Jump to content

Recommended Posts

Here is the logfile information as requested.

For some reason, when I zipped the files "attach.txt" and "ark.text" my computer named the zipped file, "ark.txt.zip" but both files are in there.

Immediately below is the copy/pasted DDS Log:

.

DDS (Ver_11-03-05.01) - NTFSx86

Run by Owner at 17:47:32.62 on Sun 05/08/2011

Internet Explorer: 7.0.5730.13

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.420 [GMT -7:00]

.

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\idt\wdm\STacSV.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe

C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\WINDOWS\system32\AESTFltr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe

C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe

C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\BumpTop\BumpTop.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Program Files\Griffin Technology\AirClick\AirClick.exe

C:\Program Files\ControlCenter4\BrCtrlCntr.exe

C:\Program Files\BumpTop\TexHelper.exe

C:\Program Files\BumpTop\TexHelper.exe

C:\Program Files\ControlCenter4\BrCcUxSys.exe

C:\Program Files\eFax Messenger 4.4\J2GTray.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Documents and Settings\Owner\Desktop\dds.scr

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://news.google.com/

uInternet Settings,ProxyOverride = 192.168.*.*;<local>;*.local

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll

TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [updateMgr] c:\program files\adobe\acrobat 7.0\acrobat\AdobeUpdateManager.exe AcPro7_1_0 -reboot 1

uRun: [eFax 4.4] "c:\program files\efax messenger 4.4\J2GDllCmd.exe" /R

uRun: [DriverFinder] c:\program files\driverfinder\DriverFinder.exe

uRun: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

uRun: [HLBackupScheduler] c:\program files\verizon v cast media manager\V CAST Backup Scheduler.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe

mRun: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg

mRun: [HP Mobile Broadband] c:\swsetup\hpqwwan\HPMobileBroadband.exe /TrayMode

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"

mRun: [blackBerryAutoUpdate] c:\program files\common files\research in motion\auto update\RIMAutoUpdate.exe /background

mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [DiscWizardMonitor.exe] c:\program files\seagate\discwizard\DiscWizardMonitor.exe

mRun: [AcronisTimounterMonitor] c:\program files\seagate\discwizard\TimounterMonitor.exe

mRun: [seagate Scheduler2 Service] "c:\program files\common files\seagate\schedule2\schedhlp.exe"

mRun: [ControlCenter4] c:\program files\controlcenter4\BrCcBoot.exe /autorun

mRun: [brStsMon00] c:\program files\browny02\brother\BrStMonW.exe /AUTORUN

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10e.exe

StartupFolder: c:\docume~1\owner\startm~1\programs\startup\airclick.lnk - c:\program files\griffin technology\airclick\AirClick.exe

StartupFolder: c:\docume~1\owner\startm~1\programs\startup\efax44~1.lnk - c:\program files\efax messenger 4.4\J2GTray.exe

StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-0000-7760-100000000002}\SC_Acrobat.exe

StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\bumptop.lnk - c:\program files\bumptop\BumpTop.exe

StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\deskto~1.lnk - c:\program files\research in motion\blackberry\DesktopMgr.exe

StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe

IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab

DPF: {928626A3-6B98-11CF-90B4-00AA00A4011F} - hxxp://www.homesteadhotels.com/minisite/accommodations/surround/MSSurVid.cab

DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

LSA: Authentication Packages = msv1_0 relog_ap

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

.

============= SERVICES / DRIVERS ===============

.

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-1-29 363344]

R2 MotoHelper;MotoHelper Service;c:\program files\motorola\motohelper\MotoHelperService.exe [2010-9-7 202048]

R2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files\common files\seagate\schedule2\schedul2.exe [2009-10-16 431456]

R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2010-2-5 113664]

R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2010-2-5 38912]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-2-6 20952]

S0 rxitry;rxitry; [x]

S0 ulhymth;ulhymth; [x]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-10 136176]

S3 090423696c352b2c;090423696c352b2c;\??\c:\windows\temp\8520a95f703c --> c:\windows\temp\8520a95f703c [?]

S3 225ba9caac34302d;225ba9caac34302d;\??\c:\windows\temp\85606623c1b8 --> c:\windows\temp\85606623c1b8 [?]

S3 256f4ac78c64c162;256f4ac78c64c162;\??\c:\windows\temp\852035e2c734 --> c:\windows\temp\852035e2c734 [?]

S3 3c24c780e0accb68;3c24c780e0accb68;\??\c:\windows\temp\8520622b5038 --> c:\windows\temp\8520622b5038 [?]

