|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
|
|
LinkBack | Thread Tools |
10-18-2009, 07:07 AM
|
#1 (permalink) |
|
Registered User
Join Date: Oct 2009
Posts: 11
OS: winXP
|
PLS help me solve my malware problem!
I cant open my device manager, my computer management in the administrative tools in control panel, nd disk defragmenter. I cant paste the file i copied or cut.
DDS (Ver_09-10-13.01) - NTFSx86 Run by Arko(Blade) at 19:27:07.68 on Sat 10/17/2009 Internet Explorer: 7.0.5730.13 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2037.1505 [GMT 1:00] ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\LClock\LClock.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\WINDOWS\system32\ctfmon.exe D:\Program Files\Aktiv Download Manager\Aktiv Download Manager.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Styler\Styler.exe D:\Program Files\grameenphone internet\grameenphone internet.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\wuauclt.exe D:\Program Files\Garena\Garena.exe C:\DOCUME~1\ARKO(B~1\LOCALS~1\Temp\winyuti.exe C:\WINDOWS\system32\wuauclt.exe D:\dds.scr ============== Pseudo HJT Report =============== uStart Page = about:blank mWinlogon: SfcDisable=-99 (0xffffff9d) BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_06\bin\ssv.dll BHO: Ask.com Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll TB: StylerToolBar: {d2f8f919-690b-4ea2-9fa7-a203d1e04f75} - c:\program files\styler\tb\StylerTB.dll TB: Ask.com Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [LClock] c:\program files\lclock\LClock.exe mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe" mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_06\bin\jusched.exe" mRun: [RemoteControl] "d:\program files\cyberlink\powerdvd\PDVDServ.exe" mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [DiskeeperSystray] "c:\program files\diskeeper corporation\diskeeper\DkIcon.exe" mRun: [Device Detector] "c:\program files\common files\acd systems\en\DevDetect.exe" -autorun dRunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N dRunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 StartupFolder: c:\docume~1\arko(b~1\startm~1\programs\startup\styler.lnk - c:\docume~1\arko(b~1\applic~1\microsoft\installer\{e9ecf354-2422-4fdb-9abf-d8adac0ef941}\_585b207a.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\aktivd~1.lnk - d:\program files\aktiv download manager\Aktiv Download Manager.exe mPolicies-explorer: NoStrCmpLogical = 1 (0x1) mPolicies-system: EnableLUA = 0 (0x0) IE: &Download with AktivDownloadManager! - d:\program files\aktiv download manager\aktivdownloadmanager.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: {DBA455F7-0073-46EF-BFF4-76D692D7D964} = 202.56.4.120 202.56.4.121 Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\arko(b~1\applic~1\mozilla\firefox\profiles\yej78dzy.default\ FF - component: c:\program files\mozilla firefox\extensions\talkback@mozilla.org\components\qfaservices.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} ============= SERVICES / DRIVERS =============== R3 asc3360pr;asc3360pr;\??\c:\windows\system32\drivers\hknken.sys --> c:\windows\system32\drivers\hknken.sys [?] R3 GarenaPEngine;GarenaPEngine;c:\docume~1\arko(b~1\locals~1\temp\XQE9.tmp [2009-10-17 25360] =============== Created Last 30 ================ 2009-10-17 12:38 337,408 -------- c:\windows\system32\dllcache\netapi32.dll 2009-10-17 12:08 138,496 -------- c:\windows\system32\dllcache\afd.sys 2009-10-17 04:57 203,136 -------- c:\windows\system32\dllcache\rmcast.sys 2009-10-17 04:54 455,296 -------- c:\windows\system32\dllcache\mrxsmb.sys 2009-10-17 04:50 333,952 -------- c:\windows\system32\dllcache\srv.sys 2009-10-16 23:58 <DIR> --d----- c:\docume~1\arko(b~1\applic~1\ACD Systems 2009-10-16 23:57 <DIR> --d----- c:\docume~1\alluse~1\applic~1\ACD Systems 2009-10-16 23:57 <DIR> --d----- c:\program files\common files\ACD Systems 2009-10-16 23:57 <DIR> --d----- c:\program files\ACD Systems 2009-10-16 23:57 9,856 a------- c:\windows\system32\drivers\pfc.sys 2009-10-15 09:39 <DIR> --d----- c:\windows\RegisteredPackages 2009-10-13 15:43 32,128 a------- c:\windows\system32\drivers\usbccgp.sys 2009-10-13 15:43 621,056 a------- c:\windows\system32\drivers\mod7700.sys 2009-10-13 15:43 113,664 a------- c:\windows\system32\drivers\ewusbnet.sys 