Windows BBS The Place for Microsoft Windows Support! Windows, Support, Help Site

Go Back   Windows BBS > Security > Malware and Virus Removal
Reload this Page

My laptop DDS report. Anything fishy here ?

Register FAQ Mark Forums Read

Malware and Virus Removal Problems removing malware/viruses? Get help from our Malware removal experts.

Register your FREE account to unlock additional features at WindowsBBS.com
Register
Welcome to WindowsBBS.com
Microsoft Windows Support

Mission Statement

WindowsBBS is an online community dedicated to easily accessible technical support for those using Microsoft operating systems and other Windows software.

Our goal is to become the leading resource for computer users that require assistance with their day-to-day computer usage, including full support for networking PC's, virus & malware removal, system upgrades and general support questions.

Discussion Forums
Operating Systems
Windows 7 Windows 7
Windows Vista Windows Vista
Windows XP Windows XP
Windows Server System Windows Server System
Windows 2000 Windows 2000
Windows 95/98/Me/NT Windows 95/98/Me/NT
Internet & Networking
Networking
Internet Explorer
Microsoft Mail
Firefox, Thunderbird
      & SeaMonkey
General Internet
Security
General Security
Malware and Virus
     Removal
Other
Other Software
Hardware
Test Posts
Community
Introductions
General Discussions
Comments
      & Suggestions
News @ WindowsBBS

Forum Sponsor
Image

Reply
 
LinkBack Thread Tools
Old 31st December 2008   #1
Member
 
Profile:
Join Date: Dec 2008
Posts: 37
Computer Experience:
intermediate
amkeew Reputation Level
My laptop DDS report. Anything fishy here ?
And how do I attach the txt file here to my posts ?

