bumpyphish

Members
  • Content count

    43
  • Joined

  • Last visited

  • Days Won

    1

bumpyphish last won the day on December 8 2011

bumpyphish had the most liked content!

Community Reputation

1 Neutral

About bumpyphish

  • Rank
    Advanced Member
  1. bumpyphish

    Need help removing malware

    So should I just get the two chips at 400 speed then? How can I find out which speed is ideal for my system? So I do have to actually install the new chips myself to my hardware? Could I just take the system somewhere and have some professionals do it? Would it be a ton more expensive to do so? Yikes...I'm scared of what might happen if I start digging around in the hardware of my computer....
  2. bumpyphish

    Need help removing malware

    "Do you know how to protect the computer from electrostatic discharges?" No, definitely not. Tell me more. "Can you in Belarc Advisor find anything with PC2700, PC3200, 333 MHz or 400 MHz?" No, I don't see any of those terms in the Belarc report. However, regarding this link: [url="http://www.memoryupgrade.pro/dimension-4600.html"]http://www.memoryupgrade.pro/dimension-4600.html[/url] When I click the link, the title of the page is "Better made Dell Dimension 4600 DDR 400MHz Unbuffered DIMM memory upgrades" and below that it says "Expand with a Dimension 4600 PC3200 184-PIN UDIMM PC RAM module kit option". Below that however, for sale are both the PC2700 333 Hz version and the PC3200 400 Hz version. Is it possible that website recognizes the specs of my machine? There is NO PRICE DIFFERENCE in the different memory upgrades. If not, how else can I recognize which memory upgrade is preferable? And how hard is this installation going to be? Is it something I physically have to install to my hard-drive or is it software installation?
  3. bumpyphish

    Need help removing malware

    Do I want: 2GB Dell Dimension 4600 desktop memory 2x 1GB 311-2867 PC2700 184-PIN DDR 333MHz PC DIMM upgrade OR 2GB Dell Dimension 4600 desktop memory 2x 1GB 311-2876 PC3200 184-PIN DDR 400MHz PC DIMM upgrade (same price) ???? I'm thinking it's the PC3200 but I want to be sure. So, am I actually going to have to install some hardware into my PC myself? If so, this ought to be an interesting experiment...
  4. bumpyphish

    Need help removing malware

    I have a Dell Dimension 4600. About to go to Windows Update and take care of those updates. Let me know what to do about RAM if you can, please.
  5. bumpyphish

    Need help removing malware

    Hi, I installed and ran Belarc. I do not see anything that explicity references "RAM". I'm sure the information is probably there but referenced in different verbage. I do see one bit of information that says: 512 Megabytes Usable Installed Memory Slot 'CHANNEL A DIMM 0' has 256 MB Slot 'CHANNEL B DIMM 0' has 256 MB Slot 'CHANNEL A DIMM 1' is Empty Slot 'CHANNEL B DIMM 1' is Empty Is this RAM-related? If not, what am I looking for? Is there any more information included in this "report" (it's actual opens in a URL so I don't seem to be able to save it) that might help you guys diagnose any issues with my system? Also, at the top of the report is says that I have 59 missing Microsoft Security Updates. Is this something that needs to be addressed? Thanks for your attention.
  6. bumpyphish

    Need help removing malware

    Blade, (or anyone) How do I add RAM and how much should I add?
  7. bumpyphish

    Need help removing malware

    How do I add RAM to my computer? Also, how much RAM would you suggest I add? And, where does it show on my system the current amount of RAM?
  8. bumpyphish

    Need help removing malware

    Revo uninstaller brings up Java 6 Update 3, Java 6 Update 5, and Java 6 Update 7 in addition to Java 6 Update 24. Can I assume it's safe to uninstall these earlier updates? FYI, they show up as icons that are different than Update 24. I'm still getting some signs that the system is not operating at its best. For instance, I got a message when browsing the internet last night saying that "The following plug-in is unresponsive: Unknown. Do you want to stop it?" Also, I frequently get a message that "Virtual Memory Minimum is too low". Does that refer to RAM? How do I interpret/remedy these? If you are not seeing signs of infection, are there other system issues that might cause such problems that you might help me address...or at least help me get a handle on what potential issues are and where I could turn to find a remedy? I will follow your suggestions for a disk check and defrag just as soon as I know we are done troubleshooting other things. Please advise me what else you might do if you were me. Thanks.
  9. bumpyphish

