Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Gmail continues to be hacked.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Gmail continues to be hacked.

Unread postby snailed » June 19th, 2011, 6:57 pm

My Gmail continues to be hacked, with emails sent out to all of my contacts - despite changing the password on Gmail AND looking to see if it was connected (via forwarding) to any other email addresses. I changed my recovery email on Gmail as well. I'm wondering if there is Malware on my computer that AVG, Spybot, and Malwarebytes is not catching (i ran scans on all 3). ANY help would be greatly appreciated! Thanks!

DDS log:

.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
Run by User at 15:48:29 on 2011-06-19
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1271.456 [GMT -7:00]
.
AV: Spyware Doctor with AntiVirus *Enabled/Updated* {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lxeccoms.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Lexmark Pro800-Pro900 Series\lxecmon.exe
C:\Program Files\Lexmark Pro800-Pro900 Series\ezprint.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\NetZero\exec.exe
C:\Program Files\NetZero\exec.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\NetZero\qsacc\x1exec.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8
uSearch Page =
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8
uWindow Title = Windows Internet Explorer provided by Yahoo!
uSearchAssistant =
mSearchAssistant =
uURLSearchHooks: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
uURLSearchHooks: H - No File
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
mURLSearchHooks: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
mURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Pop-up Blocker: {52706ef7-d7a2-49ad-a615-e903858cf284} - c:\program files\netzero\qsacc\X1IEBHO.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
BHO: NetZero Toolbar Helper: {fe3098b0-04a3-41fd-8ca9-bea39cb14c87} - c:\program files\netzero\ucreg.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
TB: ZeroBar: {f0f8ecbe-d460-4b34-b007-56a92e8f84a7} - c:\program files\netzero\Toolbar.dll
TB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ModemOnHold] c:\program files\netwaiting\netWaiting.exe
uRun: [Aim] "c:\program files\aim\aim.exe" /d locale=en-US
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [NetZero_uoltray] c:\program files\netzero\exec.exe regrun
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [ICQ] "c:\program files\icq7.2\ICQ.exe" silent loginmode=4
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRunOnce: [SpybotDeletingD7025] cmd.exe /c del "c:\windows\wt\webdriver.dll"
uRunOnce: [SpybotDeletingB4191] command.com /c del "c:\windows\wt\data.wts"
uRunOnce: [SpybotDeletingD1227] cmd.exe /c del "c:\windows\wt\data.wts"
uRunOnce: [SpybotDeletingB1547] command.com /c del "c:\windows\wt\webdriver\4.1.1\actorobject.dll"
uRunOnce: [SpybotDeletingD3217] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\actorobject.dll"
uRunOnce: [SpybotDeletingB8128] command.com /c del "c:\windows\wt\webdriver\4.1.1\dx5drv.dll"
uRunOnce: [SpybotDeletingD6469] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\dx5drv.dll"
uRunOnce: [SpybotDeletingB2788] command.com /c del "c:\windows\wt\webdriver\4.1.1\dx7drv.dll"
uRunOnce: [SpybotDeletingD9520] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\dx7drv.dll"
uRunOnce: [SpybotDeletingB5138] command.com /c del "c:\windows\wt\webdriver\4.1.1\objectbundle.dll"
uRunOnce: [SpybotDeletingD8654] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\objectbundle.dll"
uRunOnce: [SpybotDeletingB3091] command.com /c del "c:\windows\wt\webdriver\4.1.1\sound.dll"
uRunOnce: [SpybotDeletingD2389] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\sound.dll"
uRunOnce: [SpybotDeletingB9086] command.com /c del "c:\windows\wt\webdriver\4.1.1\wdcaps.ded"
uRunOnce: [SpybotDeletingD9947] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\wdcaps.ded"
uRunOnce: [SpybotDeletingB2464] command.com /c del "c:\windows\wt\webdriver\4.1.1\wdengine.dll"
uRunOnce: [SpybotDeletingD363] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\wdengine.dll"
uRunOnce: [SpybotDeletingB1757] command.com /c del "c:\windows\wt\webdriver\4.1.1\webdriver.dll"
uRunOnce: [SpybotDeletingD6040] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\webdriver.dll"
uRunOnce: [SpybotDeletingB4985] command.com /c del "c:\windows\wt\webdriver\4.1.1\wthost.exe"
uRunOnce: [SpybotDeletingD7071] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\wthost.exe"
uRunOnce: [SpybotDeletingB9772] command.com /c del "c:\windows\wt\webdriver\4.1.1\wthostctl.dll"
uRunOnce: [SpybotDeletingD1602] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\wthostctl.dll"
uRunOnce: [SpybotDeletingB1158] command.com /c del "c:\windows\wt\webdriver\4.1.1\wtmulti.dll"
uRunOnce: [SpybotDeletingD8617] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\wtmulti.dll"
uRunOnce: [SpybotDeletingB698] command.com /c del "c:\windows\wt\webdriver\4.1.1\wtmulti.jar"
uRunOnce: [SpybotDeletingD6679] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\wtmulti.jar"
uRunOnce: [SpybotDeletingB2426] command.com /c del "c:\windows\wt\webdriver\4.1.1\wtwmplug.ax"
uRunOnce: [SpybotDeletingD4869] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\wtwmplug.ax"
