Inactive My computer was infected, but is it still?

Status
Not open for further replies.
C

CrazyHorse

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5591

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

24/01/2011 23:43:25
mbam-log-2011-01-24 (23-43-25).txt

Scan type: Quick scan
Objects scanned: 150295
Time elapsed: 1 minute(s), 28 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by CrazyHorse at 0:34:53.47 on 25/01/2011
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.353.1033.18.4094.2539 [GMT 0:00]

AV: AVG Internet Security 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}

============== Running Processes ===============

C:\PROGRA~2\AVG\AVG10\avgchsva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG10\avgfws.exe
C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
C:\Windows\SysWOW64\svchost.exe -k netsvcs
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files (x86)\AVG\AVG10\avgam.exe
C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
C:\Program Files (x86)\AVG\AVG10\avgemca.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\PROGRA~1\HEWLET~1\HPREMO~1\HPREMO~1.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\wuauclt.exe
C:\PROGRA~2\AVG\AVG10\avgrsa.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Users\CrazyHorse\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\CrazyHorse\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\CrazyHorse\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\CrazyHorse\Desktop\dds.scr
C:\Windows\SysWOW64\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=93&bd=Pavilion&pf=cndt
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=93&bd=Pavilion&pf=cndt
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=93&bd=Pavilion&pf=cndt
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=93&bd=Pavilion&pf=cndt
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
mWinlogon: Userinit=C:\WINDOWS\system32\userinit.exe
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY
uRun: [Google Update] "C:\Users\CrazyHorse\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [UpdateLBPShortCut] "c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
mRun: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
mRun: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
SEH: EasyBits ShellExecute Hook: {e54729e8-bb3d-4270-9d49-7389ea579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [HP Remote Software] C:\Program Files\Hewlett-Packard\HP Remote\HP REMOTE V1.0.5.exe
mRun-x64: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2010-7-12 57696]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-12-8 308304]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-11-12 382032]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/06/11 16:30:21];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2009-6-11 146928]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG10\avgfws.exe [2010-11-22 3226632]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-1-6 6128720]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]
R2 ezSharedSvc;Easybits Shared Services for Windows;C:\Windows\system32\svchost.exe -k netsvcs [2008-1-21 27648]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-19 133712]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-19 35920]
R3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;C:\Windows\System32\drivers\netr28ux.sys [2011-1-18 804864]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-1-18 517448]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2011-1-18 93184]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\PC-Doctor for Windows\pcdsrvc_x64.pkms [2009-2-2 23536]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-21 19968]

=============== Created Last 30 ================

2011-01-24 23:40:46 -------- d-----w- C:\Users\CRAZYH~1\AppData\Roaming\Malwarebytes
2011-01-24 23:40:42 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-01-24 23:40:42 -------- d-----w- C:\PROGRA~3\Malwarebytes
2011-01-24 23:40:39 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-01-24 23:40:39 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-01-21 09:48:30 -------- d-----w- C:\Windows\SysWow64\wbem\Logs
2011-01-21 06:58:20 -------- d-sh--w- C:\$RECYCLE.BIN
2011-01-20 22:13:58 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-01-19 13:49:56 -------- d-----w- C:\Users\CRAZYH~1\AppData\Roaming\WinBatch
2011-01-19 08:24:51 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2011-01-18 18:18:24 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2011-01-18 18:18:24 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2011-01-18 18:18:24 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2011-01-18 18:18:24 444752 ----a-w- C:\Windows\System32\mscoree.dll
2011-01-18 18:18:24 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2011-01-18 18:18:24 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2011-01-18 18:18:24 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2011-01-18 18:18:24 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2011-01-18 18:18:24 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2011-01-18 18:18:24 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2011-01-18 17:34:49 442368 ----a-w- C:\Windows\System32\winhttp.dll
2011-01-18 17:34:48 378368 ----a-w- C:\Windows\SysWow64\winhttp.dll
2011-01-18 17:34:43 28160 ----a-w- C:\Windows\System32\drivers\en-US\http.sys.mui
2011-01-18 17:32:57 461824 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-01-18 17:32:57 179712 ----a-w- C:\Windows\System32\srvsvc.dll
2011-01-18 17:32:57 144896 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-01-18 17:32:56 175104 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-01-18 17:32:54 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2011-01-18 17:32:54 12288 ----a-w- C:\Windows\System32\sscore.dll
2011-01-18 17:32:53 17920 ----a-w- C:\Windows\SysWow64\netevent.dll
2011-01-18 17:32:53 17920 ----a-w- C:\Windows\System32\netevent.dll
2011-01-18 17:31:47 975360 ----a-w- C:\Windows\System32\inetcomm.dll
2011-01-18 17:31:47 738816 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-01-18 14:21:06 -------- d-----w- C:\Users\CRAZYH~1\AppData\Roaming\AVG
2011-01-18 14:11:53 -------- d-----w- C:\Users\CRAZYH~1\AppData\Roaming\AVG10
2011-01-18 14:11:27 -------- d--h--w- C:\PROGRA~3\Common Files
2011-01-18 14:11:04 -------- d-----w- C:\PROGRA~3\AVG Security Toolbar
2011-01-18 14:10:35 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2011-01-18 14:09:39 -------- d-----w- C:\Windows\System32\drivers\AVG
2011-01-18 14:09:39 -------- d-----w- C:\PROGRA~3\AVG10
2011-01-18 14:08:32 -------- d-----w- C:\Program Files (x86)\AVG
2011-01-18 13:50:33 316416 ----a-w- C:\Windows\System32\msshsq.dll
2011-01-18 13:50:33 231936 ----a-w- C:\Windows\SysWow64\msshsq.dll
2011-01-18 13:27:49 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-01-18 13:19:33 49160 ----a-w- C:\Windows\System32\infocardcpl.cpl
2011-01-18 13:19:33 37384 ----a-w- C:\Windows\SysWow64\infocardcpl.cpl
2011-01-18 13:19:31 11264 ----a-w- C:\Windows\SysWow64\icardres.dll
2011-01-18 13:19:31 11264 ----a-w- C:\Windows\System32\icardres.dll
2011-01-18 13:19:30 97800 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2011-01-18 13:19:30 781344 ----a-w- C:\Windows\SysWow64\PresentationNative_v0300.dll
2011-01-18 13:19:30 622080 ----a-w- C:\Windows\SysWow64\icardagt.exe
2011-01-18 13:19:30 167432 ----a-w- C:\Windows\System32\infocardapi.dll
2011-01-18 13:19:30 1383936 ----a-w- C:\Windows\System32\icardagt.exe
2011-01-18 13:19:30 1168928 ----a-w- C:\Windows\System32\PresentationNative_v0300.dll
2011-01-18 13:19:26 126520 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2011-01-18 13:19:26 105016 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2011-01-18 13:11:26 158720 ----a-w- C:\Windows\SysWow64\mscorier.dll
2011-01-18 13:11:26 158208 ----a-w- C:\Windows\System32\mscorier.dll
2011-01-18 13:11:24 83968 ----a-w- C:\Windows\SysWow64\mscories.dll
2011-01-18 13:11:24 76288 ----a-w- C:\Windows\System32\mscories.dll
2011-01-18 13:08:44 32768 ----a-w- C:\Windows\System32\nshhttp.dll
2011-01-18 13:08:44 24064 ----a-w- C:\Windows\SysWow64\nshhttp.dll
