Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

log

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

log

Unread postby leo-the-lion » April 11th, 2011, 9:17 pm

could someone please check my log as my anti virus wouldent let me on the internet tonight here is the log

DDS (Ver_11-03-05.01) - NTFSx86
Run by pat at 2:04:12.24 on 12/04/2011
Internet Explorer: 9.0.8112.16421
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.44.1033.18.1013.113 [GMT 1:00]
.
AV: Virgin Media Security Anti-Virus *Enabled/Updated* {A61154FD-4365-E00F-9A33-13A09AD54B56}
SP: Virgin Media Security Anti-Spyware *Enabled/Updated* {1D70B519-655F-EF81-A083-28D2E15201EB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Virgin Media Security Firewall *Enabled* {9E2AD5D8-090A-E157-B16C-BA9564060C2D}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Virgin Media\Security\Fws.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\taskeng.exe
C:\Program Files\Virgin Media\Security\rps.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Virgin Media\Security\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Virgin Media\HUB\VirginMediaHUBComHandler.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Virgin Media\Security\RpsSecurityAwareR.exe
C:\Program Files\Virgin Media\HUB\ServicepointService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\E_FATICAE.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Virgin Media\HUB\VirginMediaHUB.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Apoint2K\Apntex.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10o_ActiveX.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\pat\Downloads\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://home.bt.yahoo.com/
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
TB: {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
TB: {04666517-D7B9-43C9-B329-CD7A30FF0079} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [EPSON Stylus DX4400 Series] c:\windows\system32\spool\drivers\w32x86\3\e_faticae.exe /fu "c:\windows\temp\E_SE1F5.tmp" /EF "HKCU"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRunOnce: [IndexCleaner] "c:\program files\virgin media\security\IdxClnR.exe"
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" update "software\cyberlink\youcam\1.0"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [Windows Mobile-based device management] %WINDIR%\WindowsMobile\wmdcBase.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [VirginMediaHUB.exe] "c:\program files\virgin media\hub\VirginMediaHUB.exe" /AUTORUN
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9 ... ontrol.CAB
DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} - hxxp://www.sultangardens.com/ipixx.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD0EBBED-0C42-4D0F-82DA-44399B5C420A} - hxxp://downloads.virginmedia.com/CST/ve ... taller.cab
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
.
============= SERVICES / DRIVERS ===============
.
R0 RadialpointIDSEH;RadialpointIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-4-11 25608]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 Radialpoint Security Services;Virgin Media Security;c:\program files\virgin media\security\RpsSecurityAwareR.exe [2010-1-4 165408]
R2 RadialpointIDSAgent;RadialpointIDSAgent;c:\program files\virgin media\security\avg\identity protection\agent\bin\AVGIDSAgent.exe [2011-4-11 5832712]
R2 ServicepointService;ServicepointService;c:\program files\virgin media\hub\ServicepointService.exe [2011-4-11 668912]
R3 RadialpointIDSDriver;RadialpointIDSDriver;c:\program files\virgin media\security\avg\identity protection\agent\drivers\AVGIDSDriver.sys [2011-4-11 122376]
R3 RadialpointIDSFilter;RadialpointIDSFilter;c:\program files\virgin media\security\avg\identity protection\agent\drivers\AVGIDSfilter.sys [2011-4-11 30216]
R3 RadialpointIDSShim;RadialpointIDSShim;c:\program files\virgin media\security\avg\identity protection\agent\drivers\AVGIDSShim.sys [2011-4-11 27800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\lavasoft\ad-aware\aawservice.exe" --> c:\program files\lavasoft\ad-aware\AAWService.exe [?]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2008-1-21 21504]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2011-04-11 22:53:04 -------- d-----w- c:\windows\Internet Logs
2011-04-11 22:46:26 25608 ----a-w- c:\windows\system32\drivers\AVGIDSEH.sys
2011-04-11 22:45:25 285704 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2011-04-11 22:44:45 53192 ----a-w- c:\windows\system32\drivers\rp_skt32.sys
