Jump to content

Recommended Posts

MB PRO is running and i have done several scans but I am having NO Luck, cannot update MB now either.

PLEASE HELP.

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Owner at 10:23:11 on 2012-01-04

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1246.399 [GMT -6:00]

.

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\System32\S24EvMon.exe

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\ZCfgSvc.exe

C:\WINDOWS\Explorer.EXE

svchost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\WINDOWS\system32\bmwebcfg.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\System32\hkcmd.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe

C:\WINDOWS\system32\RunDll32.exe

C:\WINDOWS\system32\hphmon04.exe

C:\WINDOWS\system32\CAPM5RSK.EXE

C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe

C:\WINDOWS\System32\RegSrvc.exe

C:\WINDOWS\System32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\QuickTime\QTTask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Documents and Settings\All Users\Application Data\DcyvoCqXiFehT.exe

C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe

C:\WINDOWS\System32\1XConfig.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Documents and Settings\All Users\Application Data\8m3feguO4QgYYt.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uSearch Bar = about:blank

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyServer = 192.168.2.1:2000

uInternet Settings,ProxyOverride = 127.0.0.1;localhost;*.local

uSearchURL,(Default) = hxxp://www.google.com/search?hl=en&q=keyword&aq=f&oq=&aqi=g10

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - No File

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboForm.dll

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: : {8da5457f-a8aa-4ccf-a842-70e6fd274094} - c:\progra~1\common~1\wintools\WToolsT.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: ZeroBar: {f5735c15-1fb2-41fe-ba12-242757e69dde} - c:\program files\netzero\Toolbar.dll

TB: ZeroBar: {f0f8ecbe-d460-4b34-b007-56a92e8f84a7} - c:\program files\netzero\Toolbar.dll

TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboForm.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

TB: {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - No File

EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

uRun: [RemoteCenter] c:\program files\creative\mediasource\remotecontrol\RcMan.exe

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [MtdAcq] c:\program files\creative\shared files\media sniffer\MtdAcq.exe /s

uRun: [RemoteControl]

uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1

uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"

mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe

mRun: [PRONoMgr.exe] c:\program files\intel\prosetwireless\ncs\proset\PRONoMgr.exe

mRun: [synTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe

mRun: [PinnacleDriverCheck] c:\windows\system32\PSDrvCheck.exe -CheckReg

mRun: [sbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor

mRun: [updReg] c:\windows\UpdReg.EXE

mRun: [HPHmon04] c:\windows\system32\hphmon04.exe

mRun: [<NO NAME>]

mRun: [AT&T Communication Manager] "c:\program files\at&t\connection software\ATTCM.exe" -a

mRun: [RemoteCenter]

mRun: [CTSysVol] c:\program files\creative\sblive 24-bit external\surround mixer\CTSysVol.exe /r

mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"

mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

mRun: [intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [DcyvoCqXiFehT.exe] c:\documents and settings\all users\application data\DcyvoCqXiFehT.exe

StartupFolder: c:\docume~1\owner\startm~1\programs\startup\pmbmed~1.lnk - c:\program files\sony\sony picture utility\pmbcore\SPUVolumeWatcher.exe

uPolicies-explorer: NoDesktop = 1 (0x1)

IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html

IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office10\EXCEL.EXE/3000

IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html

IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html

IE: Send To &Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html

IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

LSP: bmnet.dll

Trusted Zone: aol.com\free

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB

DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab

DPF: {4D0A481A-7155-498C-84D8-9CB84DEA237E} - hxxp://99.172.97.150:82/DVROcxEx.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} - hxxp://support.gateway.com/support/serialharvest/gwCID.CAB

DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 68.87.72.134 68.87.77.134

TCP: Interfaces\{1206C335-1F6C-40A4-8AA5-DE3110611B40} : DhcpNameServer = 68.87.72.134 68.87.77.134

Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL

Handler: g7ps - {9EACF0FB-4FC7-436E-989B-3197142AD979} - c:\program files\common files\g7ps\shared files\g7psdll\G7PS.dll

Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - c:\program files\intuit\quickbooks 2011\HelpAsyncPluggableProtocol.dll

Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll

Notify: igfxcui - igfxsrvc.dll

Notify: Sebring - c:\windows\system32\LgNotify.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

Hosts: 127.0.0.1 www.spywareinfo.com

.

