Jump to content

Recommended Posts

  • 2 weeks later...
  • 2 weeks later...

Hi screen317. I too have the same problem with Whitesmoke toolbar. I did as u instructed and here are my two logs. I was hoping you could help me.

DDS

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by HP at 13:21:45 on 2011-11-09

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.146 [GMT -8:00]

.

AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\AVAST Software\Avast\avastUI.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\LSI SoftModem\agrsmsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.inbox.com/homepage.aspx?tbid=80117&lng=en

uSearch Bar = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: H - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AppGraffiti: {6f6a5334-78e9-4d9b-8182-8b41ea8c39ef} - c:\progra~1\appgra~1\APPGRA~1.DLL

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File

uRun: [ares] "c:\program files\ares\Ares.exe" -h

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [Google Update] "c:\documents and settings\hp\local settings\application data\google\update\GoogleUpdate.exe" /c

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [steam] "c:\program files\steam\Steam.exe" -silent

mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1314653687468

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{3AF5352B-8E8E-4374-99C2-C7262886A7A6} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{4470906E-3C8C-4976-AD76-A28B5F45F853} : DhcpNameServer = 192.168.1.254

Notify: AtiExtEvent - Ati2evxx.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\hp\application data\mozilla\firefox\profiles\2ahk0eto.default\

FF - prefs.js: browser.startup.homepage - msn.com

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3007394&SearchSource=2&q=

FF - plugin: c:\documents and settings\hp\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\documents and settings\hp\local settings\application data\unity\webplayer\loader\npUnity3D32.dll

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: c:\program files\onlive\plugin\npolgdet.dll

.

============= SERVICES / DRIVERS ===============

.

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-8-29 371544]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-8-29 301528]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-8-29 19544]

R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-8-29 42184]

R3 CXFALCON;Conexant Falcon II NTSC Video Capture;c:\windows\system32\drivers\cxfalcon.sys [2006-2-9 80384]

R4 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-11-9 41272]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-8-30 136176]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-8-30 136176]

S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8192cu.sys --> c:\windows\system32\drivers\RTL8192cu.sys [?]

.

=============== Created Last 30 ================

.

2011-11-09 21:16:05 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-11-09 21:15:59 -------- d-----w- c:\documents and settings\hp\application data\Malwarebytes

2011-11-09 21:13:35 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2011-11-09 21:13:31 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-09 21:13:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

.

==================== Find3M ====================

.

2011-11-09 21:24:15 54016 ----a-w- c:\windows\system32\drivers\mxatiut.sys

2011-09-26 18:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 18:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-26 18:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll

2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys

2011-09-03 10:17:37 599040 ----a-w- c:\windows\system32\crypt32(3).dll

2011-09-01 05:38:08 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-08-29 21:31:27 376832 ----a-w- c:\windows\system32\AegisI5Installer.exe

2011-08-29 21:31:27 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys

2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll

2011-08-22 23:48:54 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-08-22 23:48:54 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-08-22 11:56:39 385024 ----a-w- c:\windows\system32\html.iec

2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys

.

============= FINISH: 13:25:14.64 ===============

MBAM

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8127

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

11/9/2011 3:32:18 PM

mbam-log-2011-11-09 (15-32-18).txt

Scan type: Quick scan

Objects scanned: 153509

Time elapsed: 2 minute(s), 27 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.