Tech Support Forum - View Single Post

dburns · 12-02-2008, 09:07 PM

I need help removing malious files in my computer. I have the file/txt documents you described in the instructions to read before posting.Please be patient with me I am a computer dummy for the most part. Your help is greatly appreciated.

DDS (Version 1.0) - NTFSx86
Run by David Burns at 21:20:45.28 on Tue 12/02/2008
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.654 [GMT -6:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\aol\ACS\AOLacsd.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Common Files\aol\1132229713\ee\aolsoftware.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\DOCUME~1\DAVIDB~1\LOCALS~1\Temp\B5.tmp.exe
C:\Program Files\AOL 9.1a\waol.exe
C:\Program Files\AOL 9.1a\shellmon.exe
C:\WINDOWS\System32\msiexec.exe
C:\Documents and Settings\David Burns\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.aol.com/
uDefault_Page_URL = hxxp://www.dellnet.com
uLocal Page = \blank.htm
uInternet Settings,ProxyOverride = hxxp://localhost;
uURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx
BHO: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - c:\progra~1\blstoo~1\BLSTOO~1.DLL
BHO: {500BCA15-57A7-4eaf-8143-8C619470B13D} - c:\windows\system32\msxml71.dll
BHO: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: {971F630E-AD68-4d6e-B0C3-1C627AAC80F1} - c:\program files\gamingsquared\gaming2\G2IE_v1042.dll
TB: {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - c:\progra~1\blstoo~1\BLSTOO~1.DLL
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - c:\progra~1\blstoo~1\BLSTOO~1.DLL
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [AOL Fast Start] "c:\program files\aol 9.1a\AOL.EXE" -b
uRun: [Cognac] c:\docume~1\davidb~1\locals~1\temp\B5.tmp.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [DVDSentry] c:\windows\system32\DSentry.exe
mRun: [HelpCenter] c:\program files\bellsouth\helpcenter\bin\sprtcmd.exe /P HelpCenter
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpimag~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~2\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~2\INetRepl.dll
IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2007-12-15 207656]
R2 aawservice;Lavasoft Ad-Aware Service;"c:\program files\lavasoft\ad-aware\aawservice.exe" [2008-9-10 611664]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2007-12-15 358736]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2007-12-15 144704]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2007-12-15 605512]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2007-12-15 79240]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2007-12-15 35240]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2007-12-15 40488]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2007-12-15 34152]

=============== Created Last 30 ================

2008-12-02 20:53 250 a------- c:\windows\gmer.ini
2008-11-30 19:52 52,168 a------- C:\VETlog.dmp
2008-11-25 20:23 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2008-11-25 19:43 <DIR> --d----- c:\program files\NoAdware
2008-11-10 18:10 <DIR> --d----- c:\program files\Microsoft MapPoint
2008-11-10 18:10 <DIR> --d----- c:\program files\Microsoft Location Finder
2008-11-06 17:31 <DIR> --d----- c:\program files\Signal Communications

==================== Find3M ====================

2008-11-25 20:24 <DIR> --d----- c:\program files\Lavasoft
2008-11-20 17:21 105,476 a------- c:\windows\system32\msxml71.dll
2008-11-18 20:37 <DIR> --d----- c:\program files\QUICKENW
2008-11-18 17:09 <DIR> --d----- c:\program files\common files\Palo Alto Software
2008-11-14 19:28 <DIR> --d----- c:\program files\McAfee
2008-06-18 21:16 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Symantec
2008-06-10 06:17 <DIR> --d----- c:\docume~1\davidb~1\applic~1\Symantec
2008-06-10 04:12 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2008-05-30 08:39 <DIR> --d----- c:\docume~1\davidb~1\applic~1\AOL
2008-05-03 21:37 <DIR> --d----- c:\docume~1\alluse~1\applic~1\GamingSquared
2008-01-26 13:08 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Raize
2008-01-25 19:45 <DIR> --d----- c:\docume~1\davidb~1\applic~1\TaxCut
2008-01-25 19:38 <DIR> --d----- c:\docume~1\alluse~1\applic~1\TaxCut
2007-12-15 08:58 <DIR> --d----- c:\docume~1\alluse~1\applic~1\McAfee.com
2007-05-16 16:05 <DIR> --d----- c:\docume~1\davidb~1\applic~1\MySpace
2007-02-02 15:29 <DIR> --d----- c:\docume~1\alluse~1\applic~1\pdf995
2006-11-13 20:42 <DIR> --d----- c:\docume~1\davidb~1\applic~1\ICAClient
2006-06-26 16:23 <DIR> --d----- c:\docume~1\alluse~1\applic~1\MotiveSysIDs
2006-03-11 20:28 <DIR> --d----- c:\docume~1\davidb~1\applic~1\Intuit
2006-03-11 20:25 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Intuit
2004-12-19 13:39 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Pure Networks
2004-12-19 13:38 <DIR> --d----- c:\docume~1\davidb~1\applic~1\You've Got Pictures Screensaver
2004-08-31 20:26 <DIR> --d----- c:\docume~1\davidb~1\applic~1\Ulead Systems
2003-12-03 05:50 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Viewpoint
2003-09-05 04:58 <DIR> --d----- c:\docume~1\davidb~1\applic~1\McAfee.com Personal Firewall
2003-06-08 12:11 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SBSI
2005-07-14 12:31 27,648 a--shr-- c:\windows\system32\AVSredirect.dll
2005-06-26 15:32 616,448 a--shr-- c:\windows\system32\cygwin1.dll
2005-06-21 22:37 45,568 a--shr-- c:\windows\system32\cygz.dll
2005-02-28 13:16 240,128 a--shr-- c:\windows\system32\x.264.exe

============= FINISH: 21:21:45.26 ===============