Jump to content

Recommended Posts

I had a rootkit removed and then encountered a that my internet searches were being redirected. That seems better but I still have glitches with my computer I could use help with. The latest issue is that whenever I try to print I get the following: The Interactive Services Detection Icon appears (never had before the virus attack). I get the following error message: Microsoft Visual C++ Debug Library C:\windows\system32\spoolsv.exe

I welcome suggestions.

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Let's ensure that the infection is gone first.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post DDS.txt directly into your reply.

Link to post
Share on other sites

Here are the logs...

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6176

Windows 6.1.7601 Service Pack 1

Internet Explorer 8.0.7601.17514

3/26/2011 1:17:18 PM

mbam-log-2011-03-26 (13-17-18).txt

Scan type: Full scan (C:\|)

Objects scanned: 296750

Time elapsed: 32 minute(s), 19 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

.

==== Installed Programs ======================

.

.

2007 Microsoft Office system

Activation Assistant for the 2007 Microsoft Office suites

Adams Personal Legal Forms and Agreements CD

Adobe AIR

Apple Application Support

Apple Mobile Device Support

Apple Software Update

avast! Internet Security

Bonjour

CCleaner

Creative Audio Control Panel

Creative Software AutoUpdate

Creative Sound Blaster Properties

Defraggler

Facebook Plug-In

Furcadia

Google Chrome

iSEEK AnswerWorks English Runtime

iTunes

Lexmark 1300 Series

MapleStory

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft IntelliPoint 8.0

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional Hybrid 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

MobileMe Control Panel

Nexon Game Manager

NVIDIA Drivers

NVIDIA PhysX

NVIDIA Stereoscopic 3D Driver

OGA Notifier 2.0.0048.0

Panda Internet Security 2011

QuickTime

Roblox

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2289158)

Security Update for 2007 Microsoft Office System (KB2344875)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB2345035)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB982158)

Security Update for Microsoft Office PowerPoint Viewer (KB2413381)

Security Update for Microsoft Office Publisher 2007 (KB2284697)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Shutterfly Express Uploader

Sid Meier's Civilization V

Steam

TurboTax 2009

TurboTax 2009 waziper

TurboTax 2009 WinPerFedFormset

TurboTax 2009 WinPerReleaseEngine

TurboTax 2009 WinPerTaxSupport

TurboTax 2009 wrapper

Unity Web Player

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Outlook 2007 (KB2412171)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update for Outlook 2007 Junk Email Filter (KB2508979)

Windows Media Player Firefox Plugin

Wizard101

WolfQuest

World of Warcraft

.

==== End Of File ===========================

.

DDS (Ver_11-03-05.01) - NTFSx86

Run by standard at 13:20:31.30 on Sat 03/26/2011

Internet Explorer: 8.0.7601.17514

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\Creative\Shared Files\CTAudSvc.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Program Files\AVAST Software\Avast\afwServ.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\lxdccoms.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Lexmark 1300 Series\lxdcamon.exe

C:\Users\Public\Games\World of Warcraft\WoW.exe

C:\Program Files\Roblox\Versions\version-2b18f293e6da4dcc\RobloxApp.exe

C:\Users\standard\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\standard\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\rundll32.exe

C:\Users\standard\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\standard\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\standard\Downloads\dds (3).scr

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = <local>;*.local

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

uRun: [Google Update] "c:\users\standard\appdata\local\google\update\GoogleUpdate.exe" /c

mRun: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry

mRun: [P17Helper] Rundll32 SPIRun.dll,RunDLLEntry

mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"

mRun: [lxdcmon.exe] "c:\program files\lexmark 1300 series\lxdcmon.exe"

mRun: [lxdcamon] "c:\program files\lexmark 1300 series\lxdcamon.exe"

uPolicies-explorer: RestrictRun = 0 (0x0)

mPolicies-explorer: RestrictRun = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

Trusted Zone: intuit.com\ttlc

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

.

============= SERVICES / DRIVERS ===============

.

R? b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0

R? btusbflt;Bluetooth USB Filter

R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86

R? Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service

R? lxdcCATSCustConnectService;lxdcCATSCustConnectService

R? TsUsbFlt;TsUsbFlt

R? WatAdminSvc;Windows Activation Technologies Service

S? aswFsBlk;aswFsBlk

S? aswFW;avast! TDI Firewall driver

S? aswMonFlt;aswMonFlt

S? aswNdis;avast! Firewall NDIS Filter Service

S? aswNdis2;avast! Firewall Core Firewall Service

S? aswSnx;aswSnx

S? aswSP;aswSP

S? avast! Antivirus;avast! Antivirus

S? avast! Firewall;avast! Firewall

S? lxdc_device;lxdc_device

S? RTL8167;Realtek 8167 NT Driver

S? Stereo Service;NVIDIA Stereoscopic 3D Driver Service

.

=============== Created Last 30 ================

.