uRunOnce: [SpybotDeletingB4454] command.com /c del "c:\windows\wt\webdriver\4.1.1\wtwmplug.ini"
uRunOnce: [SpybotDeletingD5409] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\wtwmplug.ini"
uRunOnce: [SpybotDeletingB8615] command.com /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\files\DRM0302.dll"
uRunOnce: [SpybotDeletingD7404] cmd.exe /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\files\DRM0302.dll"
uRunOnce: [SpybotDeletingB1497] command.com /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\files\DRM0302Java.jar"
uRunOnce: [SpybotDeletingD2709] cmd.exe /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\files\DRM0302Java.jar"
uRunOnce: [SpybotDeletingB6527] command.com /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\files\jDRM0302.dll"
uRunOnce: [SpybotDeletingD5147] cmd.exe /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\files\jDRM0302.dll"
uRunOnce: [SpybotDeletingB5598] command.com /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\files\rDRM0302.dll"
uRunOnce: [SpybotDeletingD7092] cmd.exe /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\files\rDRM0302.dll"
uRunOnce: [SpybotDeletingB2566] command.com /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\files\controlpanel\index.html"
uRunOnce: [SpybotDeletingD5026] cmd.exe /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\files\controlpanel\index.html"
uRunOnce: [SpybotDeletingB7143] command.com /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\install\DRM0302.cdanfo"
uRunOnce: [SpybotDeletingD1637] cmd.exe /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\install\DRM0302.cdanfo"
uRunOnce: [SpybotDeletingB2677] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\actorobject.dll"
uRunOnce: [SpybotDeletingD2959] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\actorobject.dll"
uRunOnce: [SpybotDeletingB383] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\dx5drv.dll"
uRunOnce: [SpybotDeletingD2498] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\dx5drv.dll"
uRunOnce: [SpybotDeletingB9479] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\dx7drv.dll"
uRunOnce: [SpybotDeletingD9722] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\dx7drv.dll"
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [<NO NAME>]
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [lxecmon.exe] "c:\program files\lexmark pro800-pro900 series\lxecmon.exe"
mRun: [EzPrint] "c:\program files\lexmark pro800-pro900 series\ezprint.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRunOnce: [SpybotDeletingA7424] command.com /c del "c:\windows\wt\webdriver.dll"
mRunOnce: [SpybotDeletingC1996] cmd.exe /c del "c:\windows\wt\webdriver.dll"
mRunOnce: [SpybotDeletingA7328] command.com /c del "c:\windows\wt\data.wts"
mRunOnce: [SpybotDeletingC370] cmd.exe /c del "c:\windows\wt\data.wts"
mRunOnce: [SpybotDeletingA1710] command.com /c del "c:\windows\wt\webdriver\4.1.1\actorobject.dll"
mRunOnce: [SpybotDeletingC9109] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\actorobject.dll"
mRunOnce: [SpybotDeletingA8933] command.com /c del "c:\windows\wt\webdriver\4.1.1\dx5drv.dll"
mRunOnce: [SpybotDeletingC6705] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\dx5drv.dll"
mRunOnce: [SpybotDeletingA4637] command.com /c del "c:\windows\wt\webdriver\4.1.1\dx7drv.dll"
mRunOnce: [SpybotDeletingC4335] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\dx7drv.dll"
mRunOnce: [SpybotDeletingA7979] command.com /c del "c:\windows\wt\webdriver\4.1.1\objectbundle.dll"
mRunOnce: [SpybotDeletingC9517] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\objectbundle.dll"
mRunOnce: [SpybotDeletingA536] command.com /c del "c:\windows\wt\webdriver\4.1.1\sound.dll"
mRunOnce: [SpybotDeletingC4020] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\wdcaps.ded"
mRunOnce: [SpybotDeletingA9352] command.com /c del "c:\windows\wt\webdriver\4.1.1\wdengine.dll"
mRunOnce: [SpybotDeletingC3151] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\wdengine.dll"
mRunOnce: [SpybotDeletingA878] command.com /c del "c:\windows\wt\webdriver\4.1.1\webdriver.dll"
mRunOnce: [SpybotDeletingC6105] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\webdriver.dll"
mRunOnce: [SpybotDeletingA9670] command.com /c del "c:\windows\wt\webdriver\4.1.1\wthost.exe"
mRunOnce: [SpybotDeletingC717] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\wthost.exe"
mRunOnce: [SpybotDeletingA1972] command.com /c del "c:\windows\wt\webdriver\4.1.1\wthostctl.dll"
mRunOnce: [SpybotDeletingC5437] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\wthostctl.dll"
mRunOnce: [SpybotDeletingA7651] command.com /c del "c:\windows\wt\webdriver\4.1.1\wtmulti.dll"
mRunOnce: [SpybotDeletingC8343] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\wtmulti.dll"
mRunOnce: [SpybotDeletingA6273] command.com /c del "c:\windows\wt\webdriver\4.1.1\wtmulti.jar"
mRunOnce: [SpybotDeletingC7900] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\wtmulti.jar"
mRunOnce: [SpybotDeletingA3732] command.com /c del "c:\windows\wt\webdriver\4.1.1\wtwmplug.ax"
mRunOnce: [SpybotDeletingC4924] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\wtwmplug.ax"
mRunOnce: [SpybotDeletingA835] command.com /c del "c:\windows\wt\webdriver\4.1.1\wtwmplug.ini"
mRunOnce: [SpybotDeletingC745] cmd.exe /c del "c:\windows\wt\webdriver\4.1.1\wtwmplug.ini"
