|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Virus/Trojan/Spyware Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help. |
 |
|
|
LinkBack | Thread Tools |
05-16-2009, 08:15 PM
|
#1 (permalink) |
|
Registered User
Join Date: May 2009
Posts: 4
OS: XP
|
Win32/Heur - Need help NOW Please!
DDS (Ver_09-05-14.01) - NTFSx86
Run by krizz at 4:12:12,57 on 2009-05-17 Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_11 Microsoft Windows XP Professional 5.1.2600.3.1252.46.1053.18.2047.1288 [GMT 2:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\Explorer.EXE svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program\AVG\AVG8\avgtray.exe C:\Program\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program\Windows Live\Messenger\MsnMsgr.Exe C:\Program\DAEMON Tools Lite\daemon.exe C:\Program\Steam\Steam.exe C:\Program\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program\AVG\AVG8\avgwdsvc.exe C:\Program\Java\jre6\bin\jqs.exe C:\Program\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program\AVG\AVG8\avgrsx.exe C:\Program\AVG\AVG8\avgemc.exe C:\Program\AVG\AVG8\avgnsx.exe C:\Program\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\system32\wscntfy.exe C:\Program\Windows Live\Messenger\usnsvc.exe C:\Program\Java\jre6\bin\jucheck.exe C:\Program\Mozilla Firefox\firefox.exe C:\Documents and Settings\krizz\Skrivbord\dds.scr C:\Program\AVG\AVG8\avgcsrvx.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.se/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program\avg\avg8\avgssie.dll BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program\java\jre6\bin\ssv.dll BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program\delade filer\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [MsnMsgr] "c:\program\windows live\messenger\MsnMsgr.Exe" /background uRun: [WhenUSave] "c:\program\save\Save.exe" uRun: [DAEMON Tools Lite] "c:\program\daemon tools lite\daemon.exe" -autorun uRun: [Steam] "c:\program\steam\Steam.exe" -silent mRun: [SoundMan] SOUNDMAN.EXE mRun: [AVG8_TRAY] c:\program\avg\avg8\avgtray.exe mRun: [Adobe Reader Speed Launcher] "c:\program\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [SunJavaUpdateSched] "c:\program\java\jre6\bin\jusched.exe" mRun: [QuickTime Task] "c:\program\quicktime\QTTask.exe" -atboottime mRun: [StartCCC] "c:\program\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\krizz\start-~1\program\autost~1\adobeg~1.lnk - c:\program\delade filer\adobe\calibration\Adobe Gamma Loader.exe StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\hpoddt~1.lnk - c:\program\hewlett-packard\digital imaging\bin\hpotdd01.exe IE: E&xport to Microsoft Excel - c:\program\micros~2\office12\EXCEL.EXE/3000 IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program\pokerstars\PokerStarsUpdate.exe IE: {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - c:\microgaming\poker\ladbrokesmpp\MPPoker.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\program\micros~2\office12\REFIEBAR.DLL DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1222439513296 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program\avg\avg8\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program\delade~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll Notify: avgrsstarter - avgrsstx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\krizz\applic~1\mozilla\firefox\profiles\culm8e8w.default\ FF - plugin: c:\documents and settings\krizz\application data\mozilla\firefox\profiles\culm8e8w.