Jump to content

Blocking of and

Recommended Posts

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

Link to post
Share on other sites

  • 2 weeks later...

hi i have the same problem aswell i hope you can help me those german ips bother too much and i am aware my pc is possibly infected with the "virut" virus i have tried many programs and it just comes out again after i turn my internet on, heres my dds log:


DDS (Ver_2011-06-23.01) - NTFSx86

Internet Explorer: 6.0.2900.2180

Run by Owner at 15:29:47 on 2011-07-09

Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.503.85 [GMT -6:00]



============== Running Processes ===============


C:\WINDOWS\system32\svchost -k DcomLaunch


C:\WINDOWS\System32\svchost.exe -k netsvcs








C:\Program Files\QuickTime\qttask.exe



C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\PC Tools Security\pctsGui.exe

C:\Program Files\PC Tools Security\BDT\FGuard.exe

C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe


C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe


C:\Program Files\PC Tools Security\pctsAuxs.exe

C:\Program Files\PC Tools Security\pctsSvc.exe


C:\WINDOWS\System32\svchost.exe -k imgsvc

C:\Program Files\Mozilla Firefox\firefox.exe


============== Pseudo HJT Report ===============


uURLSearchHooks: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll

BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll

TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [KBD] c:\hp\kbd\KBD.EXE

mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE

mRun: [PS2] c:\windows\system32\ps2.exe

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [AlcxMonitor] ALCXMNTR.EXE

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [iSTray] "c:\program files\pc tools security\pctsGui.exe" /hideGUI

mRun: [PCTools FGuard] c:\program files\pc tools security\bdt\FGuard.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer =

TCP: Interfaces\{88EF3A55-11B5-4230-B608-92F898E48B46} : DhcpNameServer =

Notify: igfxcui - igfxsrvc.dll


============= SERVICES / DRIVERS ===============


R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2011-7-9 263888]

R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2011-7-9 338880]

R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2011-7-9 656320]

R1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\drivers\PCTSD.sys [2011-7-9 233976]

R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\pc tools security\bdt\BDTUpdateService.exe [2011-7-9 337872]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-10-1 366640]

R2 MsInstallPatch;Microsoft windows MsInstallPatch patch;c:\windows\system32\MsInstallPatch.exe [2011-7-9 207360]

R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\pc tools security\pctsAuxs.exe [2011-7-9 371472]

R2 sdCoreService;PC Tools Security Service;c:\program files\pc tools security\pctsSvc.exe [2011-7-9 1117144]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-10-15 22712]

S2 mrtRate;mrtRate; [x]


=============== Created Last 30 ================


2011-07-09 20:23:38 -------- d-----w- c:\documents and settings\owner\local settings\application data\Threat Expert

2011-07-09 20:13:49 767952 ----a-w- c:\windows\BDTSupport.dll

2011-07-09 20:13:48 2078672 ----a-w- c:\windows\PCTBDCore.dll

2011-07-09 20:13:48 1533904 ----a-w- c:\windows\PCTBDRes.dll

2011-07-09 20:13:48 149456 ----a-w- c:\windows\SGDetectionTool.dll

2011-07-09 20:12:26 656320 ----a-w- c:\windows\system32\drivers\pctEFA.sys

2011-07-09 20:12:26 338880 ----a-w- c:\windows\system32\drivers\pctDS.sys

2011-07-09 20:12:25 251560 ----a-w- c:\windows\system32\drivers\pctgntdi.sys

2011-07-09 20:12:07 263888 ----a-w- c:\windows\system32\drivers\PCTCore.sys

2011-07-09 20:12:07 160576 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys

2011-07-09 20:11:58 233976 ----a-w- c:\windows\system32\drivers\PCTSD.sys

2011-07-09 20:11:54 70664 ----a-w- c:\windows\system32\drivers\pctplsg.sys

2011-07-09 20:11:24 -------- d-----w- c:\program files\PC Tools Security

2011-07-09 20:11:24 -------- d-----w- c:\program files\common files\PC Tools

2011-07-09 18:58:11 -------- d-----w- c:\documents and settings\owner\application data\updates

2011-07-09 18:58:00 1 ----a-w- c:\documents and settings\owner\application data\3wiefeh72.tmp

2011-07-09 18:57:48 207360 ----a-w- c:\windows\system32\MsInstallPatch.exe

2011-07-09 18:51:06 -------- d-----w- c:\documents and settings\all users\application data\PC Tools


==================== Find3M ====================


2011-05-29 15:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-29 15:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys


============= FINISH: 15:31:27.21 ===============

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

This topic is now closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.