Jump to content

Recommended Posts

Well, I'm having a slight problem. I've used Malwarebytes many times to get those annoying virus's off (Xp Anti-Spyware 2011 and Windows Internet Security 2011), but I seem to keep getting them, constantly. I've gotten it twice already int he past month, so I'm worried. Were files damaged or it something letting them in? My Current scanners are not Alerting me also, they are no use to these Virus's.

I have a Windows XP Professional with service pack 3, if that's any help! Thanks!

Also, I'm not very tech-savy, so please be patient with me!

Link to post
Share on other sites

here is my Last Log, I Just did this scan.

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6696

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

5/27/2011 7:55:35 PM

mbam-log-2011-05-27 (19-55-35).txt

Scan type: Quick scan

Objects scanned: 212597

Time elapsed: 22 minute(s), 30 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 3

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ANTIVIRUSDISABLENOTIFY (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FIREWALLDISABLENOTIFY (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UPDATESDISABLENOTIFY (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

.

DDS (Ver_11-05-19.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20

Run by Douglas at 18:42:33 on 2011-05-28

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1791.1194 [GMT -7:00]

.

AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

============== Running Processes ===============

.

C:\PROGRA~1\AVG\AVG10\avgchsvx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe

C:\Program Files\AVG\AVG10\avgwdsvc.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\AVG\AVG10\avgnsx.exe

C:\Program Files\AVG\AVG10\avgemcx.exe

C:\WINDOWS\system32\lxdvcoms.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\PSIService.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\Pen_Tablet.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\WINDOWS\system32\Pen_Tablet.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\PROGRA~1\AVG\AVG10\avgrsx.exe

C:\Program Files\AVG\AVG10\avgcsrvx.exe

C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe

C:\WINDOWS\system32\Pen_Tablet.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe

C:\Program Files\Lexmark X5400 Series\lxdvamon.exe

C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\AVG\AVG10\avgtray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Documents and Settings\Douglas\My Documents\Downloads\dds.scr

C:\WINDOWS\system32\WSCRIPT.exe

.

============== Pseudo HJT Report ===============

.

uInternet Connection Wizard,ShellNext = iexplore

mSearchAssistant = hxxp://search.live.com/sphome.aspx

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC

mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName

mRun: [DrvLsnr] c:\program files\analog devices\soundmax\DrvLsnr.exe

mRun: [nwiz] nwiz.exe /install

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [lxdvmon.exe] "c:\program files\lexmark x5400 series\lxdvmon.exe"

mRun: [lxdvamon] "c:\program files\lexmark x5400 series\lxdvamon.exe"

mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop elements 5.0\apdproxy.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"

mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"

mRun: [DSS] c:\windows\bbstore\dss\DSSAGENT.EXE

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe

mRunServices: [Keyboard Manager] c:\program files\netropa\one-touch multimedia keyboard\MMKeybd.exe

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1305337887079

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\douglas\application data\mozilla\firefox\profiles\ybkq9p1z.default\

FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 251728]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 299984]

R1 msikbd2k;Multimedia Keyboard Filter Driver;c:\windows\system32\drivers\Msikbd2k.sys [2010-12-12 6783]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-10-22 265400]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-9-15 54752]

R2 lxdv_device;lxdv_device;c:\windows\system32\lxdvcoms.exe -service --> c:\windows\system32\lxdvcoms.exe -service [?]

R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2009-3-26 1373480]

R3 AE1000;Linksys AE1000 Driver;c:\windows\system32\drivers\AE1000XP.sys [2011-5-13 816672]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-8-3 136176]

S2 lxdvCATSCustConnectService;lxdvCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdvserv.exe [2008-11-30 98984]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-8-3 136176]

.

=============== Created Last 30 ================

.

2011-05-14 04:00:59 816672 ----a-r- c:\windows\system32\drivers\AE1000XP.sys

2011-05-14 04:00:59 226592 ----a-r- c:\windows\system32\RaCoInst.dll

2011-05-14 02:50:10 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll

2011-05-14 02:50:10 79872 ------w- c:\windows\system32\msxml6r.dll

2011-05-14 02:50:10 1372672 -c----w- c:\windows\system32\dllcache\msxml6.dll

2011-05-14 02:50:10 1372672 ------w- c:\windows\system32\msxml6.dll

2011-05-14 02:50:00 9728 ------w- c:\windows\system32\rwnh.dll

2011-05-14 02:50:00 9728 ------w- c:\windows\system32\comsdupd.exe

2011-05-14 02:50:00 46592 ------w- c:\windows\system32\drivers\irbus.sys

2011-05-14 02:44:49 63663 ------w- c:\windows\system32\drivers\ati1rvxx.sys

2011-05-14 02:42:46 19569 ----a-w- c:\windows\003160_.tmp

2011-05-14 01:44:51 -------- d-----w- c:\documents and settings\all users\application data\Cisco Systems

2011-05-13 22:59:57 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

.

==================== Find3M ====================

.

.

============= FINISH: 18:43:42.15 ===============

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebyes.

Bumping your topic makes it seem like you are already being helped, and as you've noticed, you were overlooked because of it.

Your version of MBAM is out of date. Please update it, run a Quick Scan, and post its log. Let me know what issues remain.

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.