InterviewSolution
Saved Bookmarks
InterviewSolution
| 1. |
Solve : need someone to read logs- completed all steps on virus removal.? |
|
Answer» I just want to verify my pc is clean and I want to be able to download service pack 3. i have a dell xps 400 with windows xp.
Both of these need to be uninstalled.
--------- You are missing the other log from DDS but I'm going to take a guess and SAY it isn't needed and your computer is clean.Quote from: evilfantasy on January 09, 2012, 08:55:41 PM Multiple antivirus warning! thanks- i downloaded the comodo firewall per this site malware removal process. it said to disable the windows firewall. maybe i'm confused i thought this was different than avg. i see i have 2011 and 2012. i will delete themAlso, I'm not showing the avg 2011 on my add/remove/uninstall screen. i went ahead and uninstalled the avg2012 and going to reboot. perhaps that will clear both COMODO Internet Security is installed. That includes a Firewall, Antivirus and Antimalware. Personally I would uninstall all of them and use MSE, Avast or AntiVir. (choose only one) But you can just keep the COMODO Suite also. For the Firewall: http://www.majorgeeks.com/PC_Tools_Firewall_Plus_d5470.html But if you do not do a lot of online banking or shopping the Windows XP firewall should do just fine. Quote from: geeray on January 09, 2012, 09:06:59 PM Also, I'm not showing the avg 2011 on my add/remove/uninstall screen. i went ahead and uninstalled the avg2012 and going to reboot. perhaps that will clear both Hopefully it will remove both. . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-06-23.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume2 Install Date: 1/6/2012 9:04:06 AM System Uptime: 1/9/2012 11:10:06 PM (0 hours ago) . Motherboard: Dell Inc. | | 0FJ030 Processor: Intel(R) Pentium(R) D CPU 2.80GHz | Microprocessor | 2793/800mhz Processor: Intel(R) Pentium(R) D CPU 2.80GHz | Microprocessor | 2793/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 228 GiB total, 170.555 GiB free. D: is CDROM () E: is CDROM () F: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Linksys WMP110 RangePlus Wireless PCI Adapter Device ID: PCI\VEN_168C&DEV_0023&SUBSYS_00721737&REV_01\4&5855BE9&0&20F0 Manufacturer: Linksys, A Division of Cisco Systems, Inc. Name: Linksys WMP110 RangePlus Wireless PCI Adapter PNP Device ID: PCI\VEN_168C&DEV_0023&SUBSYS_00721737&REV_01\4&5855BE9&0&20F0 Service: WMP110 . ==== System Restore Points =================== . RP1: 1/6/2012 9:15:55 AM - System Checkpoint RP2: 1/6/2012 10:15:25 AM - Software Distribution Service 3.0 RP3: 1/6/2012 10:43:41 AM - Printer Driver PrimoPDF Installed RP4: 1/6/2012 2:53:56 PM - Software Distribution Service 3.0 RP5: 1/6/2012 3:46:14 PM - Removed Adobe Reader 9.4.6. RP6: 1/6/2012 3:46:42 PM - Installed Adobe Reader X (10.1.1). RP7: 1/6/2012 3:51:14 PM - Software Distribution Service 3.0 RP8: 1/7/2012 3:14:19 AM - Software Distribution Service 3.0 RP9: 1/7/2012 11:19:04 AM - Software Distribution Service 3.0 RP10: 1/8/2012 11:19:36 AM - System Checkpoint RP11: 1/9/2012 3:00:16 AM - Software Distribution Service 3.0 RP12: 1/9/2012 8:31:27 AM - Software Distribution Service 3.0 RP13: 1/9/2012 9:07:29 AM - Software Distribution Service 3.0 RP14: 1/9/2012 9:33:49 AM - Removed Napster RP15: 1/9/2012 9:38:05 PM - Software Distribution Service 3.0 RP16: 1/9/2012 11:06:56 PM - Removed AVG 2012 RP17: 1/9/2012 11:09:16 PM - Removed AVG 2012 . ==== Installed Programs ====================== . 32 Bit HP CIO Components Installer 4500_Help Acrobat.com Adaptec UDF Reader Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader X (10.1.1) Adobe Shockwave Player 11.6 AdvancedEnhancer Any Video Converter 2.1.1 AOLIcon Apple Application Support Apple Mobile Device Support Apple Software Update ATI Control Panel ATI Display Driver AVG 2011 AVG 2012 Bonjour BPD_HPSU bpd_scan BPDSoftware BPDSoftware_Ini BufferChm CCleaner Comodo Dragon COMODO GeekBuddy COMODO Internet Security CustomerResearchQFolder Dell CinePlayer Dell Digital Jukebox Driver Dell Driver Reset Tool Dell Game Console Dell Support Center Dell System Restore DellSupport Destination Component DeviceDiscovery DeviceManagementQFolder Digital Content Portal DocMgr DocProc DocProcQFolder Documentation & Support Launcher DVD Shrink 3.2 DVDFab 7.0.8.2 (17/07/2010) DVDFab Decrypter 3.0.5.0 DVDVideoSoftTB Toolbar EarthLink setup files EducateU ELIcon eSupportQFolder FastStone Image Viewer 2.8 Fax Free Audio CD Burner version 1.4 Free YouTube to MP3 Converter version 3.9 Games, Music, & Photos Launcher GemMaster Mystic Get High Speed Internet! Google