I4NI

Members
  • Content count

    2
  • Joined

  • Last visited

About I4NI

  • Rank
    New Member

Contact Methods

  • ICQ
    0
  1. Combo-fix will begin to load, when the green bar is full the screen will flash then turn off Combo-fix. I have more bad news now, looks like I'm also infected with Windows anti-virus pro (also System Security is trying to install). Sometimes I get lucky and manage to log onto process explorer quick enough to stop them from fully loading. (Windows anti virus pro, plus System Security block the task managers. While PC_Antispyware2010 blocks all of my "helper" programs; pretty mean 1 2 punch )
  2. Hey guys, looks like I'm in need of some help here. I woke up this morning to find out that my computer now has PC_Antispyware2010 on it. Right away I figured it to be a form of Malware. So I decided to try Malwarebytes, it starts up, begins the scan, then boots me; I try to log back in and it says "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item." So I came onto the forums looked over some threads and try'd some of the suggestions only to find that HijackThis, Combo-Fix, and RootRepeal do not work either (RootRepeal stops scaning at "windows/$hf_mig$/" everytime). They do not give the same message as Malwarebytes, but they wont even initiate. Also it keeps changing my IE homepage to Google, and whenever I search on it and click a link, it send we to random sites. Someone said to dl DDS on another thread, so I used it and got this as a result. DDS (Ver_09-07-30.01) - NTFSx86 Run by I'm me at 17:36:35.96 on Sat 08/08/2009 Internet Explorer: 7.0.5730.13 ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie mDefault_Search_URL = hxxp://www.google.com/ie mSearch Page = hxxp://www.google.com mStart Page = hxxp://www.google.com mSearchAssistant = hxxp://www.google.com uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll uURLSearchHooks: H - No File mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll mWinlogon: Shell=Explorer.exe rundll32.exe tapi.nfo beforeglav BHO: XML Class: {500bca15-57a7-4eaf-8143-8c619470b13d} - c:\windows\system32\msxml71.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe uRun: [igndlm.exe] c:\program files\download manager\DLM.exe /windowsstart /startifwork uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [braviax] c:\windows\system32\braviax.exe uRun: [Monopod] c:\docume~1\i'mme~1\locals~1\temp\e.exe mRun: [ehTray] c:\windows\ehome\ehtray.exe mRun: [LaunchApp] Alaunch mRun: [soundMan] SOUNDMAN.EXE mRun: [ntiMUI] c:\program files\newtech infosystems\nti cd & dvd-maker 7\ntiMUI.exe mRun: [<NO NAME>] mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe" mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" mRun: [iMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName mRun: [eRecoveryService] c:\acer\empowering technology\erecovery\Monitor.exe mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [DAEMON Tools-1033] "c:\program files\d-tools\daemon.exe" -lang 1033 mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [PC Antispyware 2010] "c:\program files\pc_antispyware2010\PC_Antispyware2010.exe" /hide mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k mRun: [braviax] braviax.exe uPolicies-explorer: ForceClassicControlPanel = 1 (0x1) IE: &ieSpell Options - c:\program files\iespell\iespell.dll/SPELLOPTION.HTM IE: Check &Spelling - c:\program files\iespell\iespell.dll/SPELLCHECK.HTM IE: Lookup on Merriam Webster - file://c:\program files\iespell\Merriam Webster.HTM IE: Lookup on Wikipedia - file://c:\program files\iespell\wikipedia.HTM IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTM IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTM IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.srtest.com/srl_bin/sysreqlab_srl.cab DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.9.113.cab DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://groups.msn.com/controls/PhotoUC/MsnPUpld.cab DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} - hxxp://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.21.0.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Notify: avgrsstarter - avgrsstx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ============= SERVICES / DRIVERS =============== =============== Created Last 30 ================ 2009-08-08 17:12 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-08-08 17:12 19,096 a------- c:\windows\system32\drivers\mbam.sys 2009-08-08 16:27 <DIR> --d----- c:\program files\Trend Micro 2009-08-08 16:07 141,824 a------- c:\windows\msb.exe 2009-08-08 16:07 132,608 a------- c:\windows\sv2.exe 2009-08-08 16:06 557,056 a------- c:\windows\svchost.exe 2009-08-08 14:35 91 a------- c:\windows\system32\SKYNETfmyuwksr.dat 2009-08-08 12:27 19,971 a------- c:\windows\ipacahi.dat 2009-08-08 12:27 19,481 a------- c:\docume~1\i'mme~1\applic~1\fasuve.dat 2009-08-08 12:27 18,545 a------- c:\program files\common files\fiziqebep.bin 2009-08-08 12:27 17,187 a------- c:\windows\system32\edyjody.sys 2009-08-08 12:27 16,726 a------- c:\docume~1\alluse~1\applic~1\defafa.scr 2009-08-08 12:27 16,035 a------- c:\windows\system32\odejap.dl 2009-08-08 12:27 15,953 a------- c:\windows\system32\ibez.vbs 2009-08-08 12:27 15,620 a------- c:\windows\ybepowyly.sys 2009-08-08 12:27 14,262 a------- c:\program files\common files\waqyj.com 2009-08-08 12:27 14,239 a------- c:\windows\ifocy.ban 2009-08-08 12:27 13,212 a------- c:\docume~1\alluse~1\applic~1\byjivumo.bat 2009-08-08 12:27 13,201 a------- c:\windows\jicozohanu.scr 2009-08-08 12:27 13,053 a------- c:\docume~1\alluse~1\applic~1\datomuj.vbs 2009-08-08 12:27 12,214 a------- c:\docume~1\alluse~1\applic~1\hege.exe 2009-08-08 12:27 12,186 a------- c:\windows\system32\yqemim.vbs 2009-08-08 12:27 11,151 a------- c:\docume~1\i'mme~1\applic~1\uvynalined.pif 2009-08-08 12:27 10,530 a------- c:\docume~1\i'mme~1\applic~1\niqabawaf.vbs 2009-08-08 12:22 19,763 a------- c:\windows\system32\ugafo.pif 2009-08-08 12:22 17,954 a------- c:\windows\lygilahig.dat 2009-08-08 12:22 17,326 a------- c:\windows\system32\omiw.dat 2009-08-08 12:22 17,104 a------- c:\windows\wano.pif 2009-08-08 12:22 16,217 a------- c:\windows\system32\jurub.sys 2009-08-08 12:22 10,897 a------- c:\windows\system32\upulisi.dl 2009-08-08 12:22 18,377 a------- c:\windows\system32\ubacutiri.sys 2009-08-08 12:22 17,483 a------- c:\windows\axomaqo.com 2009-08-08 12:22 10,704 a------- c:\docume~1\i'mme~1\applic~1\hebyfufosu.vbs 2009-08-08 12:22 10,143 a------- c:\windows\ewinydoh._sy 2009-08-08 12:22 <DIR> --d----- c:\program files\PC_Antispyware2010 2009-08-08 12:19 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2009-08-08 11:42 6 a------- C:\ISACER.ID 2009-08-08 11:42 712 a------- c:\windows\system32\Autorun.ini 2009-08-08 11:41 <DIR> --d----- c:\windows\system32\autorun 2009-08-08 00:37 151,040 a------- c:\windows\msa.exe 2009-08-08 00:37 208,900 a------- c:\windows\system32\msxml71.dll 2009-08-08 00:23 <DIR> --d-h--- c:\windows\PIF 2009-08-08 00:09 <DIR> --d----- c:\windows\system32\CatRoot 2009-08-08 00:08 12,288 