DDS (Version 1.1.0) - NTFSx86
Run by agoram muthukumaran at 10:22:15.32 on Tue 12/30/2008
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1236 [GMT 5.5:30]
AV: Kaspersky Internet Security *On-access scanning enabled* (Updated)
FW: Kaspersky Internet Security *enabled*
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
D:\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\fsproflt.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\STacSV.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\OEM02Mon.exe
C:\Program Files\Dell\Dell Mobile Broadband\systray.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\My Lockbox\flockbox.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
D:\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
D:\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
D:\DAP\Software & Archives\ToggleHiddenFiles.exe
D:\Chameleon Clock\ChamClock.exe
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcrobatInfo.exe
C:\Documents and Settings\agoram muthukumaran\Desktop\dds.com
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.edison.co.in/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - HP Print Enhancer
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - d:\spybot~1\SDHelper.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2009\ievkbd.dll
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: {90222687-F593-4738-B738-FBEE9C7B26DF} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
uRun: [SpybotSD TeaTimer] d:\spybot - search & destroy\TeaTimer.exe
uRun: [Advanced SystemCare 3] "c:\program files\iobit\advanced systemcare 3\AWC.exe" /startup
uRun: [Google Update] "c:\documents and settings\agoram muthukumaran\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Hot Corners] "c:\program files\hot corners\HotC.exe"
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [systray] c:\program files\dell\dell mobile broadband\systray.exe
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe"
mRun: [flockbox] c:\program files\my lockbox\flockbox.exe /a
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [LanguageShortcut] d:\powerdvd\language\Language.exe
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [osCheck] "d:\norton internet security 2008\osCheck.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\agoram~1\startm~1\programs\startup\mru-bl~1.lnk - d:\mru-blaster\mrublaster.exe
StartupFolder: c:\docume~1\agoram~1\startm~1\programs\startup\toggle~1.lnk - d:\dap\software & archives\ToggleHiddenFiles.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - d:\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
IE: &Clean Traces - d:\program files\dap\privacy package\dapcleanerie.htm
IE: &Download with &DAP - d:\program files\dap\dapextie.htm
IE: &ieSpell Options - d:\iespell\iespell.dll/SPELLOPTION.HTM
IE: Add to Banner Ad Blocker - c:\program files\kaspersky lab\kaspersky internet security 2009\ie_banner_deny.htm
IE: Check &Spelling - d:\iespell\iespell.dll/SPELLCHECK.HTM
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Download &all with DAP - d:\program files\dap\dapextie2.htm
IE: E&xport to Microsoft Excel - d:\office11\EXCEL.EXE/3000
IE: Lookup on Merriam Webster - file://d:\iespell\Merriam Webster.HTM
IE: Lookup on Wikipedia - file://d:\iespell\wikipedia.HTM
IE: Send to &Bluetooth Device... - D:\btsendto_ie_ctx.htm
IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://d:\iespell\iespell.dll/SPELLCHECK.HTM
IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://d:\iespell\iespell.dll/SPELLOPTION.HTM
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky internet security 2009\SCIEPlgn.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - d:\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - d:\spybot~1\SDHelper.dll
TCP: {458C44E6-A31E-4C6C-9602-295374EDF419} = 192.168.1.1
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - d:\progra~1\dap\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - d:\progra~1\dap\dapie.dll
Notify: igfxcui - igfxdev.dll
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd.dll,c:\progra~1\kasper~1\kasper~1\adia lhk.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll,c:\progra~1\kasper~1\kaspe r~1\mzvkbd3.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, msansspc.dll
============= SERVICES / DRIVERS ===============
R0 FSProFilter;FSPro File Filter;c:\windows\system32\drivers\FSPFltd.sys [2008-12-26 43792]
R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-7-21 121872]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 32784]
R0 MPRIFL;MPRIFL;c:\windows\system32\drivers\MPRIFL.SYS [2008-12-20 17264]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2008-10-2 227344]
R2 AVP;Kaspersky Internet Security;"c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe" -r [2008-11-11 206088]
R2 datunidr;DellAutomatedPCTuneUp UniDriver;c:\windows\system32\drivers\datunidr.sys [2007-8-23 5376]
R2 fsproflt;FSPro Filter Service;c:\windows\system32\fsproflt.exe [2008-12-26 73344]
R2 WinDefend;Windows Defender;"c:\program files\windows defender\MsMpEng.exe" [2006-11-3 13592]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-4-30 24592]
R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\system32\drivers\OEM02Dev.sys [2008-4-15 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\system32\drivers\OEM02Vfx.sys [2008-4-15 7424]
S3 OEM02Afx;Provides a software interface to control audio effects of OEM002 camera.;\??\c:\windows\system32\drivers\OEM02Afx.sys [2008-4-15 141376]
S3 PCIUtil;PCI Utility;\??\c:\docume~1\agoram~1\locals~1\temp\PCIUtil.sys []
=============== Created Last 30 ================
2008-12-28 07:24 5,120 ac-sh--- c:\windows\system32\Thumbs.db
2008-12-28 07:24 5,632 ac-sh--- c:\windows\system32\drivers\Thumbs.db
2008-12-28 07:24 5,120 ac-sh--- c:\windows\system32\dllcache\Thumbs.db
2008-12-26 19:53 73,344 ac------ c:\windows\system32\fsproflt.exe
2008-12-26 19:53 43,792 ac------ c:\windows\system32\drivers\FSPFltd.sys
2008-12-26 19:53 <DIR> -cd----- c:\program files\Hide Folders 2009
2008-12-26 07:24 <DIR> -cd----- c:\program files\CodeStuff
2008-12-25 22:18 <DIR> -cd----- c:\program files\PC Drivers HeadQuarters
2008-12-25 22:18 <DIR> -cd----- c:\docume~1\alluse~1\applic~1\PC Drivers HeadQuarters
2008-12-25 18:29 172,032 ac------ c:\windows\system32\igfxres.dll
2008-12-25 18:25 147,456 ac------ c:\windows\system32\igfxCoIn_v4926.dll
2008-12-25 08:27 53,248 ac------ c:\windows\system32\CSVer.dll
2008-12-25 08:15 <DIR> -cd----- c:\docume~1\agoram~1\applic~1\Software Informer
2008-12-25 07:48 <DIR> -cd----- c:\docume~1\agoram~1\applic~1\IObit
2008-12-25 07:48 <DIR> -cd----- c:\program files\IObit
2008-12-20 10:06 17,264 ac------ c:\windows\system32\drivers\mprifl.sys
2008-12-20 10:06 <DIR> -cd----- c:\program files\My Lockbox
2008-12-15 09:09 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2008-12-15 09:03 <DIR> -cd----- c:\program files\Uniblue
2008-12-15 09:03 <DIR> -cd----- c:\docume~1\alluse~1\applic~1\DriverScanner
2008-12-15 09:03 <DIR> -cd----- c:\docume~1\agoram~1\applic~1\Uniblue
2008-12-15 09:02 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
2008-12-14 21:25 632 ac------ c:\windows\CoD.INI
2008-12-10 16:26 117,760 ac------ c:\windows\system32\hpzll5mu.dll
2008-12-10 16:10 157,245 ac------ c:\windows\hphins26.dat
2008-12-10 16:10 787 -c------ c:\windows\hphmdl26.dat
==================== Find3M ====================
2008-12-30 07:29 3,548,192 ac-sh--- c:\windows\system32\drivers\fidbox.dat
2008-12-30 07:29 729,120 ac-sh--- c:\windows\system32\drivers\fidbox2.dat
2008-12-30 07:29 31,944 ac-sh--- c:\windows\system32\drivers\fidbox.idx
2008-12-30 07:29 6,716 ac-sh--- c:\windows\system32\drivers\fidbox2.idx
2008-12-25 17:52 8,530 ac------ c:\windows\pchealth\helpctr\config\cache\Professional_32_1033.dat
2008-11-11 20:00 218,376 ac------ c:\windows\system32\klogon.dll
2008-11-11 19:58 25,601 ac------ c:\windows\system32\drivers\klopp.dat
2008-11-07 10:30 93,599 ac------ c:\windows\hppins03.dat
2008-10-23 18:06 286,720 ac------ c:\windows\system32\gdi32.dll
2008-10-17 02:08 826,368 ac------ c:\windows\system32\wininet.dll
2008-10-16 14:06 268,648 ac------ c:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 ac------ c:\windows\system32\muweb.dll
2008-10-03 15:32 247,326 ac------ c:\windows\system32\strmdll.dll
2008-05-23 20:44 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008052320080524\index.dat
============= FINISH: 10:23:08.14 ===============
amkeew is offline   Reply With Quote
Didn't find the information you thought to find?
Check out these Similar Threads
Old 4th January 2009   #2
Staff
 