2011-04-11 22:44:20 48384 ----a-w- c:\windows\system32\drivers\rp_pkt32.sys
2011-04-11 22:43:57 -------- d-----w- c:\program files\Raxco
2011-04-11 22:30:49 -------- d-----w- c:\program files\Virgin Media
2011-04-11 19:26:24 -------- d-----w- c:\users\pat\appdata\local\{618AB192-1264-4487-AE0F-4F084ACF43EE}
2011-04-10 16:29:21 -------- d-----w- c:\users\pat\appdata\local\{C89B3ED5-76B2-4074-84A2-A8B294B9BE1F}
2011-04-09 16:10:17 -------- d-----w- c:\users\pat\appdata\local\{4C2BB18E-223E-41A5-9A1B-6CBEA7C191EC}
2011-04-08 16:13:00 6792528 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{3e6fcd9f-927e-4aec-8547-49da865c4b46}\mpengine.dll
2011-04-08 16:06:27 -------- d-----w- c:\users\pat\appdata\local\{2724F9B3-D0C3-4AB6-9247-CFA864AADEDC}
2011-04-07 16:14:25 -------- d-----w- c:\users\pat\appdata\local\{87D93652-1549-410B-A552-1420A8912036}
2011-04-06 16:25:17 -------- d-----w- c:\users\pat\appdata\local\{0F5A4046-A16F-429C-92C6-773FC6B1544B}
2011-04-05 17:18:04 -------- d-----w- c:\users\pat\appdata\local\{1DCFCA5A-A738-42AF-AA92-D0A5D52D4EEA}
2011-04-04 18:39:48 -------- d-----w- c:\users\pat\appdata\local\{398098A4-9708-400D-9466-42504F24BCC5}
2011-04-03 19:11:02 -------- d-----w- c:\users\pat\appdata\local\{B5C66132-74C0-4FE8-AE40-7697CC9808D1}
2011-04-02 15:47:32 -------- d-----w- c:\users\pat\appdata\local\{4E52C457-9E08-4056-B385-8F76E87366DA}
2011-04-02 15:41:57 -------- d-----w- c:\windows\en
2011-04-02 15:31:05 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-04-02 15:26:25 -------- d-----w- c:\windows\PCHEALTH
2011-04-02 15:19:42 15712 ----a-w- c:\program files\common files\windows live\.cache\63d843ea1cbf14914\MeshBetaRemover.exe
2011-04-02 14:18:45 -------- d-----w- c:\users\pat\appdata\local\{C48B75C7-0EDC-4905-8733-F2E523DE94AF}
2011-04-01 19:11:40 -------- d-----w- c:\users\pat\appdata\local\{6ECBD591-1914-43D4-9397-36CE1454D168}
2011-03-31 17:04:30 -------- d-----w- c:\users\pat\appdata\local\{E27EFFA1-61E9-44FF-9BB5-9FE25A704A10}
2011-03-22 19:05:32 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-03-22 19:05:31 797696 ----a-w- c:\windows\system32\FntCache.dll
2011-03-22 19:05:26 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
.
==================== Find3M ====================
.
2011-02-02 21:40:23 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 18:11:20 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-20 16:08:16 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:08:06 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08:06 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:08:06 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:08:06 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:07:58 37376 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:07:42 258048 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:07:16 586240 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:06:38 2873344 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:06:35 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04:54 98816 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 16:04:54 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 14:28:38 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 14:27:50 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:26:30 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25:25 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:24:26 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15:10 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14:39 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14:03 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:14:03 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:12:46 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:11:34 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 13:47:51 683008 ----a-w- c:\windows\system32\d2d1.dll
.
============= FINISH: 2:05:05.90 ===============
leo-the-lion
Active Member
 
Posts: 13
Joined: April 11th, 2011, 8:57 pm
Advertisement
Register to Remove

Re: log

Unread postby NonSuch » April 11th, 2011, 10:53 pm

This topic is a duplicate copy of the original and therefore will be closed. The original will be left open.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27300
Joined: February 23rd, 2005, 7:08 am
Location: California


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: pgmigg and 47 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware