ukeden

Original post:

win32trojanalureon help to remove please log file posted

hi please can someone help to remove i have the dds log files but can not get gmer to run on laptop tested working on pc ?

DDS (Ver_09-03-16.01) - NTFSx86
Run by DAVE at 0:39:00.42 on 21/04/2009
Internet Explorer: 7.0.5730.11

============== Pseudo HJT Report ===============

uLocal Page = hxxp://www.prevx.com
uStart Page = hxxp://supanet/
uWindow Title = mirs Internet Explorer
uDefault_Page_URL = c:\secure32.html
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mDefault_Page_URL = hxxp://www.prevx.com
mLocal Page = hxxp://www.prevx.com
mStart Page = hxxp://www.prevx.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Burn4Free Toolbar Helper: {d187a56b-a33f-4cbe-9d77-459fc0bae012} - c:\program files\burn4free toolbar\v3.3.0.1\Burn4Free_Toolbar.dll
TB: Burn4Free Toolbar: {4f11acbb-393f-4c86-a214-ff3d0d155cc3} - c:\program files\burn4free toolbar\v3.3.0.1\Burn4Free_Toolbar.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ModemOnHold] c:\program files\netwaiting\netWaiting.exe
uRun: [Windows installer] C:\winstall.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [Google Update] "c:\documents and settings\dave\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [RegistryMechanic] c:\program files\registry mechanic\RegMech.exe /H
uRun: [oisoiea] "c:\documents and settings\dave\local settings\application data\oisoiea.exe" oisoiea
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [SunJavaUpdateSched] c:\program files\java\j2re1.4.2_03\bin\jusched.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [Dell Wireless Manager UI] c:\windows\system32\WLTRAY
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [McAfeeUpdaterUI] "c:\program files\network associates\common framework\UpdaterUI.exe" /StartedFromRunKey
mRun: [Ulead Photo Express Calendar Checker] c:\program files\ulead systems\ulead photo express 5 se\calcheck.exe
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe"
mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall
mRun: [801893411] "c:\documents and settings\all users\application data\789237411\801893411.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [DSLSTATEXE] c:\program files\voyager 105 adsl modem\dslstat.exe icon
mRun: [DSLAGENTEXE] c:\program files\voyager 105 adsl modem\dslagent.exe
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRunServices: [mshtb.exe] c:\windows\system32\mshtb.exe.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
Trusted Zone: tesco.net\memberservices
Trusted Zone: tesco.net\register
DPF: {3334504D-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/0/C/8/0C8EDFAB-30BC-4792-898E-2DABE27B2C4D/mp43dmo.CAB
DPF: {33564D57-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============


=============== Created Last 30 ================

2009-04-19 15:41 232,075 a------- c:\windows\Burn4Free_Toolbar_Uninstaller_4078.exe
2009-04-19 15:40 <DIR> --d----- c:\program files\Burn4Free Toolbar
2009-04-19 15:40 <DIR> --d----- c:\program files\Burn4Free
2009-04-18 18:06 15,688 a------- c:\windows\system32\lsdelete.exe
2009-04-18 17:47 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-04-18 17:46 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-04-18 17:45 <DIR> --d----- c:\program files\Lavasoft
2009-04-18 06:58 <DIR> --d----- c:\program files\Voyager 105 ADSL Modem
2009-04-11 13:56 1,563,008 a------- c:\windows\WRSetup.dll
2009-04-11 13:56 <DIR> --d----- c:\program files\Webroot
2009-04-11 13:56 <DIR> --d----- c:\docume~1\dave\applic~1\Webroot
2009-04-11 13:56 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Webroot
2009-04-11 13:52 164 a------- c:\windows\install.dat
2009-04-11 12:20 <DIR> --d----- c:\program files\WebMediaPlayer
2009-04-11 12:20 <DIR> --d----- c:\docume~1\alluse~1\applic~1\wmp
2009-04-10 11:21 <DIR> --d----- c:\program files\Debugging Tools for Windows (x86)
2009-04-07 06:16 <DIR> --d----- c:\windows\LastGood(3)
2009-04-02 14:30 176,752 a------- c:\windows\system32\drivers\ssidrv.sys
2009-04-02 14:30 23,152 a------- c:\windows\system32\drivers\sshrmd.sys
2009-04-02 14:30 29,808 a------- c:\windows\system32\drivers\ssfs0bbc.sys
2009-03-27 11:56 187 a------- C:\Shortcut to CD Drive.lnk

