The_apprentice
2010-09-21, 18:09
My avg came up with lots of Trojan Sheur3s and, zbots and VBS/generics. A lot, like thousands by now. And they keep on coming. They're spreading fast and many things have become unsuable. I was not able to run ERUNT or uninstall certain undesirable programs mentioned elsewhere in this forum. When I try, it tells me I don't have permission yet I am the only one on this computer and permissions have never been set. I'm hearing random speaker sounds. I have an out of date Adobe Reader and an out of date Java, I have a feeling it was the latter since I see most issues in Java files, Java processes activate on their own, and I can't remove it. These seems agressive.
HELP!
Here is my dds log:
hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1199812422587
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480
\program\GAPlugProtocol-8876480.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~4\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Notification Packages = scecli c:\windows\system32\kasomunu.dll
Hosts: 127.0.0.1 www.spywareinfo.com
============= SERVICES / DRIVERS ===============
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-3-18 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-3-18 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-3-18 243024]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-15 308136]
S2 gupdate1caa5cf44f269d2;Google Update Service (gupdate1caa5cf44f269d2);c:\program files\google\update\GoogleUpdate.exe
[2010-2-4 133104]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;"c:\program files\google\google desktop
search\googledesktop.exe" --> c:\program files\google\google desktop search\GoogleDesktop.exe [?]
S3 PentaxUsb;PENTAX Optio E10 on USB;c:\windows\system32\drivers\CoachUsb.sys [2009-1-29 50976]
S3 PentaxVc;PENTAX Optio E10 Video Capture;c:\windows\system32\drivers\CoachVc.sys [2009-1-29 44256]
=============== Created Last 30 ================
2010-09-21 02:58:32 0 d-----w- c:\program files\sys231
2010-09-20 15:11:38 0 d-----w- c:\program files\sys21
2010-09-14 13:16:43 112 ----a-w- c:\docume~1\alluse~1\applic~1\SpEDc3UK.dat
2010-09-14 03:57:05 0 d-----w- c:\documents and settings\user\WINDOWS
2010-09-14 03:56:52 47104 ----a-w- c:\windows\system32\KMVIDC32.DLL
2010-08-24 23:45:49 0 d-----w- c:\program files\JRE
2010-08-24 23:45:06 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-23 01:47:00 664 ----a-w- c:\windows\system32\d3d9caps.dat
==================== Find3M ====================
2010-09-21 15:48:40 786432 ----a-w- c:\windows\system32\drivers\umrlleci.sys
2010-07-15 15:37:16 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-06-30 12:31:35 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:15:28 832512 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:15:26 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 12:15:26 17408 ------w- c:\windows\system32\corpol.dll
2009-07-14 18:59:36 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5
\mshist012009071420090715\index.dat
============= FINISH: 11:50:22.89 ===============
I can't zip the 'attach' file. So I will wait till requested to post it as instructed.
HELP!
Here is my dds log:
hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1199812422587
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480
\program\GAPlugProtocol-8876480.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~4\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Notification Packages = scecli c:\windows\system32\kasomunu.dll
Hosts: 127.0.0.1 www.spywareinfo.com
============= SERVICES / DRIVERS ===============
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-3-18 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-3-18 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-3-18 243024]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-15 308136]
S2 gupdate1caa5cf44f269d2;Google Update Service (gupdate1caa5cf44f269d2);c:\program files\google\update\GoogleUpdate.exe
[2010-2-4 133104]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;"c:\program files\google\google desktop
search\googledesktop.exe" --> c:\program files\google\google desktop search\GoogleDesktop.exe [?]
S3 PentaxUsb;PENTAX Optio E10 on USB;c:\windows\system32\drivers\CoachUsb.sys [2009-1-29 50976]
S3 PentaxVc;PENTAX Optio E10 Video Capture;c:\windows\system32\drivers\CoachVc.sys [2009-1-29 44256]
=============== Created Last 30 ================
2010-09-21 02:58:32 0 d-----w- c:\program files\sys231
2010-09-20 15:11:38 0 d-----w- c:\program files\sys21
2010-09-14 13:16:43 112 ----a-w- c:\docume~1\alluse~1\applic~1\SpEDc3UK.dat
2010-09-14 03:57:05 0 d-----w- c:\documents and settings\user\WINDOWS
2010-09-14 03:56:52 47104 ----a-w- c:\windows\system32\KMVIDC32.DLL
2010-08-24 23:45:49 0 d-----w- c:\program files\JRE
2010-08-24 23:45:06 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-23 01:47:00 664 ----a-w- c:\windows\system32\d3d9caps.dat
==================== Find3M ====================
2010-09-21 15:48:40 786432 ----a-w- c:\windows\system32\drivers\umrlleci.sys
2010-07-15 15:37:16 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-06-30 12:31:35 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:15:28 832512 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:15:26 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 12:15:26 17408 ------w- c:\windows\system32\corpol.dll
2009-07-14 18:59:36 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5
\mshist012009071420090715\index.dat
============= FINISH: 11:50:22.89 ===============
I can't zip the 'attach' file. So I will wait till requested to post it as instructed.