    Need help removing malware

    Haven't defragged lately. I can do that soon or now. I'd assume it would be best to do after we're done "tweaking' whatever needs to be tweaked so I'll hold off. Does Comodo take a lot of RAM? Should I consider uninstalling it? Is there another (lesser RAM required) firewall you would recommend? What about the infection found on that ESET scan? How do we remove that? Last time I sought help here (and I believe it was you who helped me) the cleaning process was long and involved, including HiJack This, OTL, and manual registry deletions to name a few. I seem to remember a bunch of Adobe Readers that we deleted. Could any of these kind of things be helpful for me now? I also saw on where I seem to have a lot of Java updates installed. Are all these necessary? Are there any other programs you see that are extraneous and not necessary? Anything and everything you can think of that might improve performance would be much appreciated. Thanks.
  10. bumpyphish

    Need help removing malware

    Attach log: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_11-03-05.01) . Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume2 Install Date: 9/21/2003 5:18:46 PM System Uptime: 4/3/2011 4:05:29 PM (3 hours ago) . Motherboard: Dell Computer Corp. | | 02Y832 Processor: Intel® Pentium® 4 CPU 2.66GHz | Microprocessor | 2660/533mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 74 GiB total, 18.839 GiB free. D: is CDROM () E: is CDROM () H: is FIXED (NTFS) - 466 GiB total, 211.014 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP1503: 1/6/2011 4:59:33 AM - System Checkpoint RP1504: 1/7/2011 5:55:08 AM - System Checkpoint RP1505: 1/8/2011 7:26:43 AM - System Checkpoint RP1506: 1/9/2011 7:36:04 AM - System Checkpoint RP1507: 1/10/2011 8:36:01 AM - System Checkpoint RP1508: 1/11/2011 9:26:05 AM - System Checkpoint RP1509: 1/13/2011 5:05:06 AM - System Checkpoint RP1510: 1/14/2011 5:22:09 AM - System Checkpoint RP1511: 1/15/2011 5:26:04 AM - System Checkpoint RP1512: 1/16/2011 9:03:53 AM - System Checkpoint RP1513: 1/17/2011 10:15:20 AM - System Checkpoint RP1514: 1/18/2011 12:44:52 PM - System Checkpoint RP1515: 1/19/2011 2:20:26 PM - System Checkpoint RP1516: 1/21/2011 4:55:58 AM - System Checkpoint RP1517: 1/22/2011 5:38:45 AM - System Checkpoint RP1518: 1/23/2011 5:54:34 AM - System Checkpoint RP1519: 1/24/2011 9:44:15 AM - System Checkpoint RP1520: 1/25/2011 9:54:22 AM - System Checkpoint RP1521: 1/26/2011 10:33:44 AM - System Checkpoint RP1522: 1/27/2011 11:33:44 AM - System Checkpoint RP1523: 1/28/2011 12:33:45 PM - System Checkpoint RP1524: 1/29/2011 1:33:43 PM - System Checkpoint RP1525: 1/30/2011 5:09:13 PM - System Checkpoint RP1526: 1/31/2011 5:33:53 PM - System Checkpoint RP1527: 2/1/2011 6:51:09 PM - System Checkpoint RP1528: 2/2/2011 7:31:54 PM - System Checkpoint RP1529: 2/3/2011 8:31:56 PM - System Checkpoint RP1530: 2/4/2011 9:31:57 PM - System Checkpoint RP1531: 2/5/2011 9:58:26 PM - System Checkpoint RP1532: 2/6/2011 10:52:54 PM - System Checkpoint RP1533: 2/8/2011 2:42:29 AM - System Checkpoint RP1534: 2/9/2011 3:32:10 AM - System Checkpoint