S3 400ce76878910ca1;400ce76878910ca1;\??\c:\windows\temp\86007c5e5ddc --> c:\windows\temp\86007c5e5ddc [?]

S3 8db0dd0dbc103175;8db0dd0dbc103175;\??\c:\windows\temp\8521fce41958 --> c:\windows\temp\8521fce41958 [?]

S3 b02646b64a3a72a4;b02646b64a3a72a4;\??\c:\windows\temp\8560d50f47a8 --> c:\windows\temp\8560d50f47a8 [?]

S3 BrYNSvc;BrYNSvc;c:\program files\browny02\BrYNSvc.exe [2011-3-29 245760]

S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [2010-9-7 6016]

S3 c8ed84480aae302e;c8ed84480aae302e;\??\c:\windows\temp\8520675ccac8 --> c:\windows\temp\8520675ccac8 [?]

S3 ca25c7e6f5098e7c;ca25c7e6f5098e7c;\??\c:\windows\temp\5880f6c441c0 --> c:\windows\temp\5880f6c441c0 [?]

S3 cpuz132;cpuz132;\??\c:\docume~1\owner\locals~1\temp\cpuz132\cpuz132_x32.sys --> c:\docume~1\owner\locals~1\temp\cpuz132\cpuz132_x32.sys [?]

S3 e0d016cc0268c5b1;e0d016cc0268c5b1;\??\c:\windows\temp\8520d01e3070 --> c:\windows\temp\8520d01e3070 [?]

S3 fd58fa9ee22fd4d2;fd58fa9ee22fd4d2;\??\c:\windows\temp\5880c183d0c0 --> c:\windows\temp\5880c183d0c0 [?]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-10 136176]

S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys --> c:\windows\system32\drivers\motccgp.sys [?]

S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2010-9-7 8320]

S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [2010-9-7 23424]

S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [2010-9-7 9472]

S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [2010-6-29 160256]

S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\drivers\rts516xir.sys --> c:\windows\system32\drivers\Rts516xIR.sys [?]

.

=============== Created Last 30 ================

.

2011-05-08 02:45:00 -------- d-----w- c:\program files\iPod

2011-05-08 02:44:53 -------- d-----w- c:\docume~1\alluse~1.win\applic~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2011-05-08 02:40:55 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll

2011-05-08 02:40:55 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll

2011-05-08 02:40:55 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll

2011-05-08 02:40:55 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll

2011-05-08 02:40:55 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll

2011-05-08 02:40:55 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll

2011-05-08 02:40:55 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll

2011-05-08 02:35:15 -------- d-----w- c:\program files\Bonjour

2011-05-02 02:21:36 -------- dc----w- C:\iTunes

2011-04-24 05:22:16 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\Temp

.

==================== Find3M ====================

.

2011-04-06 23:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll

2011-04-06 23:20:16 197920 ----a-w- c:\windows\system32\dnssdX.dll

2011-04-06 23:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe

2011-03-21 02:08:23 73728 ----a-w- c:\documents and settings\owner\zlib.dll

2011-03-21 02:08:23 585728 ----a-w- c:\documents and settings\owner\HPAsset.exe

2011-03-21 02:08:23 40960 ----a-w- c:\documents and settings\owner\hpmonZ.exe

2011-03-21 02:08:23 36208 ----a-w- c:\documents and settings\owner\Dscan16.dll

2011-03-21 02:08:23 2855 ----a-w- c:\documents and settings\owner\Smstub16.pif

2011-03-21 02:08:23 17477 ----a-w- c:\documents and settings\owner\Smstub16.exe

2011-03-17 15:53:44 1885536 ----a-w- c:\windows\system32\AutoPartNt.exe

2011-02-08 13:31:03 0 ----a-w- c:\windows\Xquqodeneqehexo.bin

2010-07-24 01:37:48 20350424 ----a-w- c:\program files\LightScribeSimpleLabeler_1.18.15.1.exe

.

============= FINISH: 17:55:40.29 ===============

Here is the Malware Bytes log file from teh scan I ran earlier today.

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6533

Windows 5.1.2600 Service Pack 3

Internet Explorer 7.0.5730.13

5/8/2011 3:36:05 PM

mbam-log-2011-05-08 (15-36-05).txt

Scan type: Full scan (C:\|)

Objects scanned: 271562

Time elapsed: 1 hour(s), 42 minute(s), 21 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

So what do I do now?

MARK B

mark@velocityla.com

Ark.txt.zip

Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.