Jump to content

Recommended Posts

Hello,

I recently got the Windows Security 2012 virus, and removed it using Malwarebytes. Everything was working fine for a bit, but then I got the 'windows could not automatically detect this network's proxy settings' error. I can no longer connect to nearby routers.. I've tried many different methods posted on internet, but no luck.. I need your help!

Thank you,

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26

Run by JUNO at 16:42:04 on 2011-12-27

Microsoft Windows 7 Professional 6.1.7601.1.949.82.1033.18.3071.1958 [GMT -5:00]

.

AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Windows\system32\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\ASUS\ATK Hotkey\HControl.exe

C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\ASUS\ATK Hotkey\WDC.exe

C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe

C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Razer\DeathAdder\razerhid.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Razer\DeathAdder\razerofa.exe

C:\Program Files\Razer\DeathAdder\vdDaemon.exe

C:\Windows\System32\StikyNot.exe

C:\Program Files\DAEMON Tools Lite\DTLite.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Razer\DeathAdder\razertra.exe

C:\Windows\System32\msdt.exe

C:\Windows\System32\sdiagnhost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uWindow Title = Internet Explorer, optimized for Bing and MSN

uInternet Settings,ProxyOverride = *.local

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~4\office14\URLREDIR.DLL

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe

uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun

uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 120\AxAutoMntSrv.exe" -automount

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

mRun: [HControlUser] c:\program files\asus\atk hotkey\HControlUser.exe

mRun: [<NO NAME>]

mRun: [ATKOSD2] c:\program files\asus\atkosd2\ATKOSD2.exe

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe

mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices

mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [AmIcoSinglun] c:\program files\amicosinglun\AmIcoSinglun.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [DeathAdder] c:\program files\razer\deathadder\razerhid.exe

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRunOnce: [*Restore] c:\windows\system32\rstrui.exe /runonce

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

TCP: Interfaces\{2926171E-BE0C-439E-83B0-E012ABF163AE}\2414E47484F4D454 : DhcpNameServer = 24.226.1.93 24.226.10.193 24.226.10.194

TCP: Interfaces\{2926171E-BE0C-439E-83B0-E012ABF163AE}\2454C4C4437383 : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{2926171E-BE0C-439E-83B0-E012ABF163AE}\4656661657C647 : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{2926171E-BE0C-439E-83B0-E012ABF163AE}\746493E443 : DhcpNameServer = 192.168.1.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\juno\appdata\roaming\mozilla\firefox\profiles\b9d4s2hs.default\

FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll

FF - plugin: c:\progra~1\micros~4\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\micros~4\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\np_gp.dll

FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll

FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll

FF - plugin: c:\program files\sony\media go\npmediago.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll

.

============= SERVICES / DRIVERS ===============

.

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-8-11 136360]

R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-8-11 269480]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-8-11 66616]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-8-3 379496]

R2 WDDMService;WD SmartWare Drive Manager;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2009-11-13 110592]

R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\western digital\wd smartware\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]

R3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\drivers\ATSwpWDF.sys [2009-12-3 625224]

R3 BTHprint;Microsoft Bluetooth Printer Class;c:\windows\system32\drivers\BTHPRINT.SYS [2009-7-13 50688]

R3 danewFltr;NewDeathAdder Mouse;c:\windows\system32\drivers\danew.sys [2011-8-8 9856]

R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\drivers\itecir.sys [2010-7-13 65640]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-7-30 139368]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]

R3 VKbms;Virtual HID Minidriver;c:\windows\system32\drivers\VKbms.sys [2011-8-8 10240]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 KMService;KMService;c:\windows\system32\srvany.exe [2010-11-4 8192]

S2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2009-12-23 370688]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]

S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]

S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]

S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]

S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2011-11-29 27192]

S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-5-22 52224]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-16 1343400]

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2009-2-13 11520]

.

=============== Created Last 30 ================

.