RP1535: 2/10/2011 5:08:43 AM - System Checkpoint RP1536: 2/11/2011 5:32:09 AM - System Checkpoint RP1537: 2/12/2011 7:46:14 AM - System Checkpoint RP1538: 2/13/2011 8:32:23 AM - System Checkpoint RP1539: 2/14/2011 9:22:34 AM - System Checkpoint RP1540: 2/15/2011 10:22:37 AM - System Checkpoint RP1541: 2/17/2011 2:28:28 AM - System Checkpoint RP1542: 2/18/2011 4:30:50 AM - System Checkpoint RP1543: 2/19/2011 4:46:17 AM - System Checkpoint RP1544: 2/21/2011 2:29:43 AM - System Checkpoint RP1545: 2/21/2011 6:52:19 PM - Installed Java(tm) 6 Update 24 RP1546: 2/22/2011 6:56:01 PM - System Checkpoint RP1547: 2/23/2011 7:42:34 PM - System Checkpoint RP1548: 2/24/2011 8:42:44 PM - System Checkpoint RP1549: 2/25/2011 9:42:38 PM - System Checkpoint RP1550: 2/26/2011 11:42:22 PM - System Checkpoint RP1551: 2/27/2011 11:45:37 PM - System Checkpoint RP1552: 3/1/2011 1:52:46 AM - System Checkpoint RP1553: 3/2/2011 2:43:49 AM - System Checkpoint RP1554: 3/3/2011 2:53:23 AM - System Checkpoint RP1555: 3/4/2011 3:51:43 PM - System Checkpoint RP1556: 3/5/2011 4:29:11 PM - System Checkpoint RP1557: 3/6/2011 4:45:03 PM - System Checkpoint RP1558: 3/7/2011 4:46:55 PM - System Checkpoint RP1559: 3/8/2011 9:24:55 PM - System Checkpoint RP1560: 3/10/2011 12:25:50 AM - System Checkpoint RP1561: 3/11/2011 1:27:27 AM - System Checkpoint RP1562: 3/12/2011 1:55:42 AM - System Checkpoint RP1563: 3/13/2011 3:14:19 AM - System Checkpoint RP1564: 3/14/2011 3:17:06 AM - System Checkpoint RP1565: 3/15/2011 4:01:36 AM - System Checkpoint RP1566: 3/16/2011 12:24:41 PM - System Checkpoint RP1567: 3/17/2011 1:09:16 PM - System Checkpoint RP1568: 3/19/2011 3:24:58 AM - System Checkpoint RP1569: 3/20/2011 8:12:30 PM - System Checkpoint RP1570: 3/21/2011 9:09:26 PM - System Checkpoint RP1571: 3/22/2011 11:23:14 PM - System Checkpoint RP1572: 3/24/2011 2:29:04 AM - System Checkpoint RP1573: 3/25/2011 2:41:29 AM - System Checkpoint RP1574: 3/26/2011 2:59:33 AM - System Checkpoint RP1575: 3/27/2011 4:30:02 AM - System Checkpoint RP1576: 3/29/2011 5:48:07 AM - System Checkpoint RP1577: 3/30/2011 8:38:51 AM - System Checkpoint RP1578: 3/31/2011 8:52:58 AM - System Checkpoint RP1579: 4/1/2011 9:52:55 AM - System Checkpoint RP1580: 4/2/2011 10:33:47 AM - System Checkpoint RP1581: 4/3/2011 10:38:10 AM - System Checkpoint RP1582: 4/3/2011 3:58:02 PM - Revo Uninstaller's restore point - Spybot - Search & Destroy 1.4 RP1583: 4/3/2011 4:13:25 PM - Revo Uninstaller's restore point - Spybot - Search & Destroy RP1584: 4/3/2011 4:23:46 PM - Revo Uninstaller's restore point - Spybot - Search & Destroy RP1585: 4/3/2011 4:24:57 PM - Revo Uninstaller's restore point - Spybot - Search & Destroy RP1586: 4/3/2011 4:37:31 PM - Revo Uninstaller's restore point - Macromedia Shockwave Player . ==== Installed Programs ====================== . . µTorrent Acrobat.com Ad-Aware Adobe AIR Adobe Download Manager 1.2 (Remove Only) Adobe Flash Player 10 Plugin Adobe Photoshop Album 2.0 Starter Edition Adobe Reader 9.4.3 Adobe Shockwave Player 11.5 America Online AOL Coach Version 1.0(Build:20020823.1) AOL Instant Messenger Apple Application Support Apple Mobile Device