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll FF - plugin: c:\program\veetle\player\npvlc.dll FF - plugin: c:\program\veetle\plugins\npVeetle.dll ---- FIREFOX POLICIES ---- c:\program\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B"); c:\program\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask"); ============= SERVICES / DRIVERS =============== R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-9-26 325896] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-9-26 27784] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-9-26 108552] R2 avg8emc;AVG Free8 E-mail Scanner;c:\program\avg\avg8\avgemc.exe [2008-9-26 908568] R2 avg8wd;AVG Free8 WatchDog;c:\program\avg\avg8\avgwdsvc.exe [2008-9-26 298776] =============== Created Last 30 ================ 2009-05-17 04:00 <DIR> --d----- c:\program\EsetOnlineScanner 2009-05-14 17:57 <DIR> --d----- c:\docume~1\krizz\applic~1\Sports Interactive 2009-05-14 17:57 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Sports Interactive 2009-05-14 17:46 <DIR> --d-h--- c:\program\Zero G Registry 2009-05-14 17:46 <DIR> --d----- c:\program\Sports Interactive 2009-05-14 17:45 <DIR> --d-h--- c:\documents and settings\krizz\InstallAnywhere 2009-05-09 16:20 <DIR> --d----- c:\program\ATI 2009-05-09 16:18 85,248 ac------ c:\windows\system32\dllcache\nabtsfec.sys 2009-05-09 16:17 <DIR> --d----- c:\program\ATI Technologies 2009-04-18 17:51 <DIR> --d----- c:\program\Veetle ==================== Find3M ==================== 2009-05-08 11:05 325,896 a------- c:\windows\system32\drivers\avgldx86.sys 2009-05-08 11:05 11,952 a------- c:\windows\system32\avgrsstx.dll 2009-05-08 11:05 108,552 a------- c:\windows\system32\drivers\avgtdix.sys 2009-03-29 13:44 430,036 a------- c:\windows\system32\perfh01D.dat 2009-03-29 13:44 77,388 a------- c:\windows\system32\perfc01D.dat 2009-03-02 00:39 410,984 a------- c:\windows\system32\deploytk.dll 2009-02-25 23:42 442,368 a------- c:\windows\system32\ATIDEMGX.dll 2009-02-25 23:41 325,120 a------- c:\windows\system32\ati2dvag.dll 2009-02-25 23:30 11,841,536 a------- c:\windows\system32\atioglxx.dll 2009-02-25 23:30 204,800 a------- c:\windows\system32\atipdlxx.dll 2009-02-25 23:29 155,648 a------- c:\windows\system32\Oemdspif.dll 2009-02-25 23:29 26,112 a------- c:\windows\system32\Ati2mdxx.exe 2009-02-25 23:29 43,520 a------- c:\windows\system32\ati2edxx.dll 2009-02-25 23:29 155,648 a------- c:\windows\system32\ati2evxx.dll 2009-02-25 23:27 602,112 a------- c:\windows\system32\ati2evxx.exe 2009-02-25 23:26 53,248 a------- c:\windows\system32\ATIDDC.DLL 2009-02-25 23:16 3,817,984 a------- c:\windows\system32\ati3duag.dll 2009-02-25 23:09 307,200 a------- c:\windows\system32\atiiiexx.dll 2009-02-25 22:59 2,670,080 a------- c:\windows\system32\ativvaxx.dll 2009-02-25 22:44 49,664 a------- c:\windows\system32\amdpcom32.dll 2009-02-25 22:40 475,136 a------- c:\windows\system32\atikvmag.dll 2009-02-25 22:38 126,976 a------- c:\windows\system32\atiadlxx.dll 2009-02-25 22:38 17,408 a------- c:\windows\system32\atitvo32.dll 2009-02-25 22:35 290,816 a------- c:\windows\system32\atiok3x2.dll 2009-02-25 22:32 45,056 a------- c:\windows\system32\aticalrt.dll 2009-02-25 22:32 45,056 a------- c:\windows\system32\aticalcl.dll 2009-02-25 22:32 626,688 a------- c:\windows\system32\ati2cqag.dll 2009-02-25 22:30 3,227,648 a------- c:\windows\system32\aticaldd.dll ============= FINISH: 4:12:54,25 =============== |
|
     |
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
05-16-2009, 08:31 PM
|
#2 (permalink) |
|
Moderator, Analyst, Security Team; Rangemaster, TSF Academy
Join Date: Oct 2007
Location: Georgia
Posts: 10,639
OS: XP SP3
|
Re: Win32/Heur - Need help NOW Please!
Hello and Welcome to TSF.
We need to see all 3 logs in order to help you. Please note that this is not a real-time help service. If you need your computer fixed immediately, please take it to a local repair shop. ------------------------------------------------------ Please follow our pre-posting process outlined here: NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help After running through all the steps, you shall have a proper set of logs. Please post them in a new thread, as this one shall be closed. If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply. Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply. ------------------------------------------------------ |
|
|
|
|
| Thread Tools | |
|
|