2011-03-26 06:17:21 1235712 ----a-w- c:\progra~2\SPLB50B.tmp

2011-03-26 05:44:58 1235712 ----a-w- c:\progra~2\SPL66AE.tmp

2011-03-26 05:32:57 103936 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\lxdcdrpp.dll

2011-03-26 05:31:29 999424 ----a-w- c:\windows\system32\lxdcusb1.dll

2011-03-26 05:31:29 700416 ----a-w- c:\windows\system32\lxdchbn3.dll

2011-03-26 05:31:29 684032 ----a-w- c:\windows\system32\lxdccomc.dll

2011-03-26 05:31:29 585728 ----a-w- c:\windows\system32\lxdclmpm.dll

2011-03-26 05:31:29 537520 ----a-w- c:\windows\system32\lxdccoms.exe

2011-03-26 05:31:29 425984 ----a-w- c:\windows\system32\lxdccomm.dll

2011-03-26 05:31:29 413696 ----a-w- c:\windows\system32\lxdcinpa.dll

2011-03-26 05:31:29 397312 ----a-w- c:\windows\system32\lxdciesc.dll

2011-03-26 05:31:29 1232896 ----a-w- c:\windows\system32\lxdcserv.dll

2011-03-25 16:41:14 -------- d-s---w- C:\ComboFix

2011-03-25 11:09:31 6792528 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{26b59704-b48f-4d75-acec-d5ca58618a59}\mpengine.dll

2011-03-24 03:04:07 333066941 ----a-w- c:\windows\trzBAC2.tmp

2011-03-24 00:57:42 1748260 ----a-w- c:\progra~2\SPLFF7A.tmp

2011-03-22 13:56:51 161792 ----a-w- c:\windows\system32\d3d10_1.dll

2011-03-22 05:26:37 -------- d-----w- c:\windows\system32\SPReview

2011-03-22 05:04:08 103936 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\1_lxdcdrpp.dll

2011-03-22 04:52:20 -------- d-----w- C:\lexmark

2011-03-21 15:20:06 -------- d-sh--w- C:\$RECYCLE.BIN

2011-03-21 15:14:45 -------- d-----w- c:\users\standard\appdata\local\Apple

2011-03-21 15:02:04 -------- d-----w- c:\users\standard\appdata\roaming\Uniblue

2011-03-21 15:01:36 -------- d-----w- c:\users\standard\appdata\local\PackageAware

2011-03-21 01:50:39 -------- d-----w- c:\windows\system32\EventProviders

2011-03-21 01:41:46 805376 ----a-w- c:\windows\system32\FntCache.dll

2011-03-21 01:41:46 739840 ----a-w- c:\windows\system32\d2d1.dll

2011-03-21 01:41:46 1076736 ----a-w- c:\windows\system32\DWrite.dll

2011-03-21 01:14:33 -------- d-----w- c:\program files\Microsoft IntelliPoint

2011-03-21 01:03:55 27676 ----a-w- c:\progra~2\SPL8610.tmp

2011-03-21 00:54:51 27676 ----a-w- c:\progra~2\SPLEBC4.tmp

2011-03-21 00:30:40 -------- d-----w- c:\users\standard\appdata\local\Adobe

2011-03-20 01:40:04 850944 ----a-w- c:\windows\system32\sbe.dll

2011-03-20 01:40:04 642048 ----a-w- c:\windows\system32\CPFilters.dll

2011-03-20 01:40:04 534528 ----a-w- c:\windows\system32\EncDec.dll

2011-03-20 01:40:04 199680 ----a-w- c:\windows\system32\mpg2splt.ax

2011-03-19 23:39:34 3947965 ----a-w- c:\progra~2\SPL7770.tmp

2011-03-19 22:48:48 3947965 ----a-w- c:\progra~2\SPL9DF3.tmp

2011-03-19 22:46:28 9723731 ----a-w- c:\progra~2\SPL4989.tmp

2011-03-15 03:56:18 101976 ----a-w- c:\windows\system32\drivers\aswFW.sys

2011-03-15 03:56:05 192728 ----a-w- c:\windows\system32\drivers\aswNdis2.sys

2011-03-15 03:56:04 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2011-03-15 03:56:04 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-03-15 03:55:42 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys

2011-03-15 03:55:34 -------- d-----w- c:\program files\AVAST Software

2011-03-15 03:55:34 -------- d-----w- c:\progra~2\AVAST Software

2011-03-15 03:22:44 -------- d-----w- c:\windows\LMI8EC8.tmp

2011-03-15 02:24:20 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-03-15 02:24:17 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-03-15 01:36:03 -------- d-----w- c:\windows\LMI42D9.tmp

2011-03-14 20:56:09 -------- d-----w- C:\$WINDOWS.~BT

2011-03-10 14:17:05 1279660 ----a-w- c:\progra~2\SPL9125.tmp

2011-03-10 05:30:39 -------- d-----w- c:\program files\iTunes

2011-03-10 05:30:39 -------- d-----w- c:\program files\iPod

2011-03-10 05:21:12 -------- d-----w- c:\program files\Bonjour

2011-03-06 19:36:48 -------- d-----w- c:\program files\Yontoo Layers Client

.

==================== Find3M ====================

.

2011-03-22 05:29:21 152576 ----a-w- c:\windows\system32\msclmd.dll

2011-02-23 15:04:21 40648 ----a-w- c:\windows\avastSS.scr

2011-02-03 01:11:20 222080 ------w- c:\windows\system32\MpSigStub.exe

2011-01-07 22:56:12 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll

2011-01-07 07:46:34 870912 ----a-w- c:\windows\system32\XpsPrint.dll

2011-01-07 07:46:34 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2011-01-07 07:45:57 34304 ----a-w- c:\windows\system32\atmlib.dll

2011-01-07 06:01:22 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-01-07 05:43:36 294400 ----a-w- c:\windows\system32\atmfd.dll

2011-01-05 05:55:55 428032 ----a-w- c:\windows\system32\vbscript.dll

2011-01-05 03:51:01 2330624 ----a-w- c:\windows\system32\win32k.sys

.

============= FINISH: 13:22:06.50 ===============

Link to post
Share on other sites

  • 5 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.