Support Apple Software Update Avira AntiVir Personal - Free Antivirus Banctec Service Agreement Belkin Setup and Router Monitor Bodog Poker Version 2.3.3.7 Bonjour CCleaner COMODO Internet Security COMODO livePCsupport Conexant SmartHSFi V92 56K DF PCI Modem DAO Dell AIO Printer A940 Dell Networking Guide Dell Picture Studio - Dell Image Expert Dell Solution Center Dell Support Digital Line Detect ESPNMotion EZlist-MLS Macon FLAC Installer 1.1.0k (remove only) Google Chrome Google Toolbar for Internet Explorer Google Update Helper GoToAssist 8.0.0.514 Help and Support Customization HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB970653-v3) Instant Wireless USB Adapter Intel® PRO Network Adapters and Drivers Intel® PROSet iPod Updater 2004-11-15 iTunes Java Auto Updater Java(tm) 6 Update 24 K-Lite Codec Pack 6.7.0 (Basic) Malwarebytes' Anti-Malware Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Interactive Training Microsoft Internationalized Domain Names Mitigation APIs Microsoft Money 2002 Microsoft Money 2002 System Pack Microsoft National Language Support Downlevel APIs Microsoft Office XP Media Content Microsoft Office XP Small Business Microsoft Silverlight Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 mkw Audio Compression Toolkit MobileMe Control Panel Modem Helper Move Media Player Mozilla Firefox (3.6.7) MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MUSICMATCH® Jukebox myTunes Redux 1.0 NetWaiting NVIDIA Windows 2000/XP Display Drivers Paint Shop Pro 7 PeerBlock 1.0.0 (r181) PhotoMix 5.3 PowerDVD QuickTime RealOne Player Revo Uninstaller 1.91 REXplorer Component Upgrade Safari Security Update for Step By Step Interactive Training (KB898458) Security Update for Step By Step Interactive Training (KB923723) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB939653) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 8 (KB969897) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB972260) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows Media Player 9 (KB911565) Security Update for Windows Media Player 9 (KB917734) Security Update for Windows Media Player 9 (KB936782) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) SmartFTP Sound Blaster Live! Spybot - Search & Destroy Statistics SUPERAntiSpyware Free Edition Update for Windows Internet Explorer 8 (KB971930) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB973815) Viewpoint Manager (Remove Only) Viewpoint Media Player Viewpoint Toolbar (Remove Only) Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Media Format 11 runtime Windows Media Player 11 Windows Resource Kit Tools - SubInAcl.exe Windows XP Service Pack 3 WinRAR archiver WM Converter 2.0 . ==== Event Viewer Messages From Past Week ======== . 4/2/2011 5:05:56 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period. 4/1/2011 1:24:15 PM, error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: Cannot create a file when that file already exists. 3/27/2011 2:38:50 AM, error: atapi [9] - The device, \Device\Ide\IdePort1, did not respond within the timeout period. . ==== End Of File ===========================
  11. bumpyphish

