|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Virus/Trojan/Spyware Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help. |
 |
|
|
LinkBack | Thread Tools |
06-17-2009, 04:40 PM
|
#1 (permalink) |
|
Registered User
Join Date: Jun 2009
Posts: 4
OS: Vista
|
Wondering If I'm Okay?
Hello, I just installed a new antivirus and wanted to make sure the old didn't leave anything behind. The logs asked for are attached. Thank you. I run Avast! Home 4.8, and I know I only have IE 7, but I don't use it, only Firefox.
DDS (Ver_09-05-14.01) - NTFSx86 Run by Michael at 18:05:37.65 on Wed 06/17/2009 Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_13 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2814.1614 [GMT -4:00] SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\rundll32.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\SMINST\BLService.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Windows\System32\rundll32.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Stardock\CursorFX\CursorFX.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\taskeng.exe C:\Program Files\Secunia\PSI\psi.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\Michael\Downloads\dds.scr C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [CursorFX] "c:\program files\stardock\cursorfx\CursorFX.exe" mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" update "software\cyberlink\youcam\2.0" mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe" mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll ================= FIREFOX =================== FF - ProfilePath - c:\users\michael\appdata\roaming\mozilla\firefox\profiles\il35fyu6.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.live.com/ FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\users\michael\appdata\roaming\mozilla\plugins\npoctoshape.dll ============= SERVICES / DRIVERS =============== R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-12-24 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-12-24 20560] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2008-12-24 51792] R2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\sminst\BLService.exe [2008-8-4 361808] R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2008-8-4 193840] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-5-9 43040] R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2009-3-24 7808] =============== Created Last 30 ================ 2009-06-16 20:57 170,496 a------- c:\windows\system32\tcpipcfg.dll 2009-06-16 20:57 22,528 a------- c:\windows\system32\netiougc.exe 2009-06-16 20:53 <DIR> --d----- c:\programdata\CheckPoint 2009-06-16 20:53 <DIR> --d----- c:\progra~2\CheckPoint 2009-06-16 20:53 <DIR> --d----- c:\windows\Internet Logs 2009-06-16 20:38 <DIR> --d----- c:\users\michael\appdata\roaming\PeerNetworking 2009-06-16 19:26 <DIR> --d----- c:\program files\Trend Micro 2009-06-16 18:56 <DIR> --d----- c:\users\michael\appdata\roaming\Malwarebytes 2009-06-16 18:56 40,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-16 18:56 <DIR> --d----- c:\programdata\Malwarebytes 2009-06-16 18:56 <DIR> --d----- c:\progra~2\Malwarebytes 2009-06-16 18:56 19,096 a------- c:\windows\system32\drivers\mbam.sys 2009-06-16 18:56 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2009-06-14 09:44 428,544 a------- c:\windows\system32\EncDec.dll 2009-06-14 09:44 293,376 a------- c:\windows\system32\psisdecd.dll 2009-06-14 09:44 217,088 a------- c:\windows\system32\psisrndr.ax 2009-06-14 09:43 177,664 a------- c:\windows\system32\mpg2splt.ax 2009-06-14 09:43 80,896 a------- c:\windows\system32\MSNP.ax 2009-06-11 18:04 22,912 a------- c:\windows\system32\drivers\lgusbmodem.sys 2009-06-11 18:04 21,248 a------- c:\windows\system32\drivers\lgusbdiag.sys 2009-06-11 18:04 12,672 a------- c:\windows\system32\drivers\lgusbbus.sys 2009-06-11 18:04 <DIR> --d----- c:\program files\LG Electronics 2009-06-09 21:36 <DIR> --d----- c:\programdata\NortonInstaller 2009-06-09 21:36 <DIR> --d----- c:\progra~2\NortonInstaller 2009-06-09 21:33 <DIR> --d----- c:\users\michael\appdata\roaming\GetRightToGo 2009-06-04 16:50 <DIR> --d----- c:\program files\Microsoft 2009-06-04 16:49 <DIR> --d----- c:\program files\Windows Live SkyDrive 2009-06-04 16:47 3,426,072 a------- c:\windows\system32\d3dx9_32.dll 2009-06-04 16:47 <DIR> --d----- c:\program files\Microsoft SQL Server Compact Edition 2009-06-04 16:39 <DIR> --d----- c:\program files\common files\Windows Live 2009-06-02 16:20 <DIR> --d----- c:\programdata\Apple Computer 2009-05-29 18:01 32 a----r-- c:\programdata\hash.dat 2009-05-29 18:01 32 a----r-- c:\progra~2\hash.dat 2009-05-29 15:02 116,839 a------- c:\windows\hpqins00.dat 2009-05-27 12:50 299,008 a------- c:\windows\system32\TubeFinder.exe 2009-05-27 12:50 364,544 a------- c:\windows\system32\PropertyGrid.ocx 2009-05-27 12:50 208,500 a------- c:\windows\system32\ReyXpBasics.tlb 2009-05-27 12:50 119,568 a------- c:\windows\system32\VB6FR.DLL 2009-05-27 12:50 101,888 a------- c:\windows\system32\VB6STKIT.DLL 2009-05-27 12:50 84,512 a------- c:\windows\system32\PICCLP32.OCX 2009-05-27 12:50 9,728 a------- c:\windows\system32\PCCLPFR.DLL 2009-05-27 12:50 152,848 a------- c:\windows\system32\COMDLG32.OCX 2009-05-27 12:50 141,312 a------- c:\windows\system32\MSCMCFR.DLL 2009-05-27 12:50 32,768 a------- c:\windows\system32\CMDLGFR.DLL 2009-05-27 12:50 24,576 a------- c:\windows\system32\ControlSubX.ocx 2009-05-27 11:32 <DIR> --d----- c:\windows\Replay Converter 3 2009-05-26 17:18 90,112 a------- c:\windows\system32\QuickTimeVR.qtx 2009-05-26 17:18 57,344 a------- c:\windows\system32\QuickTime.qts 2009-05-21 16:06 <DIR> --d----- c:\program files\Windows Media Components 2009-05-21 16:04 <DIR> --d----- c:\programdata\Ulead Systems 2009-05-21 15:57 <DIR> --d----- c:\program files\Corel ==================== Find3M ==================== 2009-06-16 21:37 86,016 a------- c:\windows\inf\infstrng.dat 2009-06-16 21:37 86,016 a------- c:\windows\inf\infstor.dat 2009-06-16 21:37 51,200 a------- c:\windows\inf\infpub.dat 2009-06-16 21:37 139,681 a------- c:\programdata\nvModes.dat 2009-06-16 21:37 139,681 a------- c:\progra~2\nvModes.dat 2009-05-31 19:50 2,560 a------- c:\windows\_MSRSTRT.EXE 2009-05-09 19:15 34 a------- c:\users\michael\jagex_runescape_preferences.dat 2009-04-24 12:05 827,904 a------- c:\windows\system32\wininet.dll 2009-04-24 12:02 78,336 a------- c:\windows\system32\ieencode.dll 2009-04-24 09:44 26,624 a------- c:\windows\system32\ieUnatt.exe 2009-04-23 08:43 784,896 a------- c:\windows\system32\rpcrt4.dll 2009-04-23 08:42 636,928 a------- c:\windows\system32\localspl.dll 2009-04-21 07:55 2,033,152 a------- c:\windows\system32\win32k.sys 2009-04-01 16:34 137,421 a------- c:\windows\HPHins15.dat 2009-03-31 15:35 17,160 a------- c:\windows\help\oem\scripts\HC_TotalCareAdvisorUpdate.exe 2009-03-30 17:30 17,160 a------- c:\windows\help\oem\scripts\HC_DanzkaDubraBIOSUpdate.exe 2009-03-26 15:26 410,984 a------- c:\windows\system32\deploytk.dll 2008-12-29 19:57 262,144 a------- c:\progra~2\ntuser.dat 2008-12-29 09:58 0 a------- c:\users\michael\appdata\roaming\wklnhst.dat 2008-08-04 11:10 665,600 a------- c:\windows\inf\drvindex.dat 2008-01-20 22:43 174 a--sh--- c:\program files\desktop.ini 2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat 2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat 2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat 2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat 2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat 2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat 2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat 2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat ============= FINISH: 18  02.04 ===============
|
|
     
|
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
| Thread Tools | |
|
|