mRunOnce: [SpybotDeletingA91] command.com /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\files\DRM0302.dll"
mRunOnce: [SpybotDeletingC9879] cmd.exe /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\files\DRM0302.dll"
mRunOnce: [SpybotDeletingA6277] command.com /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\files\DRM0302Java.jar"
mRunOnce: [SpybotDeletingC9759] cmd.exe /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\files\DRM0302Java.jar"
mRunOnce: [SpybotDeletingA2878] command.com /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\files\jDRM0302.dll"
mRunOnce: [SpybotDeletingC8233] cmd.exe /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\files\jDRM0302.dll"
mRunOnce: [SpybotDeletingA5416] command.com /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\files\rDRM0302.dll"
mRunOnce: [SpybotDeletingC9572] cmd.exe /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\files\rDRM0302.dll"
mRunOnce: [SpybotDeletingA1282] command.com /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\files\controlpanel\index.html"
mRunOnce: [SpybotDeletingC2220] cmd.exe /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\files\controlpanel\index.html"
mRunOnce: [SpybotDeletingA9360] command.com /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\install\DRM0302.cdanfo"
mRunOnce: [SpybotDeletingC5559] cmd.exe /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\install\DRM0302.cdanfo"
mRunOnce: [SpybotDeletingA1307] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\actorobject.dll"
mRunOnce: [SpybotDeletingC8763] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\actorobject.dll"
mRunOnce: [SpybotDeletingA4702] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\dx5drv.dll"
mRunOnce: [SpybotDeletingC5301] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\dx5drv.dll"
mRunOnce: [SpybotDeletingA6038] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\dx7drv.dll"
mRunOnce: [SpybotDeletingC4632] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\dx7drv.dll"
mRunOnce: [SpybotDeletingA9845] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\jdriver.dll"
mRunOnce: [SpybotDeletingC7078] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\jdriver.dll"
mRunOnce: [SpybotDeletingA2552] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\npWTHost.dll"
mRunOnce: [SpybotDeletingC6168] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\npWTHost.dll"
mRunOnce: [SpybotDeletingA3455] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\nsIWTHostPlugin.xpt"
mRunOnce: [SpybotDeletingC8508] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\nsIWTHostPlugin.xpt"
mRunOnce: [SpybotDeletingA2176] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\ObjectBundle.dll"
mRunOnce: [SpybotDeletingC139] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\ObjectBundle.dll"
mRunOnce: [SpybotDeletingA5471] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\rdriver.dll"
mRunOnce: [SpybotDeletingC4308] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\rdriver.dll"
mRunOnce: [SpybotDeletingA388] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\Sound.dll"
mRunOnce: [SpybotDeletingC8227] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\Sound.dll"
mRunOnce: [SpybotDeletingA8272] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\wdcaps.ded"
mRunOnce: [SpybotDeletingC7833] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\wdcaps.ded"
mRunOnce: [SpybotDeletingA5373] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\wdengine.dll"
mRunOnce: [SpybotDeletingC1682] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\wdengine.dll"
mRunOnce: [SpybotDeletingA702] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331.cdanfo"
mRunOnce: [SpybotDeletingC7680] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331.cdanfo"
mRunOnce: [SpybotDeletingA2559] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331_fileList.cdas"
mRunOnce: [SpybotDeletingC7479] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331_fileList.cdas"
mRunOnce: [SpybotDeletingA9921] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331_Uninstall.cdas"
mRunOnce: [SpybotDeletingC5186] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331_Uninstall.cdas"
mRunOnce: [SpybotDeletingA1939] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\webdriver.dll"
mRunOnce: [SpybotDeletingC4795] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\webdriver.dll"
mRunOnce: [SpybotDeletingA4425] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\WTHostCtl.dll"
mRunOnce: [SpybotDeletingC4585] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\WTHostCtl.dll"
mRunOnce: [SpybotDeletingA6336] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\wtmulti.dll"
mRunOnce: [SpybotDeletingC4301] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\wtmulti.dll"
mRunOnce: [SpybotDeletingA431] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\wtmulti.jar"
mRunOnce: [SpybotDeletingC9393] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\wtmulti.jar"
mRunOnce: [SpybotDeletingA8805] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\wtvh.dll"
mRunOnce: [SpybotDeletingC7097] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\wtvh.dll"
mRunOnce: [SpybotDeletingA1555] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\wtwmplug.ax"