Chrome Google Toolbar for Internet Explorer GPBaseService GPBaseService2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows XP (KB915865) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB961118) HP Customer Participation Program 10.0 HP Document Manager 1.0 HP Imaging Device Functions 10.0 HP Officejet J4500 Series HP Photosmart Essential 2.5 HP Smart Web Printing 4.60 HP Solution Center 13.0 HP Update HPProductAssistant HPSSupply Intel Matrix Storage Manager Intel(R) PRO Network Connections Drivers Intel(R) PROSet for Wired Connections Intel(R) Quick Resume Technology Drivers Intel® Viiv™ Internet Service Offers Launcher J4500 Java Auto Updater Java(TM) 6 Update 30 Juniper Networks Setup Client Learn2 Player (Uninstall Only) Linksys WMP110 RangePlus Wireless PCI Adapter Malwarebytes Anti-Malware version 1.60.0.1800 MarketResearch McAfee SiteAdvisor MCU Microsoft .NET Framework 1.0 Hotfix (KB953295) Microsoft .NET Framework 1.0 Hotfix (KB979904) Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2572067) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Plus! Digital Media Edition Installer Microsoft Plus! Photo Story 2 LE Microsoft Silverlight Microsoft Software Update for Web Folders (English) 12 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Move Networks Media Player for Internet Explorer Mozilla Firefox (3.6.18) MSN MSVCSetup MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6 Service Pack 2 (KB973686) Musicmatch for Windows Media Player Musicmatch® Jukebox MySpaceIM Napster Burn Engine NetZeroInstallers OCR Software by I.R.I.S. 10.0 Otto PdaNet for Android 3.02 PrimoPDF -- brought to you by Nitro PDF Software ProductContext PSSWCORE QuickTime RealPlayer RealUpgrade 1.1 Rhapsody Player Engine Samsung Simple Upgrade Tool for SCH-I500 EH09 SAMSUNG USB Driver for Mobile Phones Scan Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB2553089) Security Update for 2007 Microsoft Office System (KB2553090) Security Update for 2007 Microsoft Office System (KB2584063) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office Groove 2007 (KB2552997) Security Update for Microsoft Office InfoPath 2007 (KB2510061) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Security Update for Windows Internet Explorer 7 (KB938127-v2) Security Update for Windows Internet Explorer 7 (KB982381) Security Update for Windows Media Player (KB973540) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB944338-v2) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958470) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971032) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB981349) Security Update for Windows XP (KB981350) Security Update for Windows XP (KB982381) Shop for HP Supplies Skype Toolbars Skype™ 4.2 Smart Link 56K Voice Modem SmartWebPrinting SolutionCenter Sonic Activation Module Sonic Encoders Sonic Update Manager Status SUPERAntiSpyware Free Edition swMSM Toolbox TrayApp U.S. Robotics V.92 PCI Faxmodem Uninstall 1.0.0.1 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office 2007 System (KB2539530) Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office Outlook 2007 (KB2583910) Update for Outlook 2007 Junk Email Filter (KB2596560) Update for Windows XP (KB925720) Update for Windows XP (KB955759) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Update Rollup 2 for Windows XP Media Center Edition 2005 URL Assistant VideoToolkit01 WebCyberCoach 3.2 Dell WebFldrs XP WebReg WildBlue Optimizer Ver 2008-05-01 Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Installer 3.1 (KB893803) Windows Internet Explorer 7 Windows Media Format Runtime Windows Media Player 10 Windows XP Media Center Edition 2005 KB908246 Windows XP Media Center Edition 2005 KB912067 WordPerfect Office 12 YouTube Downloader 3.2 . ==== Event Viewer Messages From Past Week ======== . 1/6/2012 9:15:02 AM, error: BITS [16391] - The BITS job list is not in a recognized format. It may have been created by a different version of BITS. The job list has been cleared. 1/6/2012 9:11:29 AM, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting. 1/6/2012 9:09:05 AM, error: Application Popup [876] - Driver UdfReadr.SYS has been blocked from loading. 1/6/2012 9:07:35 AM, error: Setup [60055] - Windows Setup encountered non-fatal errors during installation. Please check the setuperr.log found in your Windows directory for more information. 1/6/2012 8:56:35 AM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. . 1/6/2012 8:56:35 AM, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 1/6/2012 8:51:00 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service SENS with arguments "" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} 1/6/2012 2:57:39 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x8007f070: Microsoft .NET Framework 1.0 Service Pack 3 Security Update for Windows XP Tablet PC and Media Center (KB953295). 1/6/2012 2:57:34 PM, error: NtServicePack [4379] - Windows XP Hotfix KB953295 installation failed. KB953295 installation did not complete. . ==== End Of File =========================== . DDS (Ver_2011-06-23.01) - NTFSx86 Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_30 Run by Gary Hamlett at 23:16:17 on 2012-01-09 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.440 [GMT -5:00] . FW: COMODO Firewall *Enabled* . ============== Running Processes =============== . C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\WINDOWS\system32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Linksys\WMP110\gtwpssrv.exe C:\WINDOWS\system32\svchost.exe -k hpdevmgmt C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Linksys\WMP110\WLSngS.exe C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\QuickTime\QTTask.exe C:\program files\real\realplayer\update\realsched.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\stsystra.exe C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe C:\Program Files\COMODO\COMODO Internet Security\cfp.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\DellSupport\DSAgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\PdaNet for Android\PdaNetPC.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Documents and Settings\Gary Hamlett\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Gary Hamlett\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Gary Hamlett\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Gary Hamlett\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Gary Hamlett\Local Settings\Application Data\Google\Chrome\Application\chrome.exe . ============== Pseudo HJT Report =============== . uSearch Page = hxxp://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 uSearch Bar = hxxp://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us uStart Page = hxxp://www.facebook.com/ mDefault_Page_URL = hxxp://www.dell.com mSearch Page = uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com uURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\prxtbDVD0.dll BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\prxtbDVD0.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar3.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar3.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll TB: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\prxtbDVD0.dll TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized uRun: [Google Update] "c:\documents and settings\gary hamlett\local settings\application data\google\update\GoogleUpdate.exe" /c mRun: [ehTray] c:\windows\ehome\ehtray.exe mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe" mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe" mRun: [WMP110] c:\program files\linksys\wmp110\WMP110.exe mRun: [hpqSRMon] mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe" mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [SigmatelSysTrayApp] stsystra.exe mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [COMODO] c:\program files\comodo\comodo geekbuddy\CLPSLA.exe mRun: [CPA] c:\program files\comodo\comodo geekbuddy\VALA.exe mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe StartupFolder: c:\docume~1\garyha~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE StartupFolder: c:\docume~1\garyha~1\startm~1\programs\startup\pdanet~1.lnk - c:\program files\pdanet for android\PdaNetPC.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000 IE: Free YouTube to Mp3 Converter - c:\documents and settings\gary hamlett\application data\dvdvideosoftiehelpers\youtubetomp3.htm IE: SAVE YouTube Video as MP3 - c:\program files\common files\dvdvideosoft\dll\IEContextMenuY.dll/scriptY2MP3.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - c:\program files\yahoo!\messenger\YahooMessenger.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader5.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1325862394287 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab TCP: DhcpNameServer = 192.168.9.1 TCP: Interfaces\{4401351D-CF8D-4F8A-BA01-E5BD9E629491} : DhcpNameServer = 192.168.9.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL AppInit_DLLs: c:\windows\system32\guard32.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll LSA: Authentication Packages = msv1_0 nwprovau Hosts: 127.0.0.1www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\gary hamlett\application data\mozilla\firefox\profiles\yd6w8dcv.