noahdfear's Avatar
 
Profile:
Join Date: Apr 2003
Location: New Bremen, Ohio U.S.A.
Posts: 12,521
Computer Experience:
~@<*+
noahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Level

My System

Sorry for the late reply amkeew. Your log looks fine.
noahdfear is offline   Reply With Quote
Old 4th January 2009   #3
Member
 
Profile:
Join Date: Dec 2008
Posts: 37
Computer Experience:
intermediate
amkeew Reputation Level
Thumbs up
Thank you so much, Dave.
amkeew is offline   Reply With Quote
Old 4th January 2009   #4
Staff
 
noahdfear's Avatar
 
Profile:
Join Date: Apr 2003
Location: New Bremen, Ohio U.S.A.
Posts: 12,521
Computer Experience:
~@<*+
noahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Level

My System

You bet.
noahdfear is offline   Reply With Quote
Reply

« [Resolved] Browsers Redirecting, Antivirus Not Updating... | macros in i386 folder »
Thread Tools


Similar Threads
Thread Thread Starter Forum Replies Last Post
Windows non-update beejay Windows 2000 24 1st October 2008 15:24
Help some of my updates wont install and i lost my main administrator acc redsteel136 Windows Vista 2 19th September 2008 20:29
How do I get rid of Infostealer.Gampass & Downloader?? dmcmillen Malware and Virus Removal 15 18th May 2008 01:27
Windows Update Bimmer Guy Windows XP 17 18th November 2007 08:43
Windows Media Player and Windows Update do not install swiftpunter Windows XP 13 5th September 2007 08:32


All times are GMT +1. The time now is 00:29.




Advertise - Contact Us - Windows BBS - Archive - Privacy Statement - Top

Advertisements do not imply our endorsement of the product or service advertised.
Powered by vBulletin® Version 3.8.3
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.2.0
Copyright © 2002 - 2009 WindowsBBS.com. All rights reserved.
Terms of Use, Legal Information & Privacy Policy
[]

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33