1.11M Members

dns error and 2 trojans found using spybot

 
0
 

Hello everyone, I was hoping to get some help with my computer problems that i've been experiencing lately. I have a router that i use for internet connection w/ my other desktops in my household. Recently i've had to directly connect my modem to my computer if i wanted access to the cable internet but it is slow and constantly interrupted. when i try to connect to the internet w/ the router i get a dns error and no internet connection. i also found two trojans using spybot. please help, i would like to get my router w/ internet access up and running again. thanks.

 
0
 

I've followed every step in the Read me before posting a request for assistance
thread.

I'm having trouble running a malwarebytes full scan. When I run the scan my computer is shutting off and sending a power charge throughout my house and blacking out every light and appliance.

I'm still getting a DNS error and have no internet access within my network.

Thanks for the help.

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-02-02 00:42:15
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST3500620AS rev.DE13
Running: 9v8gtwg2.exe; Driver: C:\Users\Al\AppData\Local\Temp\fxldapow.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x90BAF7A2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp aswFW.SYS (avast! Filtering TDI driver/AVAST Software)
AttachedDevice \Driver\tdx \Device\Udp aswFW.SYS (avast! Filtering TDI driver/AVAST Software)

---- EOF - GMER 1.0.15 ----


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-02-02 09:38:21
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST3500620AS rev.DE13
Running: 9v8gtwg2.exe; Driver: C:\Users\Al\AppData\Local\Temp\fxldapow.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAddBootEntry [0x91097FC4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEvent [0x9109A456]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEventPair [0x9109A4AE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateIoCompletion [0x9109A5C4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateMutant [0x9109A3AC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSection [0x9109A4FE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSemaphore [0x9109A400]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateTimer [0x9109A572]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteBootEntry [0x91097FE8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwLoadDriver [0x91097DB2]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwModifyBootEntry [0x9109800C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0x9109A9BC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeMultipleKeys [0x91098AA4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEvent [0x9109A486]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEventPair [0x9109A4D6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenIoCompletion [0x9109A5EE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenMutant [0x9109A3D8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSection [0x9109A53E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSemaphore [0x9109A42E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenTimer [0x9109A59C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryObject [0x9109896A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootEntryOrder [0x91098030]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootOptions [0x91098054]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemInformation [0x91097E0C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemPowerState [0x91097F48]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwShutdownSystem [0x91097F24]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSystemDebugControl [0x91097F6C]
SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS ZwTerminateProcess [0x90AF6640]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwVdmControl [0x91098078]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x90BAF7A2]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \Driver\tdx \Device\Tcp aswFW.SYS (avast! Filtering TDI driver/AVAST Software)
AttachedDevice \Driver\tdx \Device\Udp aswFW.SYS (avast! Filtering TDI driver/AVAST Software)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\Services\ESQULserv.sys@start 1
Reg HKLM\SYSTEM\ControlSet001\Services\ESQULserv.sys@type 1
Reg HKLM\SYSTEM\ControlSet001\Services\ESQULserv.sys@imagepath \systemroot\system32\drivers\ESQULvicumfpiicqbrensbhxndtkeqxvpipcr.sys
Reg HKLM\SYSTEM\ControlSet001\Services\ESQULserv.sys@group file system
Reg HKLM\SYSTEM\ControlSet001\Services\ESQULserv.sys\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\ESQULserv.sys\modules@ESQULserv
Reg HKLM\SYSTEM\ControlSet001\Services\ESQULserv.sys\modules@ESQULl
Reg HKLM\SYSTEM\ControlSet001\Services\ESQULserv.sys\modules@ESQULclk
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E51B4BBB-50E6-F176-5255-CF205BFC8239}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E51B4BBB-50E6-F176-5255-CF205BFC8239}@bblfcdkephglmdkfikgemmkjpldfodekbngm 0x61 0x61 0x00 0x00
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E51B4BBB-50E6-F176-5255-CF205BFC8239}@ablfcdkephglmdkfiklelglcekbhacekci 0x61 0x61 0x00 0x00

---- EOF - GMER 1.0.15 ----

Attachments Attach.txt (7.09KB) DDS.txt (13.83KB)
 
0
 

There is nothing in the MBA-M scanner that would be causing power problems in the house. Sounds to me like you have more than a computer or router problem. The computer does not have to be online to do any of these scans, only time it would need to be online with MBA-M would be when it is updated, otherwise it can be totally disconnected from the internet. But as I said, there is nothing in the program that would even relate to power problems in the house, except the computer needs power to run of course but if it.

Those two DDS Logs were supposed to be copy/pasted, not attached. We don't open attached logs from possibly infected computers. The instructions are quite clear on that.

 
0
 

jholland1964, you are right. There was a blackout in my neighborhood and it was unrelated to running malwarebytes. It was just a coincidence. Thanks for all the help.

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.02.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19170
Al :: PC [administrator]

Protection: Disabled

2/3/2012 8:49:03 AM
mbam-log-2012-02-03 (08-49-03).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 344529
Time elapsed: 1 hour(s), 8 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
"Nero SoundTrax Help
7-Zip 9.20
Adobe AIR
Adobe Bridge 1.0
Adobe Community Help
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Media Player
Adobe Photoshop 7.0
Adobe Photoshop CS5
Adobe Reader 9.4.5
Adobe Setup
Advertising Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Auto Gordian Knot 2.55
avast! Internet Security
Bejeweled 2 Deluxe
Bejeweled 3
Bonjour
CCleaner
Choice Guard
Compatibility Pack for the 2007 Office system
ConvertXtoDVD 3.3.0.96
Dell DataSafe Online
Dell Dock
Dell Edoc Viewer
Dell Getting Started Guide
Dell Support Center (Support Software)
Dell Video Chat
DELL0604
DivX Converter
DivX Plus DirectShow Filters
DivX Setup
DivX Version Checker
DolbyFiles
GoToAssist 8.0.0.514
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
hp deskjet 3420 series (Remove only)
ImagXpress
Intel(R) Graphics Media Accelerator Driver
iTunes
Java Auto Updater
Java(TM) 6 Update 30
Junk Mail filter update
Malwarebytes Anti-Malware version 1.60.1.1000
Menu Templates - Starter Kit
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Movie Templates - Starter Kit
Mozilla Firefox 9.0.1 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
Nero 9
Nero BurningROM
Nero BurnRights
Nero ControlCenter
Nero DiscSpeed
Nero DriveSpeed
Nero Express
Nero InfoTool
Nero Installer
Nero Live
Nero Live Help
Nero Recode
Nero Recode Help
Nero Rescue Agent
Nero ShowTime
Nero StartSmart
Nero StartSmart Help
Nero Vision
NeroBurningROM
NeroExpress
neroxml
OGA Notifier 2.0.0048.0
PDF Settings CS5
Peggle Nights
PokerStars
PowerDVD
QuickTime
Realtek Ethernet Network Card Diagnostic tool for Windows Vista
Realtek High Definition Audio Driver
Revo Uninstaller 1.92
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype Toolbars
SoundTrax
Spybot - Search & Destroy
SUPERAntiSpyware
System Requirements Lab
Topaz ReMask 3
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
VC80CRTRedist - 8.0.50727.4053
Veetle TV 0.9.18
Vista Codec Package
vShare Plugin
Windows Installer Clean Up
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
WinRAR archiver
WinUtilities 10.35 Free Edition
Wise Registry Cleaner 5.9.4
Xvid 1.2.1 final uninstall
XviD MPEG4 Video Codec (remove only)
.
==== End Of File ===========================


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19170 BrowserJavaVersion: 1.6.0_30
Run by Al at 0:23:16 on 2012-02-02
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Windows\system32\AERTSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Al\Downloads\dds.scr
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k wdisvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.espn.com
uWindow Title = Microsoft Internet Explorer
uDefault_Page_URL = hxxp://www.espn.com
uInternet Settings,ProxyServer = socks=127.0.0.1:4021
uInternet Settings,ProxyOverride = local
BHO: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - c:\program files\vshare\vshare_toolbar.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [Sidebar] "c:\program files\windows sidebar\sidebar.exe" /autoRun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [RtHDVCpl] "c:\windows\RtHDVCpl.exe"
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5}
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: espn.com\www
Trusted Zone: microsoft.com\www
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{89955C3A-B419-4DCE-8B42-6C2ADEAD42E1} : DhcpNameServer = 209.18.47.61 209.18.47.62
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - c:\program files\vshare\vshare_toolbar.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\al\appdata\roaming\mozilla\firefox\profiles\4wafbhb2.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.espn.com/
FF - prefs.js: keyword.URL - hxxp://videobar.bingstart.com/s/?src=FF-Address&site=Bing&cfg=2-139-0-1RUYj&q=
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dll
FF - plugin: c:\program files\vistacodecpack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\vistacodecpack\rm\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\al\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\windows\system32\tvuax\npTVUAx.dll
.
============= SERVICES / DRIVERS ===============
.
R? avast! Firewall;avast! Firewall
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? SwitchBoard;Adobe SwitchBoard
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? !SASCORE;SAS Core Service
S? AERTFilters;Andrea RT Filters Service
S? aswFsBlk;aswFsBlk
S? aswFW;avast! TDI Firewall driver
S? aswMonFlt;aswMonFlt
S? aswNdis;avast! Firewall NDIS Filter Service
S? aswNdis2;avast! Firewall Core Firewall Service
S? aswSnx;aswSnx
S? aswSP;aswSP
S? avast! Antivirus;avast! Antivirus
S? DockLoginService;Dock Login Service
S? FontCache;Windows Font Cache Service
S? IntcHdmiAddService;Intel(R) High Definition Audio HDMI
S? MBAMProtector;MBAMProtector
S? MBAMService;MBAMService
S? RtNdPt60;Realtek NDIS Protocol Driver
S? SASDIFSV;SASDIFSV
S? SASKUTIL;SASKUTIL
S? SBSDWSCService;SBSD Security Center Service
.
=============== File Associations ===============
.
.txt=
.
=============== Created Last 30 ================
.
2012-02-02 08:17:54 -------- d-----w- c:\users\al\appdata\local\Adobe
2012-02-02 06:31:45 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-01 19:38:33 -------- d-----w- c:\users\al\appdata\roaming\SUPERAntiSpyware.com
2012-02-01 19:38:08 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-02-01 19:38:08 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-02-01 17:37:19 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-02-01 17:37:19 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-02-01 16:01:25 6557240 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{ab321bfa-ee3d-4a49-84e9-32ecef8aa545}\mpengine.dll
2012-01-27 03:11:38 -------- d-----w- C:\1ae9dbf4a5ca1777bc1f91
2012-01-27 02:32:07 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2012-01-27 02:32:06 97240 ----a-w- c:\program files\mozilla firefox\libEGL.dll
2012-01-27 02:32:06 814040 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
2012-01-27 02:32:06 626688 ----a-w- c:\program files\mozilla firefox\msvcr80.dll
2012-01-27 02:32:06 548864 ----a-w- c:\program files\mozilla firefox\msvcp80.dll
2012-01-27 02:32:06 486360 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
2012-01-27 02:32:06 479232 ----a-w- c:\program files\mozilla firefox\msvcm80.dll
2012-01-27 02:32:06 43992 ----a-w- c:\program files\mozilla firefox\mozutils.dll
2012-01-27 02:32:06 2124760 ----a-w- c:\program files\mozilla firefox\mozjs.dll
2012-01-27 02:32:06 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll
2012-01-27 02:32:06 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll
2012-01-27 02:32:06 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
2012-01-27 02:28:31 -------- d-----w- C:\62d0336cccbed49f02b32b
2012-01-27 02:27:21 16856 ----a-w- c:\program files\mozilla firefox\plugin-container.exe
2012-01-27 02:22:03 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-27 02:22:03 278528 ----a-w- c:\windows\system32\schannel.dll
2012-01-27 02:22:03 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-27 02:22:02 9728 ----a-w- c:\windows\system32\lsass.exe
2012-01-27 02:22:02 72704 ----a-w- c:\windows\system32\secur32.dll
2012-01-27 02:22:02 377344 ----a-w- c:\windows\system32\winhttp.dll
2012-01-19 05:43:57 111320 ----a-w- c:\windows\system32\drivers\aswFW.sys
2012-01-19 05:42:32 195416 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2012-01-19 05:42:30 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-01-19 05:42:29 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-01-19 05:41:48 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2012-01-19 05:41:47 41184 ----a-w- c:\windows\avastSS.scr
2012-01-19 05:41:25 -------- d-----w- c:\program files\AVAST Software
2012-01-11 03:36:59 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-01-11 03:36:59 189952 ----a-w- c:\windows\system32\winmm.dll
2012-01-11 03:36:58 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 03:36:56 66560 ----a-w- c:\windows\system32\packager.dll
2012-01-11 03:36:56 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-01-11 03:36:55 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-01-11 03:36:54 497152 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 03:36:54 1314816 ----a-w- c:\windows\system32\quartz.dll
.
==================== Find3M ====================
.
2011-12-07 18:08:58 236576 ------w- c:\windows\system32\MpSigStub.exe
2011-11-23 13:37:27 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-11-10 13:54:13 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-08 14:42:19 2048 ----a-w- c:\windows\system32\tzres.dll
.
============= FINISH: 0:23:34.04 ===============

 
0
 

Don't see much there. Can you get me the log from the SpyBot scan that found the trojans?
Do the following to access the logs:
Go into Spybot > Mode > Advanced mode > Tools > View Reports > View Pervious reports. Look for the Checks with the correct date and double click to open it and then copy/paste it back here.

Also, have you tried resetting the modem and the router?
Turn off all computers, laptops and video game consoles that are using the Internet connection through the modem and router. Unplug the power cords from the modem and the wireless router.

Wait 30 seconds and plug the power cord into the modem. The modem will start up and the indicator lights will begin to flicker. Wait for the lights to remain steady.

Plug the power cord into the wireless router. The indicator lights will flicker as it establishes a connection to the modem. When the lights are steady, the Internet connection is reset.

Turn on the computers, one at a time, that are using the router. Allow each one to boot to the desktop.

You
This article has been dead for over six months: Start a new discussion instead
Post:
Start New Discussion
Tags Related to this Article