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php?ref=hp FF - prefs.js: network.proxy.type - 4 FF - component: c:\documents and settings\gary hamlett\application data\mozilla\firefox\profiles\yd6w8dcv.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll FF - component: c:\documents and settings\gary hamlett\application data\mozilla\firefox\profiles\yd6w8dcv.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll FF - component: c:\documents and settings\gary hamlett\application data\mozilla\firefox\profiles\yd6w8dcv.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko19.dll FF - component: c:\documents and settings\gary hamlett\application data\mozilla\firefox\profiles\yd6w8dcv.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko5.dll FF - component: c:\documents and settings\gary hamlett\application data\mozilla\firefox\profiles\yd6w8dcv.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko6.dll FF - component: c:\documents and settings\gary hamlett\application data\mozilla\firefox\profiles\yd6w8dcv.default\extensions\[emailprotected]\components\RadioWMPCoreGecko19.dll FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll FF - component: c:\program files\avg\avg10\firefox4\components\avgssff5.dll FF - component: c:\program files\common files\dvdvideosoft\dll\ffcontextmenuy\components\FFContextMenu.dll FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\documents and settings\gary hamlett\local settings\application data\google\update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npstrlnk.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} FF - Ext: Full Flat: {6E1A2A2E-AE2A-4A26-A812-46F54288379E} - %profile%\extensions\{6E1A2A2E-AE2A-4A26-A812-46F54288379E} FF - Ext: DVDVideoSoftTB Community Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Conduit Engine : [emailprotected] - %profile%\extensions\[emailprotected] FF - Ext: Java Quick Starter: [emailprotected] - c:\program files\java\jre6\lib\deploy\jqs\ff FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\avg\avg10\Firefox4 . ============= SERVICES / DRIVERS =============== . R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2011-12-19 494816] R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2011-12-19 31704] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-1-15 12880] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-1-15 67664] R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-4-13 116608] R2 CLPSLS;COMODO livePCsupport Service;c:\program files\comodo\comodo geekbuddy\CLPSLS.exe [2011-11-23 1052472] R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2011-12-19 1960584] R2 GTWPSService;GTWPSSRV;c:\program files\linksys\wmp110\gtwpssrv.exe [2009-1-1 34816] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-7-16 210216] R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328] R2 WLSng Service;WLSng Service;c:\program files\linksys\wmp110\WLSngS.exe [2009-1-1 233472] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [2011-12-5 30312] R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [2009-1-1 57344] R3 pneteth;PdaNet Broadband;c:\windows\system32\drivers\pneteth.sys [2011-8-2 13312] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2011-12-5 96488] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2011-12-5 12776] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2011-12-5 121576] S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\linksys\wmp110\jswpsapi.exe [2009-1-1 352338] S3 pnetmdm;PdaNet Modem;c:\windows\system32\drivers\pnetmdm.sys [2011-8-2 9472] S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-1-15 12872] S3 WMP110;Linksys WMP110 RangePlus Wireless PCI Adapter Service;c:\windows\system32\drivers\WMP110.sys [2009-1-1 1299520] . =============== Created Last 30 ================ . 2012-01-10 03:19:31--------d--h--w-c:\windows\PIF 2012-01-10 02:50:0920464----a-w-c:\windows\system32\drivers\mbam.sys 2012-01-10 02:50:09--------d-----w-c:\program files\Malwarebytes' Anti-Malware 2012-01-09 14:45:07--------d-----w-c:\program files\CCleaner 2012-01-09 14:05:29--------d-----w-c:\documents and settings\all users\application data\CPA_VA 2012-01-09 13:58:14--------d-----w-c:\documents and settings\all users\application data\Comodo 2012-01-09 13:57:39--------d-----w-c:\program files\Comodo 2012-01-09 13:57:361700352----a-w-c:\windows\system32\gdiplus.dll 2012-01-07 16:31:0652224-c----w-c:\windows\system32\dllcache\msfeedsbs.dll 2012-01-07 16:31:06459264-c----w-c:\windows\system32\dllcache\msfeeds.dll 2012-01-07 