2011-01-18 13:08:43 610304 ----a-w- C:\Windows\System32\drivers\http.sys
2011-01-18 13:08:43 33792 ----a-w- C:\Windows\System32\httpapi.dll
2011-01-18 13:08:43 31232 ----a-w- C:\Windows\SysWow64\httpapi.dll
2011-01-18 13:06:20 80896 ----a-w- C:\Windows\SysWow64\MSNP.ax
2011-01-18 13:06:20 227328 ----a-w- C:\Windows\System32\mpg2splt.ax
2011-01-18 13:06:20 177664 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2011-01-18 13:06:20 101376 ----a-w- C:\Windows\System32\MSNP.ax
2011-01-18 13:06:18 375808 ----a-w- C:\Windows\System32\psisdecd.dll
2011-01-18 13:06:18 293376 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2011-01-18 13:06:17 558592 ----a-w- C:\Windows\System32\EncDec.dll
2011-01-18 13:06:17 428544 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-01-18 13:06:17 289792 ----a-w- C:\Windows\System32\psisrndr.ax
2011-01-18 13:06:17 217088 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2011-01-18 12:22:34 372736 ----a-w- C:\Windows\System32\unregmp2.exe
2011-01-18 12:22:34 310784 ----a-w- C:\Windows\SysWow64\unregmp2.exe
2011-01-18 12:22:34 1486848 ----a-w- C:\Program Files\Windows Media Player\setup_wm.exe
2011-01-18 12:22:34 1418752 ----a-w- C:\Program Files (x86)\Windows Media Player\setup_wm.exe
2011-01-18 12:22:24 324608 ----a-w- C:\Windows\System32\PortableDeviceApi.dll
2011-01-18 12:22:24 241152 ----a-w- C:\Windows\SysWow64\PortableDeviceApi.dll
2011-01-18 12:22:22 32256 ----a-w- C:\Windows\System32\Apphlpdm.dll
2011-01-18 12:22:19 4240384 ----a-w- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
2011-01-18 12:22:19 4240384 ----a-w- C:\Windows\System32\GameUXLegacyGDFs.dll
2011-01-18 12:22:19 28672 ----a-w- C:\Windows\SysWow64\Apphlpdm.dll
2011-01-18 12:22:18 880640 ----a-w- C:\Windows\System32\timedate.cpl
2011-01-18 12:22:18 714240 ----a-w- C:\Windows\SysWow64\timedate.cpl
2011-01-18 12:21:54 176640 ----a-w- C:\Windows\System32\Faultrep.dll
2011-01-18 12:21:53 147456 ----a-w- C:\Windows\SysWow64\Faultrep.dll
2011-01-18 12:21:53 120832 ----a-w- C:\Windows\System32\wersvc.dll
2011-01-18 12:15:59 317952 ----a-w- C:\Windows\SysWow64\MP4SDECD.DLL
2011-01-18 12:15:59 295424 ----a-w- C:\Windows\System32\MP4SDECD.DLL
2011-01-18 12:15:58 267776 ----a-w- C:\Windows\System32\spoolsv.exe
2011-01-18 12:15:57 81920 ----a-w- C:\Windows\SysWow64\iccvid.dll
2011-01-18 12:15:54 96256 ----a-w- C:\Windows\System32\fontsub.dll
2011-01-18 12:15:54 72704 ----a-w- C:\Windows\SysWow64\fontsub.dll
2011-01-18 12:15:54 48128 ----a-w- C:\Windows\System32\atmlib.dll
2011-01-18 12:15:54 367104 ----a-w- C:\Windows\System32\atmfd.dll
2011-01-18 12:15:54 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-01-18 12:15:54 292352 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-01-18 12:15:54 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
2011-01-18 12:13:48 87552 ----a-w- C:\Windows\System32\consent.exe
2011-01-18 12:11:40 9728 ----a-w- C:\Windows\SysWow64\TCPSVCS.EXE
2011-01-18 12:10:52 368128 ----a-w- C:\Windows\System32\wmpdxm.dll
2011-01-18 12:01:39 3765288 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-01-18 12:01:37 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{146A8F2D-C571-4B76-BD10-8127504CD2F3}\mpengine.dll
2011-01-18 12:01:36 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-01-18 11:50:13 104960 ----a-w- C:\Windows\System32\cabview.dll
2011-01-18 11:50:12 98304 ----a-w- C:\Windows\SysWow64\cabview.dll
2011-01-18 11:50:01 218112 ----a-w- C:\Windows\System32\wintrust.dll
2011-01-18 11:50:01 171520 ----a-w- C:\Windows\SysWow64\wintrust.dll
2011-01-18 11:49:11 -------- d-----w- C:\PROGRA~3\MFAData
2011-01-18 11:44:34 -------- d-----w- C:\Users\CRAZYH~1\AppData\Local\Google
2011-01-18 11:44:24 -------- d-----w- C:\Users\CRAZYH~1\AppData\Local\Deployment
2011-01-18 11:44:24 -------- d-----w- C:\Users\CRAZYH~1\AppData\Local\Apps
2011-01-18 11:37:38 804864 ----a-w- C:\Windows\System32\drivers\netr28ux.sys
2011-01-18 11:37:38 305664 ----a-w- C:\Windows\System32\RaCoInstx.dll
2011-01-18 11:37:38 -------- d-----w- C:\Program Files (x86)\Belkin
2011-01-18 11:26:39 -------- d-----w- C:\Users\CRAZYH~1\AppData\Local\ATI
2011-01-18 11:25:42 -------- d-----w- C:\Users\CRAZYH~1\AppData\Local\Hewlett-Packard
2011-01-18 11:25:19 -------- d-----w- C:\Users\CRAZYH~1\AppData\Local\VirtualStore
2011-01-18 11:25:14 -------- d-----w- C:\Users\CRAZYH~1\AppData\Local\Hewlett-Packard_Company
2011-01-18 11:22:23 -------- d-----w- C:\Users\CRAZYH~1\AppData\Roaming\HP TCS
2011-01-18 11:16:52 -------- d-sh--we C:\Documents and Settings

