Unknown Virus and Trojan, Not sure if I removed it properly Options

[andee39]

Yesterday I ran AdAware on my computer and it found a virus and trojan with a TAI rating of 10. Dopey me, instead of writing it down to investigate further I immediately clicked on remove and now I am not sure what it was, what damage it could have done and if I got rid of it permanently. I ran the program again this morning and it came up clean but I figure better safe than sorry. Interestlingly my BitDefender program did not find these problems. Below are the two files you request to begin this process. Thanks for taking the time to look into for me.



DDS (Version 1.1.0) - NTFSx86
Run by Andrea at 12:04:52.63 on Sun 12/28/2008
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Business 6.0.6001.1.1252.1.1033.18.3069.1964 [GMT -5:00]

AV: BitDefender Antivirus *On-access scanning enabled* (Updated)
FW: BitDefender Firewall *enabled*

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\System32\svchost.exe -k Cognizance
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\lxcrcoms.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\ID Vault\IDVault.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Windows\system32\wuauclt.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Andrea\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uSearch Page = hxxp://www.google.com
uWindow Title = My Internet Explorer
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: AOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol\aim toolbar 5.0\aoltb.dll
mURLSearchHooks: AOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol\aim toolbar 5.0\aoltb.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: GuardId.MSIEBrowser.BHO: {5b0a01d2-b8a0-4e56-9e6b-cba0ef4b4eb5} - mscoree.dll
BHO: PCTools Site Guard: {5c8b2a36-3db1-42a4-a3cb-d426709bbfeb} - c:\progra~1\spywar~1\tools\iesdsg.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
BHO: AOL Toolbar Launcher: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol\aim toolbar 5.0\aoltb.dll
BHO: TBSB01478 Class: {ac002f1a-6c85-477b-8d1f-f17b72be7c34} - c:\program files\registered coupons toolbar\registered_coupons.dll
BHO: {b56a7d7d-6927-48c8-a975-17df180c71ac} - PCTools Browser Monitor
BHO: CBHO Object: {cba74cda-df78-4ad9-954e-3b15d0a993de} - c:\program files\corestreet\spoofstick\SpoofStickBHO.dll
BHO: VeriSoft Access Manager: {df21f1db-80c6-11d3-9483-b03d0ec10000} - c:\program files\bioscrypt\verisoft\bin\ItIEAddIn.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2009\IEToolbar.dll
TB: SpoofStick: {4d46ed77-1429-4cf6-8f63-c84b5d710baf} - c:\program files\corestreet\spoofstick\SpoofStick.dll
TB: Registered Coupons: {84a6aea7-c34b-4246-9a00-05ad7a36bf00} - c:\program files\registered coupons toolbar\registered_coupons.dll
TB: AIM Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aim toolbar 5.0\aoltb.dll
TB: {A057A204-BACC-4D26-CEC4-75A487FD6484} - No File
uRun: [Aim6]
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
mRun: [CognizanceTS] rundll32.exe c:\progra~1\bioscr~1\verisoft\bin\ASTSVCC.dll,RegisterModule
mRun: [EzPrint] "c:\program files\lexmark 2400 series\ezprint.exe"
mRun: [LXCRCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCRtime.dll,_RunDLLEntry@16
mRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [MSConfig] "c:\windows\system32\msconfig.exe" /auto
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2009\bdagent.exe"
mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2009\IEShow.exe"
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\idvaul~1.lnk - c:\program files\id vault\IDVault.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-us\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~1\office12\ONBttnIE.dll
IE: {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - {A1EDC4A1-940F-48E0-8DFD-E38F1D501021}
IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aim toolbar 5.0\aoltb.dll
IE: {84A6AEA7-C34B-4246-9A00-05AD7A36BF00} - {84A6AEA7-C34B-4246-9A00-05AD7A36BF00} - c:\program files\registered coupons toolbar\registered_coupons.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
AppInit_DLLs: APSHook.dll
LSA: Notification Packages = scecli ASWLNPkg

============= SERVICES / DRIVERS ===============

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2008-12-21 28544]
R2 {22D78859-9CE9-4b77-BF18-AC83E81A9263};{22D78859-9CE9-4b77-BF18-AC83E81A9263};\??\c:\program files\hp\quickplay\000.fcl [2007-5-23 13560]
R2 ASBroker;Logon Session Broker;c:\windows\system32\svchost.exe -k Cognizance [2008-5-19 21504]
R2 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Cognizance [2008-5-19 21504]
R2 BDVEDISK;BDVEDISK;\??\c:\program files\bitdefender\bitdefender 2009\BDVEDISK.sys [2008-7-2 82440]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2007-9-16 600912]
R2 TG850P26;TG850P26;\??\c:\windows\system32\drivers\JAG57A1M.sys [2008-3-29 28384]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\viewpoint\common\ViewpointService.exe" [2007-10-27 24652]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [2008-8-12 111112]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [2008-8-14 104328]
R3 Ma730Pt;MA730 Bluetooth VCOM Driver;c:\windows\system32\drivers\Ma730Pt.sys [2008-3-29 103680]
R3 Ma730VaA;MA730 Bluetooth Advanced Audio;c:\windows\system32\drivers\Ma730VaA.sys [2008-3-29 21851]
R3 Ma730Vad;MA730 Bluetooth Audio;c:\windows\system32\drivers\Ma730Vad.sys [2008-3-29 50522]
R3 SMCSTUB;SMCSTUB;c:\windows\system32\drivers\smcstub.sys [2007-8-25 55680]
S3 Arrakis3;BitDefender Arrakis Server;"c:\program files\common files\bitdefender\bitdefender arrakis server\bin\Arrakis3.exe" [2008-7-17 118784]
S3 Ma730c;MA730 Bluetooth Core Driver;c:\windows\system32\drivers\MA730C.sys [2008-3-29 157024]
S3 mtsftkey;mtsftkey;c:\windows\system32\drivers\mtsftkey.sys [2007-8-25 60032]