16:31:04268288-c----w-c:\windows\system32\dllcache\iertutil.dll 2012-01-07 16:31:0413824-c----w-c:\windows\system32\dllcache\ieudinit.exe 2012-01-07 16:31:016067200-c----w-c:\windows\system32\dllcache\ieframe.dll 2012-01-07 16:31:0063488-c----w-c:\windows\system32\dllcache\icardie.dll 2012-01-07 16:31:00380928-c----w-c:\windows\system32\dllcache\ieapfltr.dll 2012-01-07 16:31:002452872-c----w-c:\windows\system32\dllcache\ieapfltr.dat 2012-01-07 14:16:22--------d-----w-c:\documents and settings\gary hamlett\local settings\application data\Temp 2012-01-07 02:48:49--------d-sh--w-C:\found.002 2012-01-06 21:09:13--------d-----w-c:\program files\MSXML 6.0 2012-01-06 16:02:06--------d-----w-c:\windows\system32\CatRoot_bak 2012-01-06 15:50:46272128-c----w-c:\windows\system32\dllcache\bthport.sys 2012-01-06 15:49:18454016-c----w-c:\windows\system32\dllcache\mrxsmb.sys 2012-01-06 15:47:342143744-c----w-c:\windows\system32\dllcache\ntkrnlmp.exe 2012-01-06 15:47:312186880-c----w-c:\windows\system32\dllcache\ntoskrnl.exe 2012-01-06 15:47:282021888-c----w-c:\windows\system32\dllcache\ntkrpamp.exe 2012-01-06 15:47:212063744-c----w-c:\windows\system32\dllcache\ntkrnlpa.exe 2012-01-06 14:04:0273728-c--a-w-c:\windows\system32\dllcache\ehresja.dll 2012-01-06 14:04:0269632-c--a-w-c:\windows\system32\dllcache\ehresko.dll 2012-01-06 14:04:0169632-c--a-w-c:\windows\system32\dllcache\ehresfr.dll 2012-01-06 14:04:0169632-c--a-w-c:\windows\system32\dllcache\ehresde.dll 2012-01-06 14:02:5176288-c--a-w-c:\windows\system32\dllcache\uniime.dll 2012-01-06 14:01:5620736-c--a-w-c:\windows\system32\dllcache\ramdisk.sys 2012-01-06 14:00:537680-c--a-w-c:\windows\system32\dllcache\migregdb.exe 2012-01-06 13:59:5913463552-c--a-w-c:\windows\system32\dllcache\hwxjpn.dll 2012-01-06 13:58:5754528-c--a-w-c:\windows\system32\dllcache\cap7146.sys 2012-01-06 13:57:595632-c--a-w-c:\windows\system32\dllcache\iisrstap.dll 2012-01-06 13:53:1716384-c--a-w-c:\windows\system32\dllcache\isignup.exe 2012-01-06 13:53:1716384----a-w-c:\program files\internet explorer\connection wizard\isignup.exe 2012-01-06 13:50:28--------d-----w-c:\windows\system32\wbem\repository\FS 2012-01-06 13:50:28--------d-----w-c:\windows\system32\wbem\Repository 2012-01-06 13:31:3524661-c--a-w-c:\windows\system32\dllcache\spxcoins.dll 2012-01-06 13:31:3524661----a-w-c:\windows\system32\spxcoins.dll 2012-01-06 13:31:3513312-c--a-w-c:\windows\system32\dllcache\irclass.dll 2012-01-06 13:31:3513312----a-w-c:\windows\system32\irclass.dll 2012-01-06 13:31:1722339----a-r-c:\windows\SET1A7.tmp 2012-01-06 13:31:1710559----a-r-c:\windows\SET1A8.tmp 2012-01-06 13:31:1213753----a-r-c:\windows\SET164.tmp 2012-01-06 13:31:091086058----a-r-c:\windows\SET158.tmp 2012-01-06 13:31:08106147----a-r-c:\windows\SET155.tmp 2012-01-06 08:17:47--------d-----w-c:\windows\dell 2011-12-19 23:59:22494816----a-w-c:\windows\system32\drivers\cmdGuard.sys 2011-12-19 23:59:2231704----a-w-c:\windows\system32\drivers\cmdhlp.sys 2011-12-19 23:59:2018056----a-w-c:\windows\system32\drivers\cmderd.sys 2011-12-19 23:58:5833984----a-w-c:\windows\system32\cmdcsr.dll 2011-12-19 23:58:56301224----a-w-c:\windows\system32\guard32.dll . ==================== Find3M ==================== . 2011-11-10 10:54:13472808----a-w-c:\windows\system32\deployJava1.dll 2011-11-10 08:27:1073728----a-w-c:\windows\system32\javacpl.cpl . ============= FINISH: 23:17:58.70 =============== i removed the avg 2012 and when i rebooted as it requested, it was still in the add/remove section. i clicked remove again and it said it was already uninstalled and to "click ok" to remove it from add/remove list. running a new dds scan nowOkay- the avg 2012 went away. The avg 2011 still shows up in the logs from dds. It does not show up on the add/remove programs anywhereLook in c:\program files\avg Open the folder and see if there is an uninstaller in there. You can also run this. http://www.avg.com/us-en/utilities AVG Remover(32bit) 2012 (avg_remover_stf_x86_2012_1796.exe)okay cleared the avg from showing up. i ran hijack this log and checked it on the free tools it says i do not have a antivirus. you stated the comodo was a anti virus....? i'm confused now on that part. Download Security Check by screen317 from one of the following links and save it to your desktop. Link 1 Link 2 * Unzip SecurityCheck.zip and a folder named Security Check should appear. * Open the Security Check folder and double-click Security Check.bat * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt * Post the contents of that document in your next reply. Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so. |
|