mRunOnce: [SpybotDeletingC8828] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\wtwmplug.ax"
mRunOnce: [SpybotDeletingA4015] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\wtwmplug.ini"
mRunOnce: [SpybotDeletingC8396] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\wtwmplug.ini"
mRunOnce: [SpybotDeletingA7123] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\controlpanel\index.html"
mRunOnce: [SpybotDeletingC6058] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\controlpanel\index.html"
mRunOnce: [SpybotDeletingA2798] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\legacy\data.wts"
mRunOnce: [SpybotDeletingC5084] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\legacy\data.wts"
mRunOnce: [SpybotDeletingA9939] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\legacy\webdriver.dll"
mRunOnce: [SpybotDeletingC6131] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\legacy\webdriver.dll"
mRunOnce: [SpybotDeletingA5155] command.com /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\update_info\data.wts"
mRunOnce: [SpybotDeletingC580] cmd.exe /c del "c:\windows\wt\wtupdates\webd\4.1.1\files\update_info\data.wts"
mRunOnce: [SpybotDeletingA3929] command.com /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\install\DRM0302_Uninstall.cdas"
mRunOnce: [SpybotDeletingC2833] cmd.exe /c del "c:\windows\wt\wtupdates\drm\3.2.0.19\install\DRM0302_Uninstall.cdas"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
IE: Display All Images with Full Quality - "c:\program files\netzero\qsacc\appres.dll/228"
IE: Display Image with Full Quality - "c:\program files\netzero\qsacc\appres.dll/227"
IE: {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - c:\program files\icq7.2\ICQ.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/aut ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: Interfaces\{3542C906-0917-4217-B24D-878B5E623772} : NameServer = 192.168.1.2
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\x4l1rn6m.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4c25a9b6 ... g=en-US&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\user\local settings\application data\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
============= SERVICES / DRIVERS ===============
.
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-12-11 239168]
R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2010-12-11 338880]
R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2010-12-11 656320]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-6-26 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-6-26 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-6-26 243152]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-11-1 921952]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-11-1 308136]
R2 ICQ Service;ICQ Service;c:\program files\icq6toolbar\ICQ Service.exe [2011-1-18 247096]
R2 lxec_device;lxec_device;c:\windows\system32\lxeccoms.exe -service --> c:\windows\system32\lxeccoms.exe -service [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 lxecCATSCustConnectService;lxecCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxecserv.exe [2011-4-16 193192]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg9\toolbar\ToolbarBroker.exe [2010-11-1 947528]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2006-7-7 30192]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\pc tools security\pctsAuxs.exe [2010-12-11 366840]
S3 sdCoreService;PC Tools Security Service;c:\program files\pc tools security\pctsSvc.exe [2010-12-11 1150936]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-06-17 19:05:03 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
2011-06-17 19:05:01 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll
2011-06-17 19:04:54 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll
2011-06-17 19:04:54 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
2011-06-17 19:04:54 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
2011-06-17 19:04:49 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll
2011-06-17 19:04:44 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2011-06-17 19:04:40 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll
2011-06-16 21:51:59 -------- d-----w- c:\documents and settings\user\application data\Malwarebytes
2011-06-16 21:51:43 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-16 21:51:42 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-06-16 21:51:38 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-16 21:51:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-06-16 06:39:08 105472 ------w- c:\windows\system32\dllcache\mup.sys
2011-06-07 19:35:34 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2011-06-07 19:35:34 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2011-05-05 16:07:53 243152 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2011-05-02 15:31:52 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 16:11:12 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:11:11 43520 ------w- c:\windows\system32\licmgr10.dll
2011-04-25 16:11:11 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01:22 385024 ------w- c:\windows\system32\html.iec
2011-04-21 13:37:43 105472 ----a-w- c:\windows\system32\drivers\mup.sys
2011-03-22 21:32:17 4259 --sha-w- c:\windows\system32\KGyGaAvL.sys
.
============= FINISH: 15:50:04.67 ===============
snailed
Active Member
 
Posts: 11
Joined: June 3rd, 2011, 7:18 pm
Advertisement
Register to Remove

Re: Gmail continues to be hacked.

Unread postby snailed » June 19th, 2011, 6:58 pm

attach.log

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-12.02)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 6/17/2010 1:34:54 PM
System Uptime: 6/19/2011 12:56:27 PM (3 hours ago)
.
Motherboard: Dell Inc. | | 0RJ272
Processor: Intel(R) Celeron(R) M processor 1.50GHz | Microprocessor | 1496/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 34 GiB total, 18.422 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP87: 3/19/2011 7:22:10 PM - System Checkpoint
RP88: 3/21/2011 8:26:07 PM - System Checkpoint
RP89: 3/23/2011 3:15:51 AM - System Checkpoint
RP90: 3/24/2011 12:19:49 PM - System Checkpoint
RP91: 3/24/2011 11:32:03 PM - Software Distribution Service 3.0
RP92: 3/27/2011 6:41:01 AM - System Checkpoint
RP93: 3/30/2011 4:11:22 PM - System Checkpoint
RP94: 3/31/2011 10:54:25 PM - System Checkpoint
RP95: 4/2/2011 12:46:06 PM - System Checkpoint
RP96: 4/4/2011 12:20:28 AM - System Checkpoint
RP97: 4/5/2011 10:02:18 PM - System Checkpoint
RP98: 4/7/2011 3:38:55 PM - System Checkpoint
RP99: 4/9/2011 12:03:41 PM - System Checkpoint
RP100: 4/10/2011 1:15:24 PM - System Checkpoint
RP101: 4/10/2011 11:14:44 PM - Installed Windows Internet Explorer 8.
RP102: 4/10/2011 11:17:17 PM - Software Distribution Service 3.0
RP103: 4/11/2011 10:01:02 AM - Software Distribution Service 3.0
RP104: 4/11/2011 12:12:39 PM - Software Distribution Service 3.0
RP105: 4/13/2011 11:02:21 AM - System Checkpoint
RP106: 4/14/2011 6:16:31 PM - System Checkpoint
RP107: 4/15/2011 12:03:09 AM - Software Distribution Service 3.0
RP108: 4/16/2011 6:19:13 AM - System Checkpoint
RP109: 4/17/2011 2:00:27 PM - System Checkpoint
RP110: 4/19/2011 10:38:09 AM - System Checkpoint
RP111: 4/20/2011 11:52:32 AM - System Checkpoint
RP112: 4/21/2011 5:40:55 PM - System Checkpoint
RP113: 4/22/2011 9:27:35 PM - System Checkpoint
RP114: 4/23/2011 10:31:20 PM - System Checkpoint
RP115: 4/28/2011 8:55:33 AM - Software Distribution Service 3.0
RP116: 4/29/2011 10:47:03 AM - System Checkpoint
RP117: 4/30/2011 11:25:22 AM - System Checkpoint
RP118: 5/2/2011 4:08:53 PM - System Checkpoint
RP119: 5/3/2011 5:47:40 PM - System Checkpoint
RP120: 5/5/2011 9:08:08 AM - Avg Update
RP121: 5/6/2011 11:22:26 AM - System Checkpoint
RP122: 5/7/2011 6:48:51 PM - System Checkpoint
RP123: 5/9/2011 11:08:01 AM - Avg Update
RP124: 5/10/2011 11:40:57 AM - System Checkpoint
RP125: 5/11/2011 9:37:55 AM - Avg Update
RP126: 5/12/2011 12:45:16 AM - Software Distribution Service 3.0
RP127: 5/13/2011 6:17:34 PM - System Checkpoint
RP128: 5/15/2011 10:24:55 AM - System Checkpoint
RP129: 5/17/2011 6:34:36 PM - System Checkpoint
RP130: 5/19/2011 2:12:31 PM - System Checkpoint
RP131: 5/20/2011 7:40:27 PM - System Checkpoint
RP132: 5/21/2011 8:51:26 AM - Avg Update
RP133: 5/26/2011 11:36:03 AM - System Checkpoint
RP134: 5/28/2011 11:17:23 AM - System Checkpoint
RP135: 5/30/2011 6:25:29 PM - System Checkpoint
RP136: 6/1/2011 5:53:29 AM - System Checkpoint
RP137: 6/3/2011 7:49:27 PM - System Checkpoint
RP138: 6/6/2011 12:17:34 PM - System Checkpoint
RP139: 6/16/2011 12:04:00 AM - Software Distribution Service 3.0
RP140: 6/16/2011 4:08:37 PM - Removed Get High Speed Internet!
RP141: 6/16/2011 4:10:28 PM - Removed EarthLink setup files
.
==== Installed Programs ======================
.
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.5
AIM 7
America Online (Choose which version to remove)
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Connectivity Services
