Jump to content


Photo
- - - - -

Help me .. computer infected


  • This topic is locked This topic is locked
2 replies to this topic

#1 HappyTree04

HappyTree04

    New Member

  • Members
  • Pip
  • 18 posts

Posted 30 May 2012 - 08:20 AM

Hello my computer is running slow lately and when i ran my malwarebytes it gives me more than 20 virus and i cant remove it


this is the dds log



.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 6.0.2900.2180
Run by Administrator at 20:55:00 on 2012-05-30
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1789.1409 [GMT -7:00]
.
.
============== Running Processes ===============
.
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\ntvdm.exe
.
============== Pseudo HJT Report ===============
.
BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mPolicies-system: EnableLUA = 0 (0x0)
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 124.106.5.2 124.106.7.2 192.168.2.1
TCP: Interfaces\{1AA50465-186B-441F-A80A-46FF0719120B} : DhcpNameServer = 124.106.5.2 124.106.7.2 192.168.2.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\ls3doxp6.default\
FF - plugin: c:\documents and settings\administrator\application data\kalydo\kalydoplayer\bin1\npkalydo.dll
FF - plugin: c:\documents and settings\administrator\local settings\application data\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrl.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\windows media player\npdrmv2.dll
FF - plugin: c:\program files\windows media player\npdsplay.dll
FF - plugin: c:\program files\windows media player\npwmsdrm.dll
FF - plugin: c:\program files\yahoo!\shared\npYState.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
.
============= SERVICES / DRIVERS ===============
.
R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [2012-1-26 108448]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\iobit\advanced systemcare 5\ASCService.exe [2012-5-15 913752]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-4-26 654408]
R3 amsint32;amsint32;\??\c:\windows\system32\drivers\tenon.sys --> c:\windows\system32\drivers\tenon.sys [?]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2012-4-25 63088]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-4-26 22344]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-4-5 240264]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-5-17 257696]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-27 199608]
.
=============== Created Last 30 ================
.
2012-05-31 03:54:49 -------- d--h--w- c:\windows\PIF
2012-05-30 17:49:05 -------- d-----w- c:\progra~1\CCleaner
2012-05-30 16:46:37 -------- d-----w- c:\docume~1\admini~1\applic~1\Blender Foundation
2012-05-30 16:46:05 -------- d-----w- c:\docume~1\admini~1\.thumbnails
2012-05-30 06:26:06 99328 ----a-w- C:\kxnca.exe
2012-05-28 22:26:12 -------- d-----w- c:\progra~1\Blender Foundation
2012-05-18 03:15:42 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-18 03:15:42 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-18 02:56:35 -------- d-----w- c:\progra~1\CDisplay
2012-05-17 15:11:31 -------- d-s---w- c:\docume~1\admini~1\UserData
2012-05-15 05:36:12 -------- d-----w- c:\progra~1\CDisplayEx
2012-05-14 23:35:56 -------- d-----w- c:\docume~1\admini~1\local settings\application data\Identities
2012-05-12 04:21:20 -------- d-----w- c:\docume~1\admini~1\applic~1\Kalydo
2012-05-11 23:03:22 -------- d-----w- c:\docume~1\admini~1\applic~1\CDisplayEx
2012-05-11 20:51:37 -------- d-----w- c:\progra~1\uTorrent
2012-05-11 20:51:07 -------- d-----w- c:\docume~1\admini~1\applic~1\uTorrent
2012-05-01 09:11:22 -------- d-----w- c:\docume~1\alluse~1\application data\SYSTEMAX Software Development
2012-05-01 09:11:22 -------- d-----w- c:\docume~1\admini~1\applic~1\SYSTEMAX Software Development
.
==================== Find3M ====================
.
2012-04-26 15:02:13 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-26 15:02:13 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-23 11:26:26 108448 ----a-w- c:\windows\system32\drivers\idmtdi.sys
2012-04-04 22:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 20:56:00.57 ===============

#2 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,405 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 31 May 2012 - 08:49 AM

Hello HappyTree04! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:
  • If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

I want from you to re-run a new scan with last definitions, because I want to see what is going on there.

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.


In your next reply, post the following log files:

  • Malwarebytes' Anti-Malware log
  • a new fresh DDS log file (with Attach.txt)

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#3 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 07 June 2012 - 01:18 PM

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users