==================== Find3M ====================

2009-03-21 15:06 989,696 -------- c:\windows\system32\dllcache\kernel32.dll
2009-03-06 15:22 284,160 a------- c:\windows\system32\pdh.dll
2009-03-06 15:22 284,160 -------- c:\windows\system32\dllcache\pdh.dll
2009-03-03 01:18 826,368 a------- c:\windows\system32\wininet.dll
2009-03-03 01:18 826,368 a------- c:\windows\system32\dllcache\wininet.dll
2009-02-28 05:54 636,072 -------- c:\windows\system32\dllcache\iexplore.exe
2009-02-20 11:20 70,656 -------- c:\windows\system32\dllcache\ie4uinit.exe
2009-02-20 11:20 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2009-02-20 06:14 161,792 a------- c:\windows\system32\dllcache\ieakui.dll
2009-02-09 13:10 729,088 a------- c:\windows\system32\lsasrv.dll
2009-02-09 13:10 729,088 -------- c:\windows\system32\dllcache\lsasrv.dll
2009-02-09 13:10 714,752 a------- c:\windows\system32\ntdll.dll
2009-02-09 13:10 617,472 a------- c:\windows\system32\advapi32.dll
2009-02-09 13:10 401,408 a------- c:\windows\system32\rpcss.dll
2009-02-09 13:10 714,752 -------- c:\windows\system32\dllcache\ntdll.dll
2009-02-09 13:10 617,472 -------- c:\windows\system32\dllcache\advapi32.dll
2009-02-09 13:10 473,600 -------- c:\windows\system32\dllcache\fastprox.dll
2009-02-09 13:10 453,120 -------- c:\windows\system32\dllcache\wmiprvsd.dll
2009-02-09 13:10 401,408 -------- c:\windows\system32\dllcache\rpcss.dll
2009-02-09 12:13 1,846,784 a------- c:\windows\system32\win32k.sys
2009-02-09 12:13 1,846,784 -------- c:\windows\system32\dllcache\win32k.sys
2009-02-07 19:02 2,066,048 a------- c:\windows\system32\ntkrnlpa.exe
2009-02-07 19:02 2,066,048 -------- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-02-06 12:11 110,592 a------- c:\windows\system32\services.exe
2009-02-06 12:11 110,592 -------- c:\windows\system32\dllcache\services.exe
2009-02-06 12:08 2,189,056 a------- c:\windows\system32\ntoskrnl.exe
2009-02-06 12:08 2,189,056 -------- c:\windows\system32\dllcache\ntoskrnl.exe
2009-02-06 12:06 2,145,280 -------- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-02-06 11:39 35,328 a------- c:\windows\system32\sc.exe
2009-02-06 11:39 35,328 a------- c:\windows\system32\dllcache\sc.exe
2009-02-06 11:32 2,023,936 -------- c:\windows\system32\dllcache\ntkrpamp.exe
2009-02-06 11:10 227,840 -------- c:\windows\system32\dllcache\wmiprvse.exe
2009-02-03 20:59 56,832 a------- c:\windows\system32\secur32.dll
2009-02-03 20:59 56,832 -------- c:\windows\system32\dllcache\secur32.dll
2008-08-15 17:42 59 ac------ c:\program files\ping_wip.txt
2006-05-03 21:49 0 ac------ c:\docume~1\dave\applic~1\Install.dat
2006-03-26 15:22 56 -c-shr-- c:\windows\system32\8EC39C2A42.sys
2006-03-26 15:22 2,828 ac-sh--- c:\windows\system32\KGyGaAvL.sys
2008-10-06 06:47 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008100620081007\index.dat

============= FINISH: 0:40:09.06 ===============

Attached Files

Attach.rar (1.6 KB, 1 views)

ukeden

can any one help please