AOLIcon
Apple Application Support
Apple Software Update
AVG Free 9.0
Broadcom Management Programs
Conexant HDA D110 MDC V.92 Modem
Corel Photo Album 6
Coupon Printer for Windows
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Game Console
Dell Support 3.1
Dell System Restore
Dell Wireless WLAN Card
Digital Content Portal
Digital Line Detect
Documentation & Support Launcher
Download Updater (AOL LLC)
EducateU
ELIcon
Games, Music, & Photos Launcher
Google Desktop
High Definition Audio Driver Package - KB835221
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB981793)
ICQ Toolbar
ICQ7.2
Intel(R) Graphics Media Accelerator Driver for Mobile
Internet Service Offers Launcher
Java 2 Runtime Environment, SE v1.4.2_03
Java Auto Updater
Java(TM) 6 Update 23
Learn2 Player (Uninstall Only)
Lexmark Pro800-Pro900 Series
Malwarebytes' Anti-Malware version 1.51.0.1200
McAfee Security Scan Plus
MCU
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Modem Helper
Mozilla Firefox 4.0.1 (x86 en-US)
MSC
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NetWaiting
NetZero Internet
NetZeroInstallers
Pidgin
PowerDVD 5.5
QuickSet
QuickTime
RealPlayer Basic
Search Assist
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2416400)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2482017)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
ShopAtHome.com Toolbar
Sonic DLA
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Spybot - Search & Destroy
Spyware Doctor with AntiVirus 8.0
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
URL Assistant
Viewpoint Media Player
WebCyberCoach 3.2 Dell
WebFldrs XP
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 3
WordPerfect Office 12
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
6/16/2011 4:08:56 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
6/16/2011 10:37:39 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the lxecCATSCustConnectService service to connect.
6/16/2011 10:37:39 AM, error: Service Control Manager [7000] - The lxecCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
6/14/2011 3:25:12 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
.
==== End Of File ===========================
snailed
Active Member
 
Posts: 11
Joined: June 3rd, 2011, 7:18 pm

Re: Gmail continues to be hacked.

Unread postby NonSuch » June 19th, 2011, 8:26 pm

Please familiarize yourself with the forum rules: >Forum Posting Rules - Please Read<

We're sorry, but it is necessary to close your topic because you have replied to it prior to receiving a response from a helper.

Due to adding on to your topic with your second post it is highly unlikely that you would have received a response. Our helpers are looking for topics with zero responses. When you post replies to your own topic, it no longer has zero responses, and so it appears that you have received help when in fact, you have not.

If you still require help, please open a new thread in the Malware Removal forum and wait for assistance. Please do not run additional programs and/or post additional logs. Just your DDS log to start with is adequate. Your helper will ask for additional logs as needed. DO NOT reply to your own topic until you have received a response from a helper. Be patient. There are others who have been waiting longer than you, so do not expect an immediate reply.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27305
Joined: February 23rd, 2005, 7:08 am
Location: California


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: random/random and 72 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware