Jump to content

DDS.txt ATTACH.txt help!


Recommended Posts

help

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by bill at 10:37:05 on 2012-05-18

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.254.24 [GMT -7:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Microsoft Security Client\msseces.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\System32\rundll32.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\notepad.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

.

============== Pseudo HJT Report ===============

.

uSearch Page = hxxp://www.google.com

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uWindow Title = Internet Explorer, optimized for Bing and MSN

uStart Page = hxxp://www.google.com/

uInternet Connection Wizard,ShellNext = iexplore

TB: {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - No File

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

uRun: [Dream Aquarium] rundll32.exe "c:\documents and settings\bill\application data\garagegames\dream aquarium\kqvmhsnik.dll",DllRegisterServer

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [pAflJBODLBxfsV.exe] c:\documents and settings\all users\application data\pAflJBODLBxfsV.exe

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

dRun: [Dream Aquarium] rundll32.exe "c:\documents and settings\bill\application data\garagegames\dream aquarium\kqvmhsnik.dll",DllRegisterServer

uPolicies-explorer: ForceClassicControlPanel = 1 (0x1)

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

Trusted Zone: internet

Trusted Zone: mcafee.com

Trusted Zone: tenderfoot.com

DPF: {01025D1C-BB03-4369-8344-732CD0DCCCF0} - hxxp://www.geforce.com/services_toolkit/ShimGen/1.1.28.1/GPU_Reader.cab

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6886.cab

DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.3.16.0.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{E5074258-9E30-449D-AE7B-CA86047EA775} : DhcpNameServer = 192.168.1.1

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

Hosts: 127.0.0.1 www.spywareinfo.com

.

============= SERVICES / DRIVERS ===============

.

R0 03409702;03409702 Boot Guard Driver;c:\windows\system32\drivers\03409702.sys [2011-4-25 37392]

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]

R1 03409701;03409701;c:\windows\system32\drivers\03409701.sys [2011-4-25 128016]

S2 gupdate1c9b3fb9e9e1736;Google Update Service (gupdate1c9b3fb9e9e1736);c:\program files\google\update\GoogleUpdate.exe [2009-4-2 133104]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-10 257696]

S3 cpudrv;cpudrv; [x]

S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-4-2 133104]

S3 Radialpoint Security Services;Verizon PC Security Checkup Service;c:\program files\verizon\pc security checkup\RpsSecurityAwareR.exe [2010-6-12 170736]

S4 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; [x]

.

=============== Created Last 30 ================

.

2012-05-18 16:47:30 -------- d-----w- C:\TDSSKiller_Quarantine

2012-05-18 14:25:27 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9a3ca95c-694e-4568-99c6-c65235fb52f7}\offreg.dll

2012-05-18 13:46:38 6737808 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9a3ca95c-694e-4568-99c6-c65235fb52f7}\mpengine.dll

2012-05-18 13:46:38 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-05-18 13:42:30 -------- d-----w- c:\program files\Microsoft Security Client

2012-05-13 03:15:47 1409 ----a-w- c:\windows\system32\tmpF6ED1.FOT

2012-05-12 16:00:44 -------- d-----w- C:\fda0b42efdcfeb5f7db793275b04

.

==================== Find3M ====================

.

2012-05-05 01:51:09 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-05-05 01:51:09 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-04-11 13:12:06 1862272 ----a-w- c:\windows\system32\win32k.sys

2012-04-11 13:10:58 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-04-11 12:35:52 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-03-21 03:44:12 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys

2012-03-01 11:01:32 916992 ----a-w- c:\windows\system32\wininet.dll

2012-03-01 11:01:32 43520 ------w- c:\windows\system32\licmgr10.dll

2012-03-01 11:01:32 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-02-29 14:10:16 177664 ----a-w- c:\windows\system32\wintrust.dll

2012-02-29 14:10:16 148480 ----a-w- c:\windows\system32\imagehlp.dll

2012-02-29 12:17:40 385024 ------w- c:\windows\system32\html.iec

.

============= FINISH: 10:40:12.95 ===============

attach.txt

dds.txt

Link to post
Share on other sites

Welcome to the forum.

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system (don't run any other options, they're not all bad!)

Post back the report.

MrC

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.