=============== Created Last 30 ================

2008-12-24 14:09 481,443,533 a------- c:\windows\MEMORY.DMP
2008-12-21 16:35 <DIR> --d----- c:\program files\a-squared HiJackFree
2008-12-21 16:25 <DIR> --d----- c:\program files\Secunia
2008-12-21 09:21 28,544 a------- c:\windows\system32\drivers\pavboot.sys
2008-12-21 09:21 <DIR> --d----- c:\program files\Panda Security
2008-12-12 21:30 2,048 a------- c:\windows\system32\tzres.dll
2008-12-12 21:17 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2008-12-12 21:17 28,672 a------- c:\windows\system32\Apphlpdm.dll
2008-12-12 21:17 296,960 a------- c:\windows\system32\gdi32.dll
2008-12-12 21:16 2,927,104 a------- c:\windows\explorer.exe
2008-12-12 21:16 827,392 a------- c:\windows\system32\wininet.dll
2008-12-12 21:15 2,868,736 a------- c:\windows\system32\mf.dll
2008-12-12 21:15 996,352 a------- c:\windows\system32\WMNetMgr.dll
2008-12-12 21:15 94,720 a------- c:\windows\system32\logagent.exe
2008-12-09 21:56 479 a------- c:\windows\system32\BDUpdateV1.xml
2008-11-30 12:07 <DIR> --d----- c:\programdata\acccore
2008-11-30 12:07 <DIR> --d----- c:\progra~2\acccore

==================== Find3M ====================

2008-11-18 20:50 192,512 a------- c:\windows\system32\txmlutil.dll
2008-11-18 20:50 104,328 a------- c:\windows\system32\drivers\bdfndisf.sys
2008-11-18 20:48 111,112 a------- c:\windows\system32\drivers\bdfm.sys
2008-11-18 20:48 230,920 a------- c:\windows\system32\drivers\bdfsfltr.sys
2008-11-16 20:14 2,928,600 a------- c:\users\andrea\ccsetup211.exe
2008-10-31 22:44 52,736 a------- c:\windows\apppatch\iebrshim.dll
2008-10-31 22:44 2,154,496 a------- c:\windows\apppatch\AcGenral.dll
2008-10-31 22:44 541,696 a------- c:\windows\apppatch\AcLayers.dll
2008-10-31 22:44 460,288 a------- c:\windows\apppatch\AcSpecfc.dll
2008-10-31 22:44 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2008-10-21 22:57 241,152 a------- c:\windows\system32\PortableDeviceApi.dll
2008-10-21 00:25 1,645,568 a------- c:\windows\system32\connect.dll
2008-10-16 15:56 1,524,736 a------- c:\windows\system32\wucltux.dll
2008-10-16 15:55 83,456 a------- c:\windows\system32\wudriver.dll
2008-10-16 14:08 162,064 a------- c:\windows\system32\wuwebv.dll
2008-10-16 13:56 31,232 a------- c:\windows\system32\wuapp.exe
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2008-09-18 19:11 143,360 a------- c:\windows\inf\infstrng.dat
2008-09-18 19:11 86,016 a------- c:\windows\inf\infstor.dat
2008-09-18 19:11 86,016 a------- c:\windows\inf\infpub.dat
2008-09-18 18:50 1,220,944 a------- c:\users\andrea\BitDefender_Uninstall_Tool.exe
2008-09-18 18:49 57,248,608 a------- c:\users\andrea\bitdefender_internetsecurity_2009_32b.exe
2008-06-18 18:25 1,505,160 a------- c:\users\andrea\install_easyshare.exe
2008-06-10 18:07 665,600 a------- c:\windows\inf\drvindex.dat
2008-05-19 13:02 174 a--sh--- c:\program files\desktop.ini
2008-05-18 10:15 76,342 a------- c:\users\andrea\appdata\roaming\nvModes.dat
2008-03-30 16:25 8 a------- c:\users\andrea\appdata\roaming\usb.dat.bin
2008-03-22 17:42 5,386,264 a------- c:\users\andrea\Plug-In.exe
2008-03-22 10:14 17,646,136 a------- c:\users\andrea\sdsetup.exe
2008-03-10 19:38 20,714,240 a------- c:\users\andrea\Verizon Music Essentials.exe
2008-02-29 23:08 530,528 a------- c:\users\andrea\yahoo_installer.exe
2008-02-25 20:54 12,273,400 a------- c:\users\andrea\IDVaultFull.exe
2008-02-24 14:44 9,723,880 a------- c:\users\andrea\spybotsd152.exe
2008-02-07 20:53 11,679,762 a------- c:\users\andrea\bitpim-1.0.5-setup.exe
2008-01-18 19:58 228,852,088 a------- c:\users\andrea\office2007sp1-kb936982-fullfile-en-us.exe
2007-12-22 11:15 399,816 a------- c:\users\andrea\driveralert-setup-0004.exe
2007-11-17 16:18 2,725,528 a------- c:\users\andrea\ccsetup202.exe
2007-11-17 15:26 1,454,080 a------- c:\users\andrea\Kodak Easyshare.exe
2007-10