I recently tried installing WinRar software from a website( not sure if it was a bad site ) and while it was completing installation, my computer crashed and I got blue screen. After that it stopped coming up at all. There was no display.
Anyways, I somehow managed to re install windows and my computer is back up but I still fear that I have got some infection. I hear weird noises from the computer at times and some of the drivers in the device manager have yellow marks.
How can I ensure if my computer is healthy or there has been some damage done by the apparently rogue software that I tried to install.
Logs are below as requested:
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6001.18000
Run by genius at 19:49:30 on 2014-08-10
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.3535.1318 [GMT -4:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\msiexec.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [Google Update] "c:\users\genius\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{47A16ACA-ED71-4F62-8268-F2AD2244A5C4} : DHCPNameServer = 192.168.1.1
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\36.0.1985.125\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-8-9 1809720]
R2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-8-9 860472]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-8-9 23256]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-8-9 110296]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-8-9 51928]
R3 NETwNv32;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETwNv32.sys [2010-7-14 6680064]
.
=============== Created Last 30 ================
.
2014-08-10 14:24:22 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll
2014-08-10 14:12:24 97800 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-10 14:12:23 622080 ----a-w- c:\windows\system32\icardagt.exe
2014-08-10 14:12:23 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2014-08-10 14:12:23 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2014-08-10 14:12:23 11264 ----a-w- c:\windows\system32\icardres.dll
2014-08-10 14:12:23 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-08-10 14:12:22 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2014-08-10 14:12:21 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2014-08-10 14:04:21 96760 ----a-w- c:\windows\system32\dfshim.dll
2014-08-10 14:04:20 282112 ----a-w- c:\windows\system32\mscoree.dll
2014-08-10 14:04:19 41984 ----a-w- c:\windows\system32\netfxperf.dll
2014-08-10 14:04:07 158720 ----a-w- c:\windows\system32\mscorier.dll
2014-08-10 14:04:03 83968 ----a-w- c:\windows\system32\mscories.dll
2014-08-10 01:04:22 29160 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-08-10 01:04:21 -------- d-----w- c:\programdata\RogueKiller
2014-08-09 23:33:41 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-09 23:33:22 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-08-09 23:33:22 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-08-09 23:33:22 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-08-09 23:33:22 -------- d-----w- c:\programdata\Malwarebytes
2014-08-09 23:33:22 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-08-09 19:01:08 -------- d-----w- c:\windows\Panther
2014-08-09 19:00:33 -------- d-----w- c:\windows\system32\OEM
2014-08-09 18:48:04 -------- d-----w- C:\Windows.old
2014-08-09 16:16:44 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2014-08-09 16:16:41 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2014-08-09 16:16:35 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2014-08-09 16:15:13 615992 ----a-w- c:\windows\system32\ci.dll
2014-08-09 16:15:13 19000 ----a-w- c:\windows\system32\kd1394.dll
2014-08-09 16:15:12 988216 ----a-w- c:\windows\system32\winload.exe
2014-08-09 16:15:12 927288 ----a-w- c:\windows\system32\winresume.exe
2014-08-09 16:15:11 46592 ----a-w- c:\windows\system32\setbcdlocale.dll
2014-08-09 16:15:11 40960 ----a-w- c:\windows\system32\srclient.dll
2014-08-09 16:15:11 378368 ----a-w- c:\windows\system32\srcore.dll
2014-08-09 16:15:11 318464 ----a-w- c:\windows\system32\rstrui.exe
2014-08-09 16:15:11 14848 ----a-w- c:\windows\system32\srdelayed.exe
2014-08-09 16:15:10 6656 ----a-w- c:\windows\system32\kbd106n.dll
2014-08-09 16:13:55 3548048 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-08-09 16:12:46 269312 ----a-w- c:\windows\system32\es.dll
2014-08-09 16:11:57 62464 ----a-w- c:\windows\system32\l3codeca.acm
2014-08-09 16:10:37 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2014-08-09 16:09:53 351232 ----a-w- c:\windows\system32\WSDApi.dll
2014-08-09 16:09:41 531968 ----a-w- c:\windows\system32\comctl32.dll