a------- c:\windows\braviax.exe 2009-08-08 00:08 6,144 a------- c:\windows\system32\cru629.dat 2009-08-08 00:08 6,144 a------- c:\windows\cru629.dat 2009-08-06 07:45 1,089,593 -------- c:\windows\system32\dllcache\ntprint.cat 2009-08-06 03:04 <DIR> --d----- c:\windows\system32\XPSViewer 2009-08-06 03:03 1,676,288 -------- c:\windows\system32\xpssvcs.dll 2009-08-06 03:03 1,676,288 -------- c:\windows\system32\dllcache\xpssvcs.dll 2009-08-06 03:03 597,504 -------- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-08-06 03:03 575,488 -------- c:\windows\system32\xpsshhdr.dll 2009-08-06 03:03 575,488 -------- c:\windows\system32\dllcache\xpsshhdr.dll 2009-08-06 03:03 117,760 -------- c:\windows\system32\prntvpt.dll 2009-08-06 03:03 89,088 -------- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-08-06 03:03 <DIR> --d----- c:\windows\SxsCaPendDel 2009-08-05 19:03 <DIR> --d----- c:\program files\Stanza 2009-08-02 14:42 <DIR> --d----- c:\docume~1\i'mme~1\applic~1\Malwarebytes 2009-08-02 14:41 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-08-02 10:26 <DIR> --d----- c:\docume~1\alluse~1\applic~1\18403434 2009-07-30 01:50 <DIR> --d----- c:\docume~1\i'mme~1\applic~1\OpenOffice.org 2009-07-30 01:47 <DIR> --d----- c:\program files\JRE 2009-07-30 01:47 <DIR> --d----- c:\program files\OpenOffice.org 3 2009-07-30 01:47 73,728 a------- c:\windows\system32\javacpl.cpl 2009-07-18 15:55 <DIR> --d----- c:\program files\Sirtech 2009-07-18 15:55 306,688 a------- c:\windows\IsUninst.exe 2009-07-12 10:03 794,408 a------- c:\windows\system32\pbsvc.exe 2009-07-12 09:46 <DIR> --d----- c:\program files\EA Games ==================== Find3M ==================== 2009-08-08 14:35 1,415,540 a------- c:\windows\system32\SKYNETsqhosvvt.dat 2009-08-08 12:27 16,031 a------- c:\program files\common files\wuwo.dl 2009-08-08 12:22 17,240 a------- c:\program files\common files\sitonu.ban 2009-07-30 01:47 410,984 a------- c:\windows\system32\deploytk.dll 2009-07-19 07:33 3,597,824 -------- c:\windows\system32\dllcache\mshtml.dll 2009-07-19 07:32 6,067,200 -------- c:\windows\system32\dllcache\ieframe.dll 2009-07-12 10:03 139,152 ac------ c:\docume~1\i'mme~1\applic~1\PnkBstrK.sys 2009-07-12 10:03 139,152 a------- c:\windows\system32\drivers\PnkBstrK.sys 2009-07-12 10:03 111,928 a------- c:\windows\system32\PnkBstrB.exe 2009-07-05 08:37 335,752 a------- c:\windows\system32\drivers\avgldx86.sys 2009-07-02 08:40 11,952 a------- c:\windows\system32\avgrsstx.dll 2009-06-29 05:07 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe 2009-06-29 05:07 70,656 -------- c:\windows\system32\dllcache\ie4uinit.exe 2009-06-29 02:35 634,632 -------- c:\windows\system32\dllcache\iexplore.exe 2009-06-29 02:33 2,452,872 -------- c:\windows\system32\dllcache\ieapfltr.dat 2009-06-29 02:33 161,792 -------- c:\windows\system32\dllcache\ieakui.dll 2009-06-20 17:25 68,096 a------- c:\windows\system32\drivers\SKYNETltehrmlx.sys 2009-06-20 17:25 43,520 a------- c:\windows\system32\SKYNETymttpuvs.dll 2009-06-16 08:36 119,808 a------- c:\windows\system32\t2embed.dll 2009-06-16 08:36 81,920 a------- c:\windows\system32\fontsub.dll 2009-06-16 08:36 119,808 -------- c:\windows\system32\dllcache\t2embed.dll 2009-06-16 08:36 81,920 -------- c:\windows\system32\dllcache\fontsub.dll 2009-06-03 13:09 1,291,264 a------- c:\windows\system32\quartz.dll 2009-06-03 13:09 1,291,264 -------- c:\windows\system32\dllcache\quartz.dll 2009-06-02 01:55 114,688 a------- c:\windows\Lavish.dll ============= FINISH: 17:44:04.89 =============== Thanks for the help guys.