    Need help removing malware

    DDS log: . DDS (Ver_11-03-05.01) - NTFSx86 Run by Alex Meadors at 19:06:18.57 on Sun 04/03/2011 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.172 [GMT -4:00] . AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} FW: COMODO Firewall *Enabled* . ============== Running Processes =============== . C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\WINDOWS\system32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Avira\AntiVir Desktop\sched.exe svchost.exe C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\svchost.exe -k imgsvc C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe C:\Program Files\Dell AIO Printer A940\dlbabmon.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\COMODO\COMODO Internet Security\cfp.exe C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\Adobe\Director\SwDnld.exe C:\Documents and Settings\Alex Meadors\My Documents\Downloads\dds.com . ============== Pseudo HJT Report =============== . uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: Viewpoint Toolbar BHO: {a7327c09-b521-4edb-8509-7d2660c9ec98} - c:\program files\viewpoint\viewpoint toolbar\ViewBarBHO.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.15642\swg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: {BA52B914-B692-46c4-B683-905236F6F655} - No File TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [Dell AIO Printer A940] "c:\program files\dell aio printer a940\dlbabmgr.exe" mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h mRun: [InstaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" uPolicies-explorer: SpecifyDefaultButtons = 0 (0x0) mPolicies-explorer: <NO NAME> = IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - c:\program files\bodog poker\BPGame.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {2B1AA38D-2D12-11D5-AAD0-00C04FA03D78} - hxxp://portal.uga.edu/nps/portal/gadgets/com.novell.nps.gadgets.shortcut.ShortcutGadget/LocalExec.CAB DPF: {33564D57-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/wmv9dmo.cab DPF: {4E330863-6A11-11D0-BFD8-006097237877} - hxxp://support.rexplorer.net/iftw_install//iftwclix.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://zone.msn.com/binFramework/v10/ZIntro.cab27513.cab DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CE74A05D-ED12-473A-97F8-85FB0E2F479F} - hxxp://www.livephish.com/nugster/dlControl.CAB DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll AppInit_DLLs: c:\windows\system32\guard32.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\docume~1\alexme~1\applic~1\mozilla\firefox\profiles\d13hhs6h.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - plugin: c:\documents and settings\alex meadors\application data\move networks\plugins\npqmp071705000014.dll FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: Move Media Player: [email protected] - c:\documents and settings\alex meadors\application data\Move Networks . ============= SERVICES / DRIVERS =============== . R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-12-25 64288] R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-12-3 11608] R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2010-4-9 239368] R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-4-9 27576] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-4-27 67656] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-12-3 135336] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-12-3 269480] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-12-3 61960] R2 CLPSLS;COMODO livePCsupport Service;c:\program files\comodo\comodo livepcsupport\CLPSLS.exe [2010-2-19 148744] R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2010-4-9 1803224] R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-8-13 24652] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-11-10 136176] S3 mcupdmgr.exe;McAfee SecurityCenter Update Manager;c:\progra~1\mcafee.com\agent\mcupdmgr.exe --> c:\progra~1\mcafee.com\agent\mcupdmgr.exe [?] S3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2010-5-6 14424] S3 USBNET_XP;Instant Wireless XP USB Network Adapter ver.2.6 Driver;c:\windows\system32\drivers\netusbxp.sys [2003-9-21 72576] . =============== Created Last 30 ================ . 2011-04-03 20:47:56 -------- d-----w- c:\program files\ESET 2011-04-03 20:44:05 -------- d-----w- c:\windows\system32\Adobe 2011-04-03 20:41:16 -------- d-----w- c:\program files\Spybot - Search & Destroy 2011-04-01 17:47:54 -------- d-----w- c:\program files\iTunes 2011-04-01 17:41:20 -------- d-----w- c:\program files\Bonjour 2011-03-12 16:28:40 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll 2011-03-12 16:28:40 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll . ==================== Find3M ==================== . 2011-02-03 02:40:23 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-02-03 00:19:39 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-01-26 02:22:39 285480 ----a-w- c:\windows\system32\guard32.dll 2003-11-11 00:36:53 16251072 ----a-w- c:\program files\AdbeRdr60_enu_full.exe . ============= FINISH: 19:07:16.48 ===============
  12. bumpyphish

    Need help removing malware

    Uninstalled and re-installed Spybot and Macromedia Shockwave. I will not remove Utorrent; I only use it to download from one site and I'm confident it is secure and isn't causing me problems. There was 1 threat found via ESET. Couldn't find a "report" per se but here I list the "target" and then the "threat": C:\Program Files\Common Files\Real\Toolbar\realbar.dll probably a variant of Win32/Adware.Toolbar.Visicom.AB application As far as whether or not I am still experiencing symptoms, I would say yes. The computer seems to be running slow and I still have issues with the internet freezing up and "not responding" so I have to close the program via ctr/alt/del. I also have a "symptom" where when I go to START, TURN OFF COMPUTER, I get the hour glass for several minutes before being given the option to restart, shutdown, or (whatever that third option is). That is definitely not normal operation though I'm unsure of the cause for that. I will post new DDS and Attach logs from DDS in separate posts below and wait for instructions on how to proceed.
  13. bumpyphish

    Need help removing malware

    GMER log is attached here (I hope) as a .ZIP file Will wait for your instructions on what to do next.... [attachment=8626:GMER.zip]
  14. bumpyphish

