Jump to content

Recommended Posts

Hi, as specified please see the below txt files.

I really hope you can fix my laptop which has been so slow for months. I will upload the zipped attachments once the GMER has finished. I was a little unsure what boxes to UNTICK on this as there were so many? I left C:, Files and System all ticked

DSS.txt

.

DDS (Ver_11-03-05.01) - NTFSx86

Run by Abigail Jones at 21:46:02.06 on 11/04/2011

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24

.

============== Running Processes ===============

.

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Olympus\DeviceDetector\DM1Service.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\WINDOWS\system32\msconfig.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\wbem\unsecapp.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

C:\Documents and Settings\Abigail Jones\Desktop\dds.scr

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.co.uk/

uSearch Bar = hxxp://www.google.co.uk

uInternet Settings,ProxyOverride = *.local

BHO: txthlpBHO Class: {060235dc-6d84-47bd-95d7-a4ef5099a59d} - c:\progra~1\texthe~1\readan~1\TE3219~1.DLL

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"

uRun: [EPSON Stylus DX3800 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\E_FATIACE.EXE /P35 "EPSON Stylus DX3800 Series (Copy 1)" /M "Stylus DX3800" /EF "HKCU"

uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe

mRun: [EPSON Stylus DX3800 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\E_FATIACE.EXE /P35 "EPSON Stylus DX3800 Series (Copy 1)" /O6 "USB002" /M "Stylus DX3800"

mRun: [EPSON Stylus Photo R300 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\E_S4I2F1.EXE /P39 "EPSON Stylus Photo R300 Series (Copy 1)" /O6 "USB001" /M "Stylus Photo R300"

mRun: [MSConfig] c:\windows\system32\msconfig.exe /auto

mRun: [updateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [QuickTime Task] "c:\program files\quicktime alternative\QTTask.exe" -atboottime

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [igfxtray] c:\windows\system32\igfxtray.exe

mRun: [igfxpers] c:\windows\system32\igfxpers.exe

mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe

mRun: [EPSON Stylus Photo R300 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S4I2F1.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300"

mRun: [EPSON Stylus DX3800 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"

mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"

mRun: [dla] c:\windows\system32\dla\tfswctrl.exe

mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab

DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} - hxxp://www.ipix.com/download/ipixx.cab

DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www1.snapfish.co.uk/SnapfishUKActivia.cab

DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1005.cab

DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader3.cab

DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader.cab

DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} - hxxp://www.parallelgraphics.com/bin/cortvrml.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - hxxp://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: igfxcui - igfxdev.dll

AppInit_DLLs: themeedit.dll cscext.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\docume~1\abigai~1\applic~1\mozilla\firefox\profiles\rubmrhhr.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - www.google.co.uk

FF - plugin: c:\documents and settings\abigail jones\application data\mozilla\firefox\profiles\rubmrhhr.default\extensions\{1bc9ba34-1eed-42ca-a505-6d2f1a935bbb}\plugins\npietab2.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60129.0\npctrlui.dll

FF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin8.dll

FF - plugin: c:\program files\quicktime alternative\plugins\npqtplugin.dll

FF - plugin: c:\program files\quicktime alternative\plugins\npqtplugin2.dll

FF - plugin: c:\program files\quicktime alternative\plugins\npqtplugin3.dll

FF - plugin: c:\program files\quicktime alternative\plugins\npqtplugin4.dll

FF - plugin: c:\program files\quicktime alternative\plugins\npqtplugin5.dll

FF - plugin: c:\program files\quicktime alternative\plugins\npqtplugin6.dll

FF - plugin: c:\program files\quicktime alternative\plugins\npqtplugin7.dll

FF - plugin: c:\program files\quicktime alternative\plugins\npqtplugin8.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

.

============= SERVICES / DRIVERS ===============

.

R? fsssvc;Windows Live Family Safety Service

R? INQ1usbser;INQ1 USB Device for Legacy Serial Communication

R? Lavasoft Kernexplorer;Lavasoft helper driver

R? MpKsl1ecc6dfe;MpKsl1ecc6dfe

R? MpKsl2f8ea348;MpKsl2f8ea348

R? MpKsl4e231ed1;MpKsl4e231ed1

R? MpKsl51a21ead;MpKsl51a21ead

R? MpKsl8f780756;MpKsl8f780756

R? MpKsle1a68413;MpKsle1a68413

S? fssfltr;fssfltr

S? Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service

S? Lbd;Lbd

S? MpFilter;Microsoft Malware Protection Driver

S? MpKslb20c640e;MpKslb20c640e

S? TomTomHOMEService;TomTomHOMEService

.

=============== Created Last 30 ================

.

2011-04-11 20:03:47 28752 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{86296c3a-9c1e-4453-9f9c-cc6364f9a6e8}\MpKslb20c640e.sys

2011-04-10 18:12:35 6792528 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{86296c3a-9c1e-4453-9f9c-cc6364f9a6e8}\mpengine.dll

2011-04-06 20:03:36 -------- d-----w- c:\docume~1\abigai~1\applic~1\Malwarebytes

2011-04-06 20:02:44 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-04-06 20:02:17 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes

2011-04-06 20:01:59 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-04-06 20:01:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-04-06 19:40:36 -------- d-----w- c:\program files\FileASSASSIN

2011-03-27 18:23:04 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2011-03-20 11:35:03 135168 -c----w- c:\windows\system32\dllcache\shsvcs.dll

.

==================== Find3M ====================

.

2011-02-15 18:18:57 16432 ----a-w- c:\windows\system32\lsdelete.exe

2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll

2011-02-02 20:40:23 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-02-02 18:19:39 73728 ----a-w- c:\windows\system32\javacpl.cpl

.

============= FINISH: 22:23:05.10 ===============

mbam-log-2011-04-11 (20-12-41).txt

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6326

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

11/04/2011 20:15:41

mbam-log-2011-04-11 (20-15-41).txt

Scan type: Full scan (C:\|)

Objects scanned: 213227

Time elapsed: 2 hour(s), 2 minute(s), 41 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc\Start (Disabled.Cryptsvc) -> Bad: (4) Good: (2) -> Quarantined and deleted successfully.

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

Hello, and Welcome to Malwarebytes

If you think you are infected, here are the steps needed to get your computer cleaned....

Please read the following so that you can begin the cleaning process:

You have 3 Options that you can choose from as listed below:

[*]Option 1

Link to post
Share on other sites

The GMER may have crashed my laptop as it did a Blue Screen error. I guess I will try again tomorrow. Is the attached enough info to go on?Attach.zip

:welcome:

Please make sure not to run the tools without a trained individual assisting you(aside from the directions link Firefox posted). Doing so can cause more damage to your system.:)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.