2009-10-13 15:43 101,376 a------- c:\windows\system32\drivers\ewusbmdm.sys 2009-10-13 15:43 24,448 a------- c:\windows\system32\drivers\ewdcsc.sys 2009-10-13 15:29 450,048 a------- c:\windows\system32\shimgvw.dll 2009-10-13 11:33 139,264 a------- c:\windows\War3Unin.exe 2009-10-13 11:33 55,374 a------- c:\windows\War3Unin.dat 2009-10-13 11:33 2,829 a------- c:\windows\War3Unin.pif 2009-10-13 11:21 <DIR> --d----- c:\program files\Ask.com 2009-10-13 11:20 <DIR> --d----- c:\program files\Aktiv Download Manager 2009-10-13 09:44 <DIR> --d----- c:\windows\system32\SoftwareDistribution 2009-10-13 05:43 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SpeedBit 2009-10-11 12:10 53,248 a------- C:\gendel32.exe 2009-10-11 12:10 31 a------- c:\windows\wininit.ini 2009-10-11 11:41 <DIR> --d----- c:\windows\Lula 3D 2009-10-10 21:09 <DIR> --d----- c:\windows\system32\NtmsData 2009-10-10 14:34 <DIR> --d----- c:\docume~1\arko(b~1\applic~1\temp 2009-10-10 11:25 974,848 a------- c:\windows\system32\mfc70.dll 2009-10-10 11:25 237,568 a------- c:\windows\system32\lame_enc.dll 2009-10-10 11:25 5 a------- c:\windows\dkmv.dll 2009-10-10 11:25 3 a------- c:\windows\dkmmv.dll 2009-10-10 11:25 <DIR> --d----- c:\windows\system32\RMBin 2009-10-09 21:31 <DIR> --d----- c:\program files\common files\DirectX 2009-10-09 19:12 <DIR> --d----- c:\program files\DivX 2009-10-09 19:11 <DIR> --d----- c:\windows\Downloaded Installations 2009-10-09 19:11 <DIR> --d----- c:\program files\Diskeeper Corporation 2009-10-09 19:07 940,794 a------- c:\windows\system32\LoopyMusic.wav 2009-10-09 19:07 146,650 a------- c:\windows\system32\BuzzingBee.wav 2009-10-09 19:03 315,392 a------- c:\windows\HideWin.exe 2009-10-09 19:03 520,192 -----r-- c:\windows\RtlExUpd.dll 2009-10-09 19:01 <DIR> --d----- c:\windows\system32\ReinstallBackups 2009-10-09 19:01 <DIR> --d----- c:\windows\OPTIONS 2009-10-09 19:01 <DIR> --d----- c:\program files\Realtek 2009-10-09 19:01 172,032 a----r-- c:\windows\system32\igfxres.dll 2009-10-09 18:50 <DIR> --d----- C:\Intel 2009-10-09 18:49 <DIR> --d----- c:\program files\MSXML 4.0 2009-10-09 18:49 <DIR> --d----- C:\TempEI4 2009-10-09 18:17 3,072 a------- c:\windows\system32\drivers\audstub.sys 2009-10-09 18:16 57,600 a------- c:\windows\system32\drivers\redbook.sys 2009-10-09 18:15 74,240 a------- c:\windows\system32\usbui.dll 2009-10-09 18:14 4,444 a------- c:\windows\system32\pid.PNF 2009-10-09 18:13 <DIR> --d----- c:\program files\common files\ODBC 2009-10-09 18:13 <DIR> --d----- c:\program files\common files\SpeechEngines 2009-10-09 18:13 <DIR> --d--r-- c:\documents and settings\all users\Documents 2009-10-09 18:11 90,880 a----r-- c:\windows\system32\drivers\Rtenicxp.sys 2009-10-09 18:11 <DIR> --d----- C:\Documents and Settings 2009-10-09 18:10 849 a------- c:\windows\system32\$winnt$.inf 2009-10-09 17:44 <DIR> --d----- c:\docume~1\arko(b~1\applic~1\Styler 2009-10-09 17:42 <DIR> --d----- c:\documents and settings\arko(blade)\7zS2057.tmp 2009-10-09 17:42 <DIR> --d----- c:\documents and settings\arko(blade)\_ir_sf7_temp_0 2009-10-09 17:37 <DIR> --d----- c:\program files\Windows Media Connect 2 2009-10-09 17:36 <DIR> --d----- c:\program files\Alky for Applications 2009-10-09 17:36 <DIR> --d----- c:\program files\Kristanix 2009-10-09 17:36 <DIR> --d----- c:\program files\Resource Hacker 3.4.0 2009-10-09 17:36 <DIR> --d----- c:\program files\common files\Stardock 2009-10-09 17:36 <DIR> --d----- c:\program files\Stardock 2009-10-09 17:35 <DIR> --d----- c:\program files\CCleaner 2009-10-09 17:29 <DIR> --dsh--- c:\documents and settings\all users\DRM 2009-10-09 17:29 <DIR> --d-h--- c:\program files\WindowsUpdate 2009-10-09 17:29 <DIR> --d----- c:\program files\Online Services 2009-10-09 17:29 <DIR> --d----- c:\program files\common files\MSSoap 2009-10-09 17:25 <DIR> --d----- c:\program files\VistaExperience.org 2009-10-09 17:23 <DIR> --d----- c:\program files\Styler 2009-10-09 17:23 <DIR> --d----- c:\program files\Desktop 2009-10-09 17:22 <DIR> --d----- c:\program files\LClock 2009-10-09 17:22 <DIR> --d----- c:\program files\HashTab Shell Extension 2009-10-09 17:22 <DIR> --d----- c:\program files\Unlocker 2009-10-09 17:22 <DIR> --d----- c:\program files\Microsoft PowerToys 2009-10-09 17:22 <DIR> --d----- c:\program files\Windows NT ==================== Find3M ==================== 2009-10-10 11:26 2,535,424 a------- c:\windows\system32\agsaamj.dll 2009-10-10 11:26 987,136 a------- c:\windows\system32\agsaamh.dll 2009-10-10 11:26 610,304 a------- c:\windows\system32\agsaamg.dll 2009-10-10 11:26 372,736 a------- c:\windows\system32\agsaamc.dll 2009-10-10 11:26 331,776 a------- c:\windows\system32\agsaama.dll 2009-10-10 11:26 90,112 a------- c:\windows\system32\agsaami.dll 2009-10-10 11:26 1,986,560 a------- c:\windows\system32\akll.dll 2009-10-10 11:26 1,245,184 a------- c:\windows\system32\bkll.dll 2009-10-10 11:26 1,212,416 a------- c:\windows\system32\ckll.dll 2009-10-10 11:26 196,608 a------- c:\windows\system32\maag.dll 2009-10-09 17:30 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat 2009-10-09 17:28 21,640 a------- c:\windows\system32\emptyregdb.dat 2009-09-11 15:18 136,192 a------- c:\windows\system32\msv1_0.dll 2009-09-11 15:18 136,192 -------- c:\windows\system32\dllcache\msv1_0.dll 2009-08-05 10:01 204,800 a------- c:\windows\system32\mswebdvd.dll 2009-08-05 10:01 204,800 a------- c:\windows\system32\dllcache\mswebdvd.dll ============= FINISH: 19:27:15.85 =============== Last edited by amateur; 10-19-2009 at 01:52 AM. Reason: DDS.txt pasted in |
|
     |
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
10-21-2009, 01:06 PM
|
#2 (permalink) |
|
Moderator, Analyst, Security Team; Rangemaster, TSF Academy
Join Date: Oct 2007
Location: Georgia
Posts: 10,744
OS: XP SP3
|
Re: PLS help me solve my malware problem!
Hello and Welcome to TSF.
Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription. Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed. ------------------------------------------------------ Please explain why this computer has no antivirus program installed and running. This is an open invitation for infection. It can take as little as eight seconds to infect an unprotected computer. Please keep this computer offline except when downloading tools and posting in the forum until we get one installed. Let me know your intentions for an antivirus program. ------------------------------------------------------ Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate. Please stay with me until given the 'all clear' even if symptoms seemingly abate. Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper. ------------------------------------------------------ Please visit this webpage for download links, and instructions for running ComboFix: http://www.bleepingcomputer.com/comb...o-use-combofix * Ensure you have disabled all antivirus and antimalware programs so they do not interfere with the running of ComboFix. Get help here Please post the C:\ComboFix.txt in your next reply for further review. ------------------------------------------------------ |
|
|
|
|
10-22-2009, 09:49 AM
|
#4 (permalink) |
|
Moderator, Analyst, Security Team; Rangemaster, TSF Academy
Join Date: Oct 2007
Location: Georgia
Posts: 10,744
OS: XP SP3
|
Re: PLS help me solve my malware problem!
Go ahead with the previous instructions and we'll install a good, free one once we've knocked out the infection.
|
|
|
|
|
10-23-2009, 02:57 AM
|
#5 (permalink) | |
|
Registered User
Join Date: Oct 2009
Posts: 11
OS: winXP
|
Re: PLS help me solve my malware problem!
Quote:
|
|
|
|
|
|
10-28-2009, 05:32 AM
|
#11 (permalink) |
|
Moderator, Analyst, Security Team; Rangemaster, TSF Academy
Join Date: Oct 2007
Location: Georgia
Posts: 10,744
OS: XP SP3
|
Re: PLS help me solve my malware problem!
Hello again, arko17.
Go Start > Run and copy/paste or type the following into the Run box and click OK: "%userprofile%\desktop\combofix.exe" /killall You must include the quotation marks and there is a space in between " and /. ------------------------------------------------------ |
|
|
|
|
11-02-2009, 08:10 PM
|
#12 (permalink) |
|
Moderator, Analyst, Security Team; Rangemaster, TSF Academy
Join Date: Oct 2007
Location: Georgia
Posts: 10,744
OS: XP SP3
|
Re: PLS help me solve my malware problem!
Due to lack of response, this topic will now be closed. If you need continued support, please begin a new thread, and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here:
IMPORTANT - Read This Before Posting For Malware Removal Help ------------------------------------------------------ |
|
|
|
| Thread Tools | |
|
|