    Need help removing malware

    Attach.text . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_11-03-05.01) . Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume2 Install Date: 9/21/2003 5:18:46 PM System Uptime: 4/1/2011 3:29:16 PM (25 hours ago) . Motherboard: Dell Computer Corp. | | 02Y832 Processor: Intel® Pentium® 4 CPU 2.66GHz | Microprocessor | 2660/533mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 74 GiB total, 18.805 GiB free. D: is CDROM () E: is CDROM () H: is FIXED (NTFS) - 466 GiB total, 211.016 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP1503: 1/6/2011 4:59:33 AM - System Checkpoint RP1504: 1/7/2011 5:55:08 AM - System Checkpoint RP1505: 1/8/2011 7:26:43 AM - System Checkpoint RP1506: 1/9/2011 7:36:04 AM - System Checkpoint RP1507: 1/10/2011 8:36:01 AM - System Checkpoint RP1508: 1/11/2011 9:26:05 AM - System Checkpoint RP1509: 1/13/2011 5:05:06 AM - System Checkpoint RP1510: 1/14/2011 5:22:09 AM - System Checkpoint RP1511: 1/15/2011 5:26:04 AM - System Checkpoint RP1512: 1/16/2011 9:03:53 AM - System Checkpoint RP1513: 1/17/2011 10:15:20 AM - System Checkpoint RP1514: 1/18/2011 12:44:52 PM - System Checkpoint RP1515: 1/19/2011 2:20:26 PM - System Checkpoint RP1516: 1/21/2011 4:55:58 AM - System Checkpoint RP1517: 1/22/2011 5:38:45 AM - System Checkpoint RP1518: 1/23/2011 5:54:34 AM - System Checkpoint RP1519: 1/24/2011 9:44:15 AM - System Checkpoint RP1520: 1/25/2011 9:54:22 AM - System Checkpoint RP1521: 1/26/2011 10:33:44 AM - System Checkpoint RP1522: 1/27/2011 11:33:44 AM - System Checkpoint RP1523: 1/28/2011 12:33:45 PM - System Checkpoint RP1524: 1/29/2011 1:33:43 PM - System Checkpoint RP1525: 1/30/2011 5:09:13 PM - System Checkpoint RP1526: 1/31/2011 5:33:53 PM - System Checkpoint RP1527: 2/1/2011 6:51:09 PM - System Checkpoint RP1528: 2/2/2011 7:31:54 PM - System Checkpoint RP1529: 2/3/2011 8:31:56 PM - System Checkpoint RP1530: 2/4/2011 9:31:57 PM - System Checkpoint RP1531: 2/5/2011 9:58:26 PM - System Checkpoint RP1532: 2/6/2011 10:52:54 PM - System Checkpoint RP1533: 2/8/2011 2:42:29 AM - System Checkpoint RP1534: 2/9/2011 3:32:10 AM - System Checkpoint RP1535: 2/10/2011 5:08:43 AM - System Checkpoint RP1536: 2/11/2011 5:32:09 AM - System Checkpoint RP1537: 2/12/2011 7:46:14 AM - System Checkpoint RP1538: 2/13/2011 8:32:23 AM - System Checkpoint RP1539: 2/14/2011 9:22:34 AM - System Checkpoint RP1540: 2/15/2011 10:22:37 AM - System Checkpoint RP1541: 2/17/2011 2:28:28 AM - System Checkpoint RP1542: 2/18/2011 4:30:50 AM - System Checkpoint RP1543: 2/19/2011 4:46:17 AM - System Checkpoint RP1544: 2/21/2011 2:29:43 AM - System Checkpoint RP1545: 2/21/2011 6:52:19 PM - Installed Java(tm) 6 Update 24 RP1546: 2/22/2011 6:56:01 PM - System Checkpoint RP1547: 2/23/2011 7:42:34 PM - System Checkpoint RP1548: 2/24/2011 8:42:44 PM - System Checkpoint RP1549: 2/25/2011 9:42:38 PM - System Checkpoint RP1550: 2/26/2011 11:42:22 PM - System Checkpoint RP1551: 2/27/2011 11:45:37 PM - System Checkpoint RP1552: 3/1/2011 1:52:46 AM - System Checkpoint RP1553: 3/2/2011 2:43:49 AM - System Checkpoint RP1554: 3/3/2011 2:53:23 AM - System Checkpoint RP1555: 3/4/2011 3:51:43 PM - System Checkpoint RP1556: 3/5/2011 4:29:11 PM - System Checkpoint RP1557: 3/6/2011 4:45:03 PM - System Checkpoint RP1558: 3/7/2011 4:46:55 PM - System Checkpoint RP1559: 3/8/2011 9:24:55 PM - System Checkpoint RP1560: 3/10/2011 12:25:50 AM - System Checkpoint RP1561: 3/11/2011 1:27:27 AM - System Checkpoint RP1562: 3/12/2011 1:55:42 AM - System Checkpoint RP1563: 3/13/2011 3:14:19 AM - System Checkpoint RP1564: 3/14/2011 3:17:06 AM - System Checkpoint RP1565: 3/15/2011 4:01:36 AM - System Checkpoint RP1566: 3/16/2011 12:24:41 PM - System Checkpoint RP1567: 3/17/2011 1:09:16 PM - System Checkpoint RP1568: 3/19/2011 3:24:58 AM - System Checkpoint RP1569: 3/20/2011 8:12:30 PM - System Checkpoint RP1570: 3/21/2011 9:09:26 PM - System Checkpoint RP1571: 3/22/2011 