2011-12-27 20:18:59 -------- d-----w- c:\users\juno\appdata\local\{86674FD1-6249-4EFE-A8FF-44261EF09FAD}

2011-12-27 20:01:38 -------- d-----w- c:\users\juno\appdata\local\{7BDCB178-D3FA-44A2-9537-33B92CA59CD6}

2011-12-27 19:40:26 -------- d-----w- c:\users\juno\appdata\local\{E45AF2AA-2C6D-4455-8EF1-610F03D268DA}

2011-12-27 19:33:05 -------- d-----w- c:\users\juno\appdata\local\{0C5587EB-36F5-402A-A4B5-087AB313A592}

2011-12-27 19:24:37 -------- d-----w- c:\program files\Microsoft Security Client

2011-12-27 19:20:56 -------- d-----w- c:\users\juno\appdata\local\{8D89FB09-58FC-4435-BE08-5DCC5EC6C60C}

2011-12-27 18:45:30 -------- d-----w- c:\users\juno\appdata\local\{14A26EE6-EA5E-439D-9D55-1B1E60C6919B}

2011-12-27 18:35:28 -------- d-----w- c:\users\juno\appdata\local\{EA43EDFE-BB06-4235-8412-D937D11DA5EE}

2011-12-27 18:24:59 -------- d-----w- c:\users\juno\appdata\local\{0D6B1304-7471-4CFC-82C9-A6B9B4602D7B}

2011-12-27 18:15:38 -------- d-----w- c:\users\juno\appdata\local\{71108DCC-31AF-4391-B0B0-1CCD2FAD2FCE}

2011-12-27 08:38:52 -------- d-----w- c:\users\juno\appdata\local\{57C9974D-008C-4437-848F-69DD862AD718}

2011-12-26 16:26:21 -------- d-----w- c:\users\juno\appdata\local\{634F5C2D-B3E8-4AA1-85B7-58F4513B61B6}

2011-12-24 23:44:23 -------- d-----w- c:\users\juno\appdata\local\{48228480-3A7E-4AD3-B050-BCCCA66936DD}

2011-12-24 23:44:12 -------- d-----w- c:\users\juno\appdata\local\{ED972E01-4B35-4ABA-BAC2-5F38AF462865}

2011-12-23 13:54:35 6823496 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{17c502dd-2f1e-4e13-8416-4037752ef494}\mpengine.dll

2011-12-14 21:53:53 -------- d-----w- c:\program files\iTunes

2011-12-14 21:53:53 -------- d-----w- c:\program files\iPod

2011-12-14 08:02:59 1427456 ----a-w- c:\windows\system32\inetcpl.cpl

2011-12-13 22:30:48 2342912 ----a-w- c:\windows\system32\win32k.sys

2011-12-13 22:30:46 2048 ----a-w- c:\windows\system32\tzres.dll

2011-12-13 22:30:37 534528 ----a-w- c:\windows\system32\EncDec.dll

2011-12-13 22:30:36 38912 ----a-w- c:\windows\system32\csrsrv.dll

2011-12-13 22:30:33 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-12-13 22:30:33 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-12-07 12:09:45 -------- d-----w- c:\users\juno\appdata\local\{9A48CA79-77EC-498F-A496-094FEBF6C6BE}

2011-12-07 12:09:30 -------- d-----w- c:\users\juno\appdata\local\{9588D5E6-6FEF-460F-8AFB-54EFD2E72BC7}

2011-11-30 00:41:14 -------- d-----w- c:\users\juno\appdata\local\VS Revo Group

2011-11-30 00:41:06 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys

2011-11-30 00:41:03 -------- d-----w- c:\program files\VS Revo Group

2011-11-30 00:22:51 -------- d-----w- c:\windows\system32\appmgmt

.

==================== Find3M ====================

.

2011-11-15 02:17:36 141200 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2011-11-15 02:17:26 281656 ----a-w- c:\windows\system32\PnkBstrB.xtr

2011-11-15 02:17:26 281656 ----a-w- c:\windows\system32\PnkBstrB.exe

2011-11-15 02:16:07 281200 ----a-w- c:\windows\system32\PnkBstrB.ex0

2011-11-13 09:33:19 138056 ----a-w- c:\users\juno\appdata\roaming\PnkBstrK.sys

2011-11-13 09:32:57 75136 ----a-w- c:\windows\system32\PnkBstrA.exe

2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll

2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll

2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2011-10-24 18:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2011-10-24 18:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts

2011-09-29 16:03:04 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys

Attach.zip

Link to post
Share on other sites

  • 1 month later...

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.