============= SERVICES / DRIVERS ===============

.

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-1-27 652872]

R2 QBVSS;QBIDPService;c:\program files\common files\intuit\dataprotect\QBIDPService.exe [2010-9-17 1251840]

R3 hpnuhst;HP NUSB Host;c:\windows\system32\drivers\hpnuhst.sys [2008-9-15 12032]

R3 HPNUHUB;HP NUSB Hub;c:\windows\system32\drivers\hpnuhub.sys [2008-9-15 39424]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-1-27 20464]

S2 GilderCard;GilderCard;\??\c:\windows\system32\gildercard.sys --> c:\windows\system32\GilderCard.sys [?]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-18 136176]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [2011-3-19 30312]

S3 ATTRcAppSvc;AT&T RcAppSvc;c:\program files\at&t\connection software\RcAppSvc.exe [2008-7-10 111896]

S3 FANTOM;LEGO MINDSTORMS NXT Driver;c:\windows\system32\drivers\fantom.sys [2006-3-10 39424]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-18 136176]

S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2008-12-15 18688]

S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2008-12-15 8320]

S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2008-12-15 42112]

S3 Mp3Drv;SigmaTel Stmp3400 Mp3 Player Control Driver;c:\windows\system32\drivers\Mp3Drv.sys [2005-9-8 34802]

S3 NUVision;Pinnacle LINX;c:\windows\system32\drivers\Nuvision.sys [2005-3-11 136352]

S3 sbusb;Sound Blaster USB Audio Driver;c:\windows\system32\drivers\sbusb.sys [2005-8-25 1643648]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2011-3-19 96488]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2011-3-19 12776]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2011-3-19 121576]

S3 StScsi;StScsi;c:\windows\system32\drivers\StScsi.sys [2005-9-8 48429]

.

=============== Created Last 30 ================

.

2012-01-04 03:50:59 -------- d--h--w- c:\program files\GridinSoft Trojan Killer

2012-01-04 00:59:36 355206 ---ha-w- c:\documents and settings\all users\application data\8m3feguO4QgYYt.exe

2012-01-04 00:56:33 441222 ---ha-w- c:\documents and settings\all users\application data\DcyvoCqXiFehT.exe

.

==================== Find3M ====================

.

2011-12-10 21:24:06 20464 ---ha-w- c:\windows\system32\drivers\mbam.sys

2011-12-02 00:56:59 414368 ---ha-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-11-23 13:25:32 1859584 ---ha-w- c:\windows\system32\win32k.sys

2011-11-04 19:20:51 916992 ---ha-w- c:\windows\system32\wininet.dll

2011-11-04 19:20:51 43520 ---ha-w- c:\windows\system32\licmgr10.dll

2011-11-04 19:20:51 1469440 ---ha-w- c:\windows\system32\inetcpl.cpl

2011-11-04 11:23:59 385024 ---ha-w- c:\windows\system32\html.iec

2011-11-01 16:07:10 1288704 ---ha-w- c:\windows\system32\ole32.dll

2011-10-28 05:31:48 33280 ---ha-w- c:\windows\system32\csrsrv.dll

2011-10-25 13:33:08 2192768 ---ha-w- c:\windows\system32\ntoskrnl.exe

2011-10-25 12:52:03 2069376 ---ha-w- c:\windows\system32\ntkrnlpa.exe

2011-10-18 11:13:22 186880 ---ha-w- c:\windows\system32\encdec.dll

2011-10-10 14:22:41 692736 ---ha-w- c:\windows\system32\inetcomm.dll

.

============= FINISH: 10:23:46.29 ===============

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.