11:23:14 PM - System Checkpoint RP1572: 3/24/2011 2:29:04 AM - System Checkpoint RP1573: 3/25/2011 2:41:29 AM - System Checkpoint RP1574: 3/26/2011 2:59:33 AM - System Checkpoint RP1575: 3/27/2011 4:30:02 AM - System Checkpoint RP1576: 3/29/2011 5:48:07 AM - System Checkpoint RP1577: 3/30/2011 8:38:51 AM - System Checkpoint RP1578: 3/31/2011 8:52:58 AM - System Checkpoint RP1579: 4/1/2011 9:52:55 AM - System Checkpoint RP1580: 4/2/2011 10:33:47 AM - System Checkpoint . ==== Installed Programs ====================== . . µTorrent Acrobat.com Ad-Aware Adobe AIR Adobe Download Manager 1.2 (Remove Only) Adobe Flash Player 10 Plugin Adobe Photoshop Album 2.0 Starter Edition Adobe Reader 9.4.3 America Online AOL Coach Version 1.0(Build:20020823.1) AOL Instant Messenger Apple Application Support Apple Mobile Device Support Apple Software Update Avira AntiVir Personal - Free Antivirus Banctec Service Agreement Belkin Setup and Router Monitor Bodog Poker Version 2.3.3.7 Bonjour CCleaner COMODO Internet Security COMODO livePCsupport Conexant SmartHSFi V92 56K DF PCI Modem DAO Dell AIO Printer A940 Dell Networking Guide Dell Picture Studio - Dell Image Expert Dell Solution Center Dell Support Digital Line Detect ESPNMotion EZlist-MLS Macon FLAC Installer 1.1.0k (remove only) Google Chrome Google Toolbar for Internet Explorer Google Update Helper GoToAssist 8.0.0.514 Help and Support Customization HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB970653-v3) Instant Wireless USB Adapter Intel® PRO Network Adapters and Drivers Intel® PROSet iPod Updater 2004-11-15 iTunes Java Auto Updater Java(tm) 6 Update 24 K-Lite Codec Pack 6.7.0 (Basic) Macromedia Shockwave Player Malwarebytes' Anti-Malware Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Interactive Training Microsoft Internationalized Domain Names Mitigation APIs Microsoft Money 2002 Microsoft Money 2002 System Pack Microsoft National Language Support Downlevel APIs Microsoft Office XP Media Content Microsoft Office XP Small Business Microsoft Silverlight Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 mkw Audio Compression Toolkit MobileMe Control Panel Modem Helper Move Media Player Mozilla Firefox (3.6.7) MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MUSICMATCH® Jukebox myTunes Redux 1.0 NetWaiting NVIDIA Windows 2000/XP Display Drivers Paint Shop Pro 7 PeerBlock 1.0.0 (r181) PhotoMix 5.3 PowerDVD QuickTime RealOne Player Revo Uninstaller 1.83 REXplorer Component Upgrade Safari Security Update for Step By Step Interactive Training (KB898458) Security Update for Step By Step Interactive Training (KB923723) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB939653) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 8 (KB969897) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB972260) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows Media Player 9 (KB911565) Security Update for Windows Media Player 9 (KB917734) Security Update for Windows Media Player 9 (KB936782) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) SmartFTP Sound Blaster Live! Spybot - Search & Destroy Spybot - Search & Destroy 1.4 Statistics SUPERAntiSpyware Free Edition Update for Windows Internet Explorer 8 (KB971930) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB973815) Viewpoint Manager (Remove Only) Viewpoint Media Player Viewpoint Toolbar (Remove Only) Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Media Format 11 runtime Windows Media Player 11 Windows Resource Kit Tools - SubInAcl.exe Windows XP Service Pack 3 WinRAR archiver WM Converter 2.0 . ==== Event Viewer Messages From Past Week ======== . 4/1/2011 1:24:15 PM, error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: Cannot create a file when that file already exists. 3/30/2011 11:12:07 AM, error: atapi [9] - The device, \Device\Ide\IdePort1, did not respond within the timeout period. . ==== End Of File ===========================
  15. bumpyphish

