Jump to content

migrunner

Members
 View Profile  See their activity

  • Posts

    1

  • Joined

  • Last visited

Reputation

0 Neutral
  1. migrunner
    Here is the logfile information as requested. For some reason, when I zipped the files "attach.txt" and "ark.text" my computer named the zipped file, "ark.txt.zip" but both files are in there. Immediately below is the copy/pasted DDS Log: . DDS (Ver_11-03-05.01) - NTFSx86 Run by Owner at 17:47:32.62 on Sun 05/08/2011 Internet Explorer: 7.0.5730.13 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.420 [GMT -7:00] . . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\idt\wdm\STacSV.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\IDT\WDM\sttray.exe C:\WINDOWS\system32\AESTFltr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\BumpTop\BumpTop.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Griffin Technology\AirClick\AirClick.exe C:\Program Files\ControlCenter4\BrCtrlCntr.exe C:\Program Files\BumpTop\TexHelper.exe C:\Program Files\BumpTop\TexHelper.exe C:\Program Files\ControlCenter4\BrCcUxSys.exe C:\Program Files\eFax Messenger 4.4\J2GTray.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\SearchProtocolHost.exe C:\Documents and Settings\Owner\Desktop\dds.scr . ============== Pseudo HJT Report =============== . uStart Page = hxxp://news.google.com/ uInternet Settings,ProxyOverride = 192.168.*.*;<local>;*.local BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [updateMgr] c:\program files\adobe\acrobat 7.0\acrobat\AdobeUpdateManager.exe AcPro7_1_0 -reboot 1 uRun: [eFax 4.4] "c:\program files\efax messenger 4.4\J2GDllCmd.exe" /R uRun: [DriverFinder] c:\program files\driverfinder\DriverFinder.exe uRun: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 uRun: [HLBackupScheduler] c:\program files\verizon v cast media manager\V CAST Backup Scheduler.exe mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe mRun: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg mRun: [HP Mobile Broadband] c:\swsetup\hpqwwan\HPMobileBroadband.exe /TrayMode mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe" mRun: [blackBerryAutoUpdate] c:\program files\common files\research in motion\auto update\RIMAutoUpdate.exe /background mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [DiscWizardMonitor.exe] c:\program files\seagate\discwizard\DiscWizardMonitor.exe mRun: [AcronisTimounterMonitor] c:\program files\seagate\discwizard\TimounterMonitor.exe mRun: [seagate Scheduler2 Service] "c:\program files\common files\seagate\schedule2\schedhlp.exe" mRun: [ControlCenter4] c:\program files\controlcenter4\BrCcBoot.exe /autorun mRun: [brStsMon00] c:\program files\browny02\brother\BrStMonW.exe /AUTORUN mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10e.exe StartupFolder: c:\docume~1\owner\startm~1\programs\startup\airclick.lnk - c:\program files\griffin technology\airclick\AirClick.exe StartupFolder: c:\docume~1\owner\startm~1\programs\startup\efax44~1.lnk - c:\program files\efax messenger 4.4\J2GTray.exe StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-0000-7760-100000000002}\SC_Acrobat.exe StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\bumptop.lnk - c:\program files\bumptop\BumpTop.exe StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\deskto~1.lnk - c:\program files\research in motion\blackberry\DesktopMgr.exe StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab DPF: {928626A3-6B98-11CF-90B4-00AA00A4011F} - hxxp://www.homesteadhotels.com/minisite/accommodations/surround/MSSurVid.cab DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll LSA: Authentication Packages = msv1_0 relog_ap mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe" . ============= SERVICES / DRIVERS =============== . R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-1-29 363344] R2 MotoHelper;MotoHelper Service;c:\program files\motorola\motohelper\MotoHelperService.exe [2010-9-7 202048] R2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files\common files\seagate\schedule2\schedul2.exe [2009-10-16 431456] R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2010-2-5 113664] R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2010-2-5 38912] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-2-6 20952] S0 rxitry;rxitry; [x] S0 ulhymth;ulhymth; [x] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-10 136176] S3 090423696c352b2c;090423696c352b2c;\??\c:\windows\temp\8520a95f703c --> c:\windows\temp\8520a95f703c [?] S3 225ba9caac34302d;225ba9caac34302d;\??\c:\windows\temp\85606623c1b8 --> c:\windows\temp\85606623c1b8 [?] S3 256f4ac78c64c162;256f4ac78c64c162;\??\c:\windows\temp\852035e2c734 --> c:\windows\temp\852035e2c734 [?] S3 3c24c780e0accb68;3c24c780e0accb68;\??\c:\windows\temp\8520622b5038 --> c:\windows\temp\8520622b5038 [?] S3 400ce76878910ca1;400ce76878910ca1;\??\c:\windows\temp\86007c5e5ddc --> c:\windows\temp\86007c5e5ddc [?] S3 8db0dd0dbc103175;8db0dd0dbc103175;\??\c:\windows\temp\8521fce41958 --> c:\windows\temp\8521fce41958 [?] S3 b02646b64a3a72a4;b02646b64a3a72a4;\??\c:\windows\temp\8560d50f47a8 --> c:\windows\temp\8560d50f47a8 [?] S3 BrYNSvc;BrYNSvc;c:\program files\browny02\BrYNSvc.exe [2011-3-29 245760] S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [2010-9-7 6016] S3 c8ed84480aae302e;c8ed84480aae302e;\??\c:\windows\temp\8520675ccac8 --> c:\windows\temp\8520675ccac8 [?] S3 ca25c7e6f5098e7c;ca25c7e6f5098e7c;\??\c:\windows\temp\5880f6c441c0 --> c:\windows\temp\5880f6c441c0 [?] S3 cpuz132;cpuz132;\??\c:\docume~1\owner\locals~1\temp\cpuz132\cpuz132_x32.sys --> c:\docume~1\owner\locals~1\temp\cpuz132\cpuz132_x32.sys [?] S3 e0d016cc0268c5b1;e0d016cc0268c5b1;\??\c:\windows\temp\8520d01e3070 --> c:\windows\temp\8520d01e3070 [?] S3 fd58fa9ee22fd4d2;fd58fa9ee22fd4d2;\??\c:\windows\temp\5880c183d0c0 --> c:\windows\temp\5880c183d0c0 [?] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-10 136176] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys --> c:\windows\system32\drivers\motccgp.sys [?] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2010-9-7 8320] S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [2010-9-7 23424] S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [2010-9-7 9472] S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [2010-6-29 160256] S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\drivers\rts516xir.sys --> c:\windows\system32\drivers\Rts516xIR.sys [?] . =============== Created Last 30 ================ . 2011-05-08 02:45:00 -------- d-----w- c:\program files\iPod 2011-05-08 02:44:53 -------- d-----w- c:\docume~1\alluse~1.win\applic~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2011-05-08 02:40:55 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll 2011-05-08 02:40:55 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll 2011-05-08 02:40:55 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll 2011-05-08 02:40:55 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll 2011-05-08 02:40:55 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll 2011-05-08 02:40:55 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll 2011-05-08 02:40:55 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll 2011-05-08 02:35:15 -------- d-----w- c:\program files\Bonjour 2011-05-02 02:21:36 -------- dc----w- C:\iTunes 2011-04-24 05:22:16 -------- d-----w- c:\docume~1\owner\locals~1\applic~1\Temp . ==================== Find3M ==================== . 2011-04-06 23:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll 2011-04-06 23:20:16 197920 ----a-w- c:\windows\system32\dnssdX.dll 2011-04-06 23:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe 2011-03-21 02:08:23 73728 ----a-w- c:\documents and settings\owner\zlib.dll 2011-03-21 02:08:23 585728 ----a-w- c:\documents and settings\owner\HPAsset.exe 2011-03-21 02:08:23 40960 ----a-w- c:\documents and settings\owner\hpmonZ.exe 2011-03-21 02:08:23 36208 ----a-w- c:\documents and settings\owner\Dscan16.dll 2011-03-21 02:08:23 2855 ----a-w- c:\documents and settings\owner\Smstub16.pif 2011-03-21 02:08:23 17477 ----a-w- c:\documents and settings\owner\Smstub16.exe 2011-03-17 15:53:44 1885536 ----a-w- c:\windows\system32\AutoPartNt.exe 2011-02-08 13:31:03 0 ----a-w- c:\windows\Xquqodeneqehexo.bin 2010-07-24 01:37:48 20350424 ----a-w- c:\program files\LightScribeSimpleLabeler_1.18.15.1.exe . ============= FINISH: 17:55:40.29 =============== Here is the Malware Bytes log file from teh scan I ran earlier today. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6533 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 5/8/2011 3:36:05 PM mbam-log-2011-05-08 (15-36-05).txt Scan type: Full scan (C:\|) Objects scanned: 271562 Time elapsed: 1 hour(s), 42 minute(s), 21 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) So what do I do now? MARK B mark@velocityla.com Ark.txt.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.