Jump to content

spigot applicationUpdater/wigitools


Recommended Posts

Hope I am doing this right

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: ChromeFrame BHO: {ecb3c477-1a0a-44bd-bb57-78f9efe34fa7} - c:\program files\google\chrome frame\application\13.0.782.215\npchrome_frame.dll

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [NUSB3MON] "c:\program files\nec electronics\usb 3.0 host controller driver\application\nusb3mon.exe"

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

mRun: [98614 Wireless Keyboard and Mouse Combo] c:\program files\98614 thin-profile keyboard & mouse\Wireless KeyboardKM.exe

mRun: [<NO NAME>]

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1257973540671

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1257973534406

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

TCP: DhcpNameServer = 65.32.5.111 65.32.5.112

TCP: Interfaces\{4309B31F-4BB4-48C1-90DC-81E75F5C3615} : DhcpNameServer = 65.32.5.111 65.32.5.112

TCP: Interfaces\{B7C0CD40-89A2-4F30-9819-1A71CDC62CB7} : DhcpNameServer = 65.32.5.111 65.32.5.112

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll

Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - c:\program files\google\chrome frame\application\13.0.782.215\npchrome_frame.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll

Notify: AtiExtEvent - Ati2evxx.dll

Notify: avgrsstarter - avgrsstx.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll

Hosts: 127.0.0.1 www.spywareinfo.com

.

============= SERVICES / DRIVERS ===============

.

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-3-4 64512]

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-11-21 216400]

R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-11-21 29584]

R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-11-21 243152]

R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-18 308136]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-5-25 2151640]

R3 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-7-18 921952]

R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-5-25 15232]

R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2010-2-24 60544]

R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2010-2-24 141568]

R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2010-10-23 30392]

S2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2011-6-24 393112]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-11-25 136176]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-10-23 1691480]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-11-25 136176]

S3 MSICDSetup;MSICDSetup;\??\d:\cdriver.sys --> d:\CDriver.sys [?]

.

=============== Created Last 30 ================

.

2011-08-20 20:29:35 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys

2011-08-20 20:29:14 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys

2011-08-18 23:16:14 39424 ----a-w- c:\windows\system32\sens32.dll

2011-08-14 20:29:45 -------- d-----w- c:\documents and settings\owner\application data\Search Settings

2011-08-14 20:29:44 -------- d-----w- c:\program files\Application Updater

2011-08-14 20:29:27 -------- d-----w- c:\windows\system32\custom matrices

2011-08-14 01:08:54 -------- d-----w- c:\windows\system32\QuickTime

2011-08-14 01:08:54 -------- d-----w- c:\windows\system32\C2MP

2011-08-13 03:35:05 -------- d-----w- c:\documents and settings\all users.windows\application data\DivX

2011-08-09 16:01:58 -------- d-----w- c:\program files\Pando Networks

2011-08-02 20:52:49 -------- d-----w- C:\WoW screens

2011-07-31 18:47:46 3577856 ----a-w- c:\windows\system32\ffdshow.ax

2011-07-31 18:31:38 3854848 ----a-w- c:\windows\system32\ffmpeg.dll

.

==================== Find3M ====================

.

2011-07-19 19:08:04 74752 ----a-w- c:\windows\system32\ff_vfw.dll

2011-07-19 19:06:48 259584 ----a-w- c:\windows\system32\TomsMoComp_ff.dll

2011-07-19 19:06:36 158208 ----a-w- c:\windows\system32\ff_unrar.dll

2011-07-19 19:06:34 96768 ----a-w- c:\windows\system32\ff_wmv9.dll

2011-07-19 19:06:34 1524224 ----a-w- c:\windows\system32\ff_samplerate.dll

2011-07-19 19:06:32 145920 ----a-w- c:\windows\system32\ff_libmad.dll

2011-07-19 19:06:30 136704 ----a-w- c:\windows\system32\libmpeg2_ff.dll

2011-07-19 19:06:30 113664 ----a-w- c:\windows\system32\ff_liba52.dll

2011-07-19 19:06:28 327680 ----a-w- c:\windows\system32\ff_libfaad2.dll

2011-07-19 19:06:28 211456 ----a-w- c:\windows\system32\ff_libdts.dll

2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys

2011-07-06 23:52:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-07-06 23:52:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-07-02 03:38:18 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2011-06-24 14:10:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2011-06-23 18:33:49 919552 ----a-w- c:\windows\system32\wininet.dll

2011-06-23 18:33:49 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-06-23 18:33:49 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-06-23 12:19:29 385024 ----a-w- c:\windows\system32\html.iec

2011-06-20 17:44:52 293376 ----a-w- c:\windows\system32\winsrv.dll

2011-06-13 13:34:09 16432 ----a-w- c:\windows\system32\lsdelete.exe

2011-06-02 14:02:05 1858944 ----a-w- c:\windows\system32\win32k.sys

2011-05-30 13:42:50 240640 ----a-w- c:\windows\system32\xvidvfw.dll

2009-06-04 00:22:54 44 ---ha-w- c:\program files\3a7b80af.tmp

.

============= FINISH: 8:44:43.17 ===============

attach.txt

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

  • 2 weeks later...
  • 1 month later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.