    Need help removing malware

    DDS.text: . DDS (Ver_11-03-05.01) - NTFSx86 Run by Alex Meadors at 16:55:00.26 on Sat 04/02/2011 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.128 [GMT -4:00] . AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} FW: COMODO Firewall *Enabled* . ============== Running Processes =============== . C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\WINDOWS\system32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Avira\AntiVir Desktop\sched.exe svchost.exe C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\svchost.exe -k imgsvc C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe C:\Program Files\Dell AIO Printer A940\dlbabmon.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\dllhost.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Alex Meadors\My Documents\Downloads\dds.com . ============== Pseudo HJT Report =============== . uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: Viewpoint Toolbar BHO: {a7327c09-b521-4edb-8509-7d2660c9ec98} - c:\program files\viewpoint\viewpoint toolbar\ViewBarBHO.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.15642\swg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: {BA52B914-B692-46c4-B683-905236F6F655} - No File TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [Dell AIO Printer A940] "c:\program files\dell aio printer a940\dlbabmgr.exe" mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h mRun: [InstaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" uPolicies-explorer: SpecifyDefaultButtons = 0 (0x0) mPolicies-explorer: <NO NAME> = IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - c:\program files\bodog poker\BPGame.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {2B1AA38D-2D12-11D5-AAD0-00C04FA03D78} - hxxp://portal.uga.edu/nps/portal/gadgets/com.novell.nps.gadgets.shortcut.ShortcutGadget/LocalExec.CAB DPF: {33564D57-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/wmv9dmo.cab DPF: {4E330863-6A11-11D0-BFD8-006097237877} - hxxp://support.rexplorer.net/iftw_install//iftwclix.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://zone.msn.com/binFramework/v10/ZIntro.cab27513.cab DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CE74A05D-ED12-473A-97F8-85FB0E2F479F} - hxxp://www.livephish.com/nugster/dlControl.CAB DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll AppInit_DLLs: c:\windows\system32\guard32.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\docume~1\alexme~1\applic~1\mozilla\firefox\profiles\d13hhs6h.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - plugin: c:\documents and settings\alex meadors\application data\move networks\plugins\npqmp071705000014.dll FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: Move Media Player: [email protected] - c:\documents and settings\alex meadors\application data\Move Networks . ============= SERVICES / DRIVERS =============== . R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-12-25 64288] R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-12-3 11608] R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2010-4-9 239368] R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-4-9 27576] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-4-27 67656] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-12-3 135336] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-12-3 269480] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-12-3 61960] R2 CLPSLS;COMODO livePCsupport Service;c:\program files\comodo\comodo livepcsupport\CLPSLS.exe [2010-2-19 148744] R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2010-4-9 1803224] R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-8-13 24652] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-11-10 136176] S3 mcupdmgr.exe;McAfee SecurityCenter Update Manager;c:\progra~1\mcafee.com\agent\mcupdmgr.exe --> c:\progra~1\mcafee.com\agent\mcupdmgr.exe [?] S3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2010-5-6 14424] S3 USBNET_XP;Instant Wireless XP USB Network Adapter ver.2.6 Driver;c:\windows\system32\drivers\netusbxp.sys [2003-9-21 72576] . =============== Created Last 30 ================ . 2011-04-01 17:47:54 -------- d-----w- c:\program files\iTunes 2011-04-01 17:41:20 -------- d-----w- c:\program files\Bonjour 2011-03-12 16:28:40 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll 2011-03-12 16:28:40 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll . ==================== Find3M ==================== . 2011-02-03 02:40:23 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-02-03 00:19:39 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-01-26 02:22:39 285480 ----a-w- c:\windows\system32\guard32.dll 2003-11-11 00:36:53 16251072 ----a-w- c:\program files\AdbeRdr60_enu_full.exe . ============= FINISH: 16:57:03.23 ===============