|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
|
|
LinkBack | Thread Tools |
10-17-2009, 08:56 PM
|
#1 (permalink) |
|
Registered User
Join Date: Jun 2008
Posts: 6
OS: WinXP
|
My ISP says I'm infected.
My ISP has recently turned off my service, claiming that spam is being sent from my computer. I haven't experienced any symptoms, and I've run Spybot-S&D and Ad-Aware and haven't found a thing. I've attached the logs and will paste the dds file. If you can spot the culprit, or give a clean bill of health, I'd be much obliged.
I'm running Windows XP with Service Pack 2 Here's my DDS log: DDS (Ver_09-10-13.01) - NTFSx86 Run by Kenny at 22:18:15.09 on Sat 10/17/2009 Internet Explorer: 8.0.6001.18241 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2038.1533 [GMT -7:00] AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\netdde.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\System32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Compal Electronics, INC\Wireless Select Switch\Wireless Select Switch.exe C:\Program Files\Elantech\ktp.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\Compal Electronics, INC\Sidewalker\CSWalker.exe C:\WINDOWS\CTHELPER.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Creative Professional\E-MU 1616\E-MU PatchMix DSP\EmuPatchMixDSP.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe C:\WINDOWS\System32\svchost.exe -k imgsvc C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe C:\Program Files\internet explorer\iexplore.exe C:\Documents and Settings\Kenny\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com/ uURLSearchHooks: TorrentMan Toolbar: {7c5c0f58-e061-457d-9033-77307f5ed00c} - c:\program files\torrentman\tbTor1.dll BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - c:\program files\flashget\jccatch.dll BHO: TorrentMan Toolbar: {7c5c0f58-e061-457d-9033-77307f5ed00c} - c:\program files\torrentman\tbTor1.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll TB: TorrentMan Toolbar: {7c5c0f58-e061-457d-9033-77307f5ed00c} - c:\program files\torrentman\tbTor1.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File uRun: [SetDefaultMIDI] MIDIDef.exe uRun: [AWMON] "c:\program files\lavasoft\ad-aware se plus\Ad-Watch.exe" uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background mRun: [avgnt] "c:\program files\antivir personaledition classic\avgnt.exe" /min mRun: [igfxtray] c:\windows\system32\igfxtray.exe mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe mRun: [igfxpers] c:\windows\system32\igfxpers.exe mRun: [AzMixerSel] c:\program files\realtek\installshield\AzMixerSel.exe mRun: [AGRSMMSG] AGRSMMSG.exe mRun: [CASS] c:\program files\compal electronics, inc\wireless select switch\Wireless Select Switch.exe mRun: [KTPWare] c:\program files\elantech\ktp.exe mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe" mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless mRun: [Sidewalker] c:\program files\compal electronics, inc\sidewalker\CSWalker.exe mRun: [UpdReg] c:\windows\UpdReg.EXE mRun: [CTHelper] CTHELPER.EXE mRun: [!AVG Anti-Spyware] "c:\program files\grisoft\avg anti-spyware 7.5\avgas.exe" /minimized mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [CTRegRun] c:\windows\CTRegRun.EXE IE: &Download All with FlashGet - c:\program files\flashget\jc_all.htm IE: &Download with FlashGet - c:\program files\flashget\jc_link.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\flashget\FlashGet.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: {233c1507-6a77-46a4-9443-f871f945d258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {e2883e8f-472f-4fb0-9522-ac9bf37916a7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll Notify: igfxcui - igfxdev.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL ============= SERVICES / DRIVERS =============== R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [2006-11-9 11264] R1 CPEb;CPEb;c:\windows\system32\drivers\CPEb.sys [2006-11-8 8192] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2008-5-28 8944] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-5-28 55024] R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-12-21 24652] R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2007-1-22 33792] R3 Ktp;Elantech Touchpad;c:\windows\system32\drivers\Ktp.sys [2006-11-8 27904] S2 KorgBlkT;KorgBlkT.Sys KORG USB Bulk Driver;c:\windows\system32\drivers\korgblkt.sys [2006-6-26 17240] S3 getplushelper;getPlus(R) Helper;c:\windows\system32\svchost.exe -k getPlusHelper [2001-8-23 14336] S3 KORGUMDS;KORG USB-MIDI Driver for Windows;c:\windows\system32\drivers\KORGUMDS.SYS [2007-12-12 21720] S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2008-5-28 7408] S3 XDva190;XDva190;\??\c:\windows\system32\xdva190.sys --> c:\windows\system32\XDva190.sys [?] =============== Created Last 30 ================ 2009-10-15 21:07 <DIR> --d----- c:\windows\system32\LogFiles 2009-10-15 01:51 <DIR> a-dshr-- C:\cmdcons 2009-10-15 01:50 236,544 a------- c:\windows\PEV.exe 2009-10-15 01:48 <DIR> --d----- C:\Combo4Fix ==================== Find3M ==================== 2009-10-15 01:14 138,944 a------- c:\windows\system32\drivers\PnkBstrK.sys 2009-10-15 01:13 189,784 a------- c:\windows\system32\PnkBstrB.exe 2006-07-22 05:01 34 a------- c:\documents and settings\kenny\jagex_runescape_preferences.dat 2006-06-19 14:42 36,864 -------- c:\docume~1\alluse~1\applic~1\CPEbLib.dll 2006-06-01 19:15 8,192 -------- c:\docume~1\alluse~1\applic~1\CPEb.sys 2005-10-24 03:03 22,328 -------- c:\docume~1\kenny\applic~1\PnkBstrK.sys ============= FINISH: 22:18:28.71 =============== Thanks, Kaegee Last edited by kaegee; 10-17-2009 at 09:06 PM. Reason: attaching files |
|
     |
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
| Thread Tools | |
|
|
