 PM - System Checkpoint

RP85: 12/14/2011 11:16:51 PM - System Checkpoint

.

==== Installed Programs ======================

.

Adobe Acrobat 6.0 Standard

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Reader 8.2.1

Adobe Reader X (10.1.1)

avast! Pro Antivirus

Connected Backup/PC Agent

Dell Resource CD

E-Transcript Bundle Viewer

EndNote X2

ESET Online Scanner v3

Eudora

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Intel® Graphics Media Accelerator Driver

Intel® Management Engine Interface

Intel® Network Connections Drivers

Intel® Active Management Technology

ISI ResearchSoft - Export Helper

Java Auto Updater

Java 6 Update 26

Malwarebytes' Anti-Malware version 1.51.2.1300

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Office 97, Professional Edition

Microsoft Office Basic Edition 2003

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

PowerDVD DX

SAS 9.1

SAS Private JRE (J2SE Java Runtime Environment 1.4.1)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB974455)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371-v2)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974455)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982665)

SEERStat

SoundMAX

Stellate Browser

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB973874)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2641690)

Update for Windows XP (KB898461)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

WebFldrs XP

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows Media Player Hotfix [see KB832353 for more information]

WinZip

XML Paper Specification Shared Components Pack 1.0

Yahoo! BrowserPlus

Yahoo! Messenger

Yahoo! Software Update

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

12/15/2011 12:18:23 PM, error: Service Control Manager [7034] - The Distributed Transaction Coordinator service terminated unexpectedly. It has done this 1 time(s).

12/15/2011 12:18:16 PM, error: Service Control Manager [7034] - The Intel® Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s).

.

==== End Of File ===========================

Result.txt

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Main User at 12:23:45 on 2011-12-15

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3292.2488 [GMT -8:00]

.

AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Iron Mountain\Connected BackupPC\AgentService.exe

C:\Program Files\Intel\AMT\LMS.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Iron Mountain\Connected BackupPC\Agent.exe

C:\Program Files\Alwil Software\Avast5\avastUI.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Eudora\Eudora.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.lifeexpectancy.org/

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [AgentUiRunKey] "c:\program files\iron mountain\connected backuppc\Agent.exe" -ni -sss -e http://localhost:16386/

mRun: [avast] "c:\program files\alwil software\avast5\avastUI.exe" /nogui

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1322077542328

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{AA24968D-955A-42A0-8D1A-96D7CD91E8EB} : DhcpNameServer = 192.168.1.254

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Eudora's Shell Extension: {edb0e980-90bd-11d4-8599-0008c7d3b6f8} - c:\program files\eudora\EuShlExt.dll

.

============= SERVICES / DRIVERS ===============

.

R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [2009-10-16 24064]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-9-21 442200]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-9-21 320856]

R2 AgentService;AgentService;c:\program files\iron mountain\connected backuppc\AgentService.exe [2011-5-3 7580576]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-9-21 20568]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-9-21 44768]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-21 366152]

R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [2009-10-16 144480]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-9-21 22216]

S0 cerc6;cerc6; [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\common files\intel\privacy icon\uns\UNS.exe [2009-10-16 2066968]

S3 LV_Tracker;LV_Tracker;c:\windows\system32\drivers\LV_Tracker.sys [2010-1-29 45384]

.

=============== File Associations ===============

.

.exe=o4

.

=============== Created Last 30 ================

.

2011-12-15 20:06:28 326144 ----a-w- c:\documents and settings\main user\local settings\application data\gkw.exe

2011-11-30 19:21:35 -------- d-----w- c:\documents and settings\main user\local settings\application data\Temp

2011-11-30 19:15:31 -------- d-----w- c:\documents and settings\main user\local settings\application data\Solid State Networks

2011-11-23 19:54:41 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

2011-11-23 19:46:18 15064 ----a-w- c:\windows\system32\wuapi.dll.mui

.

==================== Find3M ====================

.

2011-10-10 14:22:41 692736 ------w- c:\windows\system32\inetcomm.dll

2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-26 19:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 19:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-26 19:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll

2011-09-21 16:44:10 296872 ----a-w- c:\windows\system32\shimg.dll

2000-08-02 16:20:00 151552 ----a-w- c:\program files\putty.exe

.

============= FINISH: 12:25:16.20 ===============

dds attach.txt

dds result.txt

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.