2014-08-09 16:09:11 2730536 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2014-08-09 16:08:55 8217224 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{6b5f4b1f-12b5-4aa1-82e5-494f7c6b4ebe}\mpengine.dll
2014-08-09 16:08:53 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-08-09 16:07:30 91136 ----a-w- c:\windows\system32\avifil32.dll
2014-08-09 16:07:30 82944 ----a-w- c:\windows\system32\mciavi32.dll
2014-08-09 16:07:30 65024 ----a-w- c:\windows\system32\avicap32.dll
2014-08-09 16:07:30 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2014-08-09 16:07:30 31744 ----a-w- c:\windows\system32\msvidc32.dll
2014-08-09 16:07:30 22528 ----a-w- c:\windows\system32\msyuv.dll
2014-08-09 16:07:30 13312 ----a-w- c:\windows\system32\msrle32.dll
2014-08-09 16:07:30 123904 ----a-w- c:\windows\system32\msvfw32.dll
2014-08-09 16:07:30 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2014-08-09 16:07:28 171520 ----a-w- c:\windows\system32\wintrust.dll
2014-08-09 16:07:02 98304 ----a-w- c:\windows\system32\cabview.dll
2014-08-09 16:06:43 1334272 ----a-w- c:\windows\system32\msxml6.dll
2014-08-09 15:45:58 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2014-08-09 15:45:49 276992 ----a-w- c:\windows\system32\schannel.dll
2014-08-09 15:43:09 -------- d-----w- c:\users\genius\appdata\local\Google
2014-08-09 15:42:55 -------- d-----w- c:\users\genius\appdata\local\Deployment
2014-08-09 15:42:55 -------- d-----w- c:\users\genius\appdata\local\Apps
2014-08-09 15:38:45 -------- d-----w- c:\users\genius\appdata\roaming\Intel
2014-08-09 15:37:28 -------- d-----w- c:\program files\Cisco
2014-08-09 15:37:26 -------- d-----w- c:\program files\common files\Intel
2014-08-09 15:36:41 -------- d-sh--w- c:\windows\Installer
2014-08-09 15:35:04 -------- d-----w- C:\Drivers
2014-08-09 15:27:26 -------- d-----w- C:\Vista Driver for Atheros Network
2014-08-09 15:22:18 -------- d-----w- c:\users\genius\appdata\local\VirtualStore
2014-08-06 00:05:24 -------- d-----w- C:\SYSTEM.SAV
2014-08-05 00:55:02 -------- d-----w- C:\Dell
2014-07-26 14:11:25 -------- d-----w- C:\Movies
.
==================== Find3M ====================
.
.
============= FINISH: 19:50:02.95 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume1
Install Date: 8/9/2014 2:17:30 PM
System Uptime: 8/10/2014 6:30:07 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0D201R
Processor: Intel(R) Core(TM)2 Duo CPU P9400 @ 2.40GHz | Microprocessor | 2400/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 75 GiB total, 14.673 GiB free.
D: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e968-e325-11ce-bfc1-08002be10318}
Description: Standard VGA Graphics Adapter
Device ID: PCI\VEN_8086&DEV_2A42&SUBSYS_024D1028&REV_07\3&2B8E0B4B&0&10
Manufacturer: (Standard display types)
Name: Standard VGA Graphics Adapter
PNP Device ID: PCI\VEN_8086&DEV_2A42&SUBSYS_024D1028&REV_07\3&2B8E0B4B&0&10
Service: vga
.
Class GUID:
Description: Video Controller
Device ID: PCI\VEN_8086&DEV_2A43&SUBSYS_024D1028&REV_07\3&2B8E0B4B&0&11
Manufacturer:
Name: Video Controller
PNP Device ID: PCI\VEN_8086&DEV_2A43&SUBSYS_024D1028&REV_07\3&2B8E0B4B&0&11
Service:
.
Class GUID:
Description: Ethernet Controller
Device ID: PCI\VEN_8086&DEV_10F5&SUBSYS_024D1028&REV_03\3&2B8E0B4B&0&C8
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_8086&DEV_10F5&SUBSYS_024D1028&REV_03\3&2B8E0B4B&0&C8
Service:
.
Class GUID:
Description: Broadcom USH
Device ID: USB\VID_0A5C&PID_5800&MI_00\6&66DE6C9&0&0000
Manufacturer:
Name: Broadcom USH
PNP Device ID: USB\VID_0A5C&PID_5800&MI_00\6&66DE6C9&0&0000
Service:
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_024D1028&REV_12\4&51D9BE7&0&0AF0
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_024D1028&REV_12\4&51D9BE7&0&0AF0
Service:
.
Class GUID:
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_024D1028&REV_03\3&2B8E0B4B&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_024D1028&REV_03\3&2B8E0B4B&0&FB
Service:
.
==== System Restore Points ===================
.
RP7: 8/9/2014 11:36:59 AM - Installed Intel(R) PROSet/Wireless WiFi Software.
RP8: 8/9/2014 12:08:06 PM - Windows Update
RP9: 8/10/2014 10:01:09 AM - Windows Update
.
==== Installed Programs ======================
.
Google Chrome
Google Talk Plugin
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel PROSet Wireless
Intel(R) PROSet/Wireless WiFi Software
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 3.5 SP1
.
==== Event Viewer Messages From Past Week ========
.
8/9/2014 6:42:28 PM, Error: EventLog [6008] - The previous system shutdown at 1:33:41 PM on 8/9/2014 was unexpected.
8/9/2014 2:01:47 PM, Error: volmgr [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
8/10/2014 9:57:35 AM, Error: EventLog [6008] - The previous system shutdown at 2:14:01 AM on 8/10/2014 was unexpected.
.
==== End Of File ===========================