Tech Support Forum banner
Status
Not open for further replies.
1 - 3 of 3 Posts

·
Registered
Joined
·
6 Posts
Discussion Starter · #1 ·
MY COMPUTER HAS A SERIES OF PROBLEMS, MY INTERNET CONNECTION HAS BEEN DELETED AS WELL AS MY VOLUME CONTROL, I ALSO CANNOT COPY/PASTE ANYTHING, EVEN WITH CONTROL + V. MY COMPUTER HAS A SERIES OF ERROR MESSAGES.
TYPICAL MESSAGE LIKE "Win32.Banker.FSTrojan.SpyAgent.DA"
"SYSTEM CRASHED" ETC
IVE SEARCHED THIS FORUM AND FOLLOWED ADVICE SO IM ATTACHING FILES THAT ARE NEEDED TO HELP SOLVE THE PROBLEM.
OH I CANT DO SYSTEM RESTORE, CANT INSTALL NEW PROGRAMS. ITS A VIRUS FROM HELL!!!!
IM NOT EXPERT SO IF ANY MORE INFO IS NEEDED TELL ME , PLEASE HELP.



DDS (Ver_09-02-01.01) - NTFSx86
Run by Michael Hanratty at 23:36:55.26 on 03/03/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: BitZipperSearch Toolbar: {97bceb59-cfcd-4b16-a863-b3f72cf9f196} - c:\program files\bitzippersearch\tbBitZ.dll
uURLSearchHooks: Best Security Tips Toolbar: {da30eff8-ccc6-4162-a20d-67402a26a215} - c:\program files\best_security_tips\tbBest.dll
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\ntos.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: NoExplorer - No File
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {971c3384-f75e-4562-95b3-cbe7417529bc} - browser optimizer by rightonadz
BHO: BitZipperSearch Toolbar: {97bceb59-cfcd-4b16-a863-b3f72cf9f196} - c:\program files\bitzippersearch\tbBitZ.dll
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: Best Security Tips Toolbar: {da30eff8-ccc6-4162-a20d-67402a26a215} - c:\program files\best_security_tips\tbBest.dll
BHO: mysidesearch search enhancer: {daa21140-5eb7-1aa3-f82e-e94cb165473b} - c:\windows\system32\pvxojztuskyq.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: BitZipperSearch Toolbar: {97bceb59-cfcd-4b16-a863-b3f72cf9f196} - c:\program files\bitzippersearch\tbBitZ.dll
TB: Best Security Tips Toolbar: {da30eff8-ccc6-4162-a20d-67402a26a215} - c:\program files\best_security_tips\tbBest.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
EB: Search panel: {9eb98d7f-2012-40d1-ff57-01a4ac75724e} - c:\windows\system32\pvxojztuskyq.dll
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [kdx] c:\program files\kontiki\KHost.exe -all
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
uRun: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
uRun: [msupdate] c:\documents and settings\michael hanratty\my documents\bitlord\downloads\microsoft office 2007 + keygen\Keygen.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [UpdateWin] c:\windows\system32\aaclientl.exe
uRun: [userinit] c:\windows\system32\ntos.exe
uRun: [Keygen.exe] c:\users\\appdata\local\microsoft\windows\explorer\Keygen.exe
uRunServices: [UpdateWin] c:\windows\system32\aaclientl.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe
mRun: [Dell Wireless Manager UI] c:\windows\system32\WLTRAY
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [PRONoMgrWired] c:\program files\intel\prosetwired\ncs\proset\PRONoMgr.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Sony Ericsson PC Suite] "c:\program files\sony ericsson\mobile2\application launcher\Application Launcher.exe" /startoptions
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [nod32kui] "c:\program files\eset\nod32kui.exe" /WAITSERVICE
mRun: [4oD] "c:\program files\kontiki\KHost.exe" -all
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [UpdateWin] c:\windows\system32\aaclientl.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRunServices: [UpdateWin] c:\windows\system32\aaclientl.exe
dRun: [userinit] c:\windows\system32\ntos.exe
uPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
uPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
uPolicies-system: DisableRegistryTools = 1 (0x1)
uPolicies-system: DisableTaskMgr = 1 (0x1)
uPolicies-system: DisableRegedit = 0 (0x0)
mPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: DisableTaskMgr = 1 (0x1)
mPolicies-system: DisableRegistryTools = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\pokerstars.net\PokerStarsUpdate.exe
IE: {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
LSP: c:\windows\system32\imon.dll
DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} - hxxp://www.bebo.com/files/BeboUploader.5.1.4.cab
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/SCRABBLE/Images/stg_drm.ocx
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {cafeefac-0016-0000-0007-abcdeffedcba} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxsrvc.dll
AppInit_DLLs: avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
STS: IPC Configuration Utility - No File
STS: Windows Installer Class: {020487cc-fc04-4b1e-863f-d9801796230b} - c:\docume~1\michae~1\locals~1\temp\wndutl32.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Authentication Packages = msv1

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\michae~1\applic~1\mozilla\firefox\profiles\vwcch4f1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www3.yoog.com/search.php?q=
FF - prefs.js: browser.search.selectedEngine - Yoog Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT1304867&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://www3.yoog.com/search.php?q=
FF - component: c:\documents and settings\michael hanratty\application data\mozilla\firefox\profiles\vwcch4f1.default\extensions\{97bceb59-cfcd-4b16-a863-b3f72cf9f196}\components\FFAlert.dll
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg8\toolbarff\components\vmAVGConnector.dll
FF - component: c:\program files\mozilla firefox\components\82a149f0-806c-4208-f087-17278a47aeff.dll
FF - component: c:\program files\mozilla firefox\components\nsadzgalore.dll

---- FIREFOX POLICIES ----
FF - user.js: google.toolbar.linkdoctor.enabled - false
FF - user.js: browser.search.selectedEngine - Yoog Search
FF - user.js: keyword.URL - hxxp://www3.yoog.com/search.php?q=
FF - user.js: keyword.enabled - true
FF - user.js: browser.search.defaultenginename - Yoog Search
FF - user.js: browser.search.defaulturl - hxxp://www3.yoog.com/search.php?q=

============= SERVICES / DRIVERS ===============


=============== Created Last 30 ================

2009-03-03 23:12 250 a------- c:\windows\gmer.ini
2009-03-03 18:53 <DIR> --d----- c:\docume~1\michae~1\applic~1\iolo
2009-03-03 18:53 <DIR> --d----- c:\docume~1\alluse~1\applic~1\iolo
2009-02-23 20:41 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-02-23 20:41 97,928 a------- c:\windows\system32\drivers\avgldx86.sys
2009-02-23 20:41 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-02-23 20:41 <DIR> --d----- c:\docume~1\michae~1\applic~1\AVGTOOLBAR
2009-02-22 04:22 109 a--sh--- c:\windows\system32\1356515275.dat
2009-02-22 04:22 40,960 ---shr-- c:\windows\system32\aaclientl.exe
2009-02-22 04:21 <DIR> --dsh--- c:\windows\system32\wsnpoem
2009-02-19 21:43 <DIR> --d----- c:\windows\SQLTools9_KB960089_ENU
2009-02-19 21:33 <DIR> --d----- c:\windows\SQL9_KB960089_ENU
2009-02-10 16:12 410,984 a------- c:\windows\system32\deploytk.dll
2009-02-09 19:41 1,409 a------- c:\windows\QTFont.for
2009-02-09 19:41 54,156 a---h--- c:\windows\QTFont.qfn
2009-02-05 00:45 108,336 a------- c:\windows\system32\mswinsck.ocx

==================== Find3M ====================

2009-02-22 21:17 85,662 a------- c:\windows\system32\d4d83ef3-00c3-0691-c12e-6df404a46173.exe
2009-01-16 21:35 3,594,752 -------- c:\windows\system32\dllcache\mshtml.dll
2009-01-08 02:37 85,219 a------- c:\windows\system32\cont_adzgalore-remove.exe
2008-12-19 09:10 70,656 -------- c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 09:10 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 05:25 634,024 -------- c:\windows\system32\dllcache\iexplore.exe
2008-12-19 05:23 161,792 -------- c:\windows\system32\dllcache\ieakui.dll
2008-12-16 23:13 68,513 a------- c:\windows\system32\pvxojztuskyq.dll-uninst.exe
2008-12-11 10:57 333,952 -------- c:\windows\system32\dllcache\srv.sys
2008-12-08 11:17 617,472 a------- c:\windows\system32\pvxojztuskyq.dll
2008-09-03 20:48 87,608 a------- c:\docume~1\michae~1\applic~1\inst.exe
2008-09-03 20:48 47,360 a------- c:\docume~1\michae~1\applic~1\pcouffin.sys
2008-07-19 06:22 32,800 a------- c:\docume~1\michae~1\applic~1\GDIPFONTCACHEV1.DAT
2008-06-06 03:47 20 ----h--- c:\docume~1\alluse~1\applic~1\PKP_DLec.DAT
2008-06-06 03:47 20 ----h--- c:\docume~1\alluse~1\applic~1\PKP_DLds.DAT
2008-10-06 00:40 356,504 a--sh--- c:\windows\system32\pAHjTvut.ini2
2008-05-19 10:56 462,966 a--sh--- c:\windows\system32\vycdd.bak1
2008-05-19 11:03 463,299 a--sh--- c:\windows\system32\vycdd.bak2
2008-05-19 11:04 463,319 a--sh--- c:\windows\system32\vycdd.ini2
2008-09-22 19:56 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008091520080922\index.dat
2008-09-17 14:45 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008091720080918\index.dat
2008-09-29 00:01 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008092220080929\index.dat
2008-09-25 01:00 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008092520080926\index.dat
2008-09-29 22:45 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008092920080930\index.dat
2008-09-30 19:26 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008093020081001\index.dat
2008-10-01 22:55 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008100120081002\index.dat
2008-10-02 22:08 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008100220081003\index.dat
2008-10-03 15:03 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008100320081004\index.dat
2008-10-05 00:46 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008100520081006\index.dat
2008-12-01 10:37 16,384 ac-sh--- c:\windows\temp\cookies\index.dat
2008-12-01 10:37 16,384 ac-sh--- c:\windows\temp\history\history.ie5\index.dat
2008-12-01 10:37 32,768 ac-sh--- c:\windows\temp\temporary internet files\content.ie5\index.dat

============= FINISH: 23:39:24.18 ===============
 

Attachments

·
Registered
Joined
·
4,582 Posts
Please visit this webpage for download links, and instructions for running combofix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix


* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.
 

·
Registered
Joined
·
4,582 Posts
1 - 3 of 3 Posts
Status
Not open for further replies.
Top