|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
|
|
LinkBack | Thread Tools |
06-16-2009, 11:31 AM
|
#1 (permalink) |
|
Registered User
Join Date: Jun 2009
Posts: 4
OS: vista
|
Possible malware? Dds and Gmer log attached...
Hi there! I'm hoping someone can help me with a sort of vague-ish problem. I'm a tech-phobe so appreciate your talents! :( I just am suspicious that something is wrong with my computer. Things are slow, documents getting corrupted, when I close a program down it often just stops responding and I have to go to the task manager to do so... etc.
Here are a few other annoying things that may be pertinent. 1. I found these files in my system32 folder. 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 perfc009.dat perfh009.dat PerfStringBackup I am suspicious of these because they have no publisher name and say they were "modified" yesterday. 2. When I start up, it tells my start up items are blocked. When I open to view them, they all say "in progress" or "started." So I don't know what that means. 3. Long ago, I uninstalled Microsoft Works because I got MS Word 2007. Now it's back. I think it downloaded with a windows update. I can't uninstall it. Every time I try, I get error messages. It asks if I am sure, then says windows installer opens up and says "preparing to remove" and it just stays there for a while. Then this pops up from Microsoft works: "Error 1316.A network error occured while attempted to read from the file C:\Installer\Works9.msi." 4. Finally, and most annoyingly...I have AVG. I USED to use that as my firewall. Last week, or the week before, I got a windows security alert. It said one of my virus controls was not on. It was AVG. HOwever, windows defender is on. I tried to turn that off and turn on AVG. IT won't let me. It says I need permission. I grant it. It acts like it is changing the setting but then...no changes. I don't know if any of this is related. I just know that before a last week, the computer ran fine. I have windows vista. the following is installed as protection: AVG Spybot WinPatrol and I have Cleanup! too that I run from time to time. ACH! Sorry to be so vague. I tried to include as many details as possible. Any help? :( Here is my dss file and the others are attached. ALL suggestions are appreciated! And don't worry about talking down to me--be a simplistic as you want. and THANK YOU SOOOO MUCH! DDS (Ver_09-05-14.01) - NTFSx86 Run by Katie at 12:56:22.09 on Tue 06/16/2009 Internet Explorer: 7.0.6001.18000 ============== Pseudo HJT Report =============== uStart Page = hxxp://wesmirch.com/ uSearch Bar = Preserve uWindow Title = Internet Explorer provided by Dell uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\mpk\MPK.exe BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe mRun: [ECenter] c:\dell\e-center\EULALauncher.exe mRun: [Apoint] c:\program files\delltpad\Apoint.exe mRun: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe" mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe" mRun: [DpAgent] c:\program files\digitalpersona\bin\dpagent.exe mRun: [Dell Webcam Central] "c:\program files\dell webcam\dell webcam central\WebcamDell.exe" /mode2 mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe" mRun: [Dell DataSafe Online] "c:\program files\dell datasafe online\DataSafeOnline.exe" /m mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [OA001Cfg.exe] OA001Cfg.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll DPF: Garmin Internet Explorer Plug-In - hxxps://my.garmin.com/mygarmin/m/GarminAxControl.CAB DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www1.snapfish.com/SnapfishActivia.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll Notify: igfxcui - igfxdev.dll AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL,avgrsstx.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL LSA: Notification Packages = scecli DPPWDFLT ================= FIREFOX =================== FF - ProfilePath - c:\users\katie\appdata\roaming\mozilla\firefox\profiles\jd9hp13v.default\ FF - component: c:\program files\digitalpersona\bin\firefoxext\components\dpffcli.dll ============= SERVICES / DRIVERS =============== =============== Created Last 30 ================ 2009-06-16 10:47 <DIR> --d----- c:\programdata\SUPERAntiSpyware.com 2009-06-16 10:47 <DIR> --d----- c:\progra~2\SUPERAntiSpyware.com 2009-06-16 10:46 <DIR> --d----- c:\users\katie\appdata\roaming\SUPERAntiSpyware.com 2009-06-16 10:46 <DIR> --d----- c:\program files\SUPERAntiSpyware 2009-06-16 10:46 <DIR> --d----- c:\program files\common files\Wise Installation Wizard 2009-06-15 12:43 <DIR> --d----- c:\users\katie\appdata\roaming\WinPatrol 2009-06-15 12:43 <DIR> --d----- c:\program files\BillP Studios 2009-06-15 12:19 689 a------- c:\windows\system32\runrefog.lnk 2009-06-15 12:19 689 a------- c:\windows\system32\runkgb.lnk 2009-06-15 12:19 <DIR> --dsh--- c:\windows\system32\MPK 2009-06-15 12:19 <DIR> --dsh--- c:\programdata\MPK 2009-06-15 12:19 <DIR> --dsh--- c:\progra~2\MPK 2009-06-13 23:32 428,544 a------- c:\windows\system32\EncDec.dll 2009-06-13 23:32 293,376 a------- c:\windows\system32\psisdecd.dll 2009-06-13 23:32 217,088 a------- c:\windows\system32\psisrndr.ax 2009-06-13 23:32 177,664 a------- c:\windows\system32\mpg2splt.ax 2009-06-13 23:32 80,896 a------- c:\windows\system32\MSNP.ax 2009-06-11 20:15 <DIR> --d-h--- c:\program files\Zero G Registry 2009-06-11 20:15 <DIR> --d----- c:\program files\NetLogo 4.0.4 2009-06-11 20:14 <DIR> --d-h--- c:\users\katie\InstallAnywhere 2009-06-11 00:28 <DIR> --d----- c:\windows\system32\Adobe 2009-06-10 21:39 2,033,152 a------- c:\windows\system32\win32k.sys 2009-06-10 21:39 636,928 a------- c:\windows\system32\localspl.dll 2009-06-10 21:39 784,896 a------- c:\windows\system32\rpcrt4.dll 2009-06-03 03:01 <DIR> --d----- c:\program files\MSXML 4.0 2009-06-01 19:45 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2009-06-01 19:02 20 ----h--- c:\programdata\PKP_DLdw.DAT 2009-06-01 19:02 20 ----h--- c:\progra~2\PKP_DLdw.DAT 2009-06-01 19:00 <DIR> --d----- c:\program files\common files\muvee Technologies 2009-06-01 19:00 <DIR> --d----- c:\programdata\Nikon 2009-06-01 19:00 <DIR> --d----- c:\program files\common files\Nikon 2009-06-01 19:00 <DIR> --d----- c:\program files\Nikon 2009-06-01 18:57 <DIR> --d----- c:\programdata\Ultima_T15 2009-06-01 18:57 <DIR> --d----- c:\programdata\EnterNHelp 2009-06-01 18:57 20 ----h--- c:\programdata\PKP_DLdu.DAT 2009-06-01 18:57 20 ----h--- c:\progra~2\PKP_DLdu.DAT ==================== Find3M ==================== 2009-06-16 10:19 17,408 a------- c:\windows\system32\rpcnetp.exe 2009-06-16 10:19 56,680 a------- c:\windows\system32\rpcnet.dll 2009-06-01 18:57 106,496 a------- c:\windows\system32\ATL71.DLL 2009-05-26 13:20 40,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-05-26 13:19 19,096 a------- c:\windows\system32\drivers\mbam.sys 2009-05-22 13:59 56,680 a------- c:\windows\system32\rpcnet.exe 2009-05-03 08:02 325,896 a------- c:\windows\system32\drivers\avgldx86.sys 2009-05-03 08:02 11,952 a------- c:\windows\system32\avgrsstx.dll 2009-05-03 08:02 108,552 a------- c:\windows\system32\drivers\avgtdix.sys 2009-04-28 20:19 56 a---h--- c:\programdata\ezsidmv.dat 2009-04-28 20:19 56 a---h--- c:\progra~2\ezsidmv.dat 2009-04-24 12:05 827,904 a------- c:\windows\system32\wininet.dll 2009-04-24 12:02 78,336 a------- c:\windows\system32\ieencode.dll 2009-04-24 09:44 26,624 a------- c:\windows\system32\ieUnatt.exe 2009-03-31 17:56 51,200 a------- c:\windows\inf\infpub.dat 2009-03-31 17:56 143,360 a------- c:\windows\inf\infstrng.dat 2009-03-31 17:56 86,016 a------- c:\windows\inf\infstor.dat 2009-03-25 18:55 33,280 a------- c:\windows\system32\identprv.dll 2009-01-31 09:46 8,318,896 a------- c:\users\katie\appdata\roaming\DataSafeDotNet.exe 2009-01-05 15:53 790 a------- c:\users\katie\appdata\roaming\wklnhst.dat 2008-10-24 10:13 61,224 a------- c:\users\katie\GoToAssistDownloadHelper.exe 2008-10-19 14:19 1,844 a------- c:\users\katie\appdata\roaming\install.dat 2008-09-29 14:10 665,600 a------- c:\windows\inf\drvindex.dat 2008-01-20 22:43 174 a--sh--- c:\program files\desktop.ini 2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat 2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat 2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat 2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat 2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat 2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat 2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat 2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat 2008-09-29 11:37 76 ---shr-- c:\windows\CT4CET.bin ============= FINISH: 12:56:45.29 =============== Attach.txt ark.txt |
|
     |
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
| Thread Tools | |
|
|