==================== Find3M ====================

2011-01-18 12:53:54 588472 ----a-w- C:\Windows\SysWow64\ezsvc7x.dll
2010-12-28 15:26:13 462848 ----a-w- C:\Windows\System32\odbc32.dll
2010-12-28 14:57:35 409600 ----a-w- C:\Windows\SysWow64\odbc32.dll
2010-12-14 16:20:18 1251840 ----a-w- C:\Windows\System32\sdclt.exe
2010-12-08 04:12:36 308304 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2010-11-12 13:19:38 382032 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2010-11-06 11:10:13 357376 ----a-w- C:\Windows\SysWow64\taskschd.dll
2010-11-06 11:10:13 270336 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2010-11-06 04:35:53 499712 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2010-11-06 04:35:30 655872 ----a-w- C:\Windows\System32\taskschd.dll
2010-11-06 04:35:30 410112 ----a-w- C:\Windows\System32\taskcomp.dll
2010-11-06 04:35:16 854528 ----a-w- C:\Windows\System32\schedsvc.dll
2010-11-05 00:53:47 171520 ----a-w- C:\Windows\SysWow64\taskeng.exe
2010-11-04 21:16:05 267776 ----a-w- C:\Windows\System32\taskeng.exe
2010-10-28 13:17:36 2048 ----a-w- C:\Windows\System32\tzres.dll
2010-10-28 12:56:58 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

============= FINISH: 0:35:16.01 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 18/01/2011 10:11:15
System Uptime: 25/01/2011 00:12:52 (0 hours ago)

Motherboard: PEGATRON CORPORATION | | NARRA5
Processor: AMD Phenom(tm) 9650 Quad-Core Processor | Socket AM2 | 2300/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 451 GiB total, 387.319 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 2.133 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================


==== Installed Programs ======================

ActiveCheck component for HP Active Support Library
Adobe Flash Player 10 ActiveX
AVG PC Tuneup 2011
Belkin Wireless USB Adapter Setup
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Compatibility Pack for the 2007 Office system
CyberLink DVD Suite Deluxe
DirectX for Managed Code Update (Summer 2004)
Google Chrome
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Advisor
HP Customer Experience Enhancements
HP Games
HP MediaSmart Demo
HP MediaSmart DVD
HP MediaSmart Music/Photo/Video
HP Odometer
HP Picasso Media Center Add-In
HP Recovery Manager RSS
HP Support Information
HP Total Care Setup
HP Update
HPAsset component for HP Active Support Library
Java Auto Updater
Java(TM) 6 Update 23
LabelPrint
LightScribe System Software
Magic Desktop
Malwarebytes' Anti-Malware
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Power2Go
PowerDirector
Python 2.6 pywin32-212
Python 2.6.1
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Skins
sp44626
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Visual Studio 2008 x64 Redistributables

==== End Of File ===========================


I had to recover to factory settings, so not sure if it is as of yet clean.

And although I do not mean to sound unmannerly, time is of the essence :)

Thanks in advance.
 
If you restored computer to factory settings, I don't see any reason for your computer to be infected.
 
Ok, I see your point of view.

But, when recovering it to factory settings, It also installs software that came with the computer. Isn't there a chance something could be hidding in the software, or recovery partition?
 
Status
Not open for further replies.

Similar threads

wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni
E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni
S
  • Locked
Inactive Am I infected?
Replies
8
Views
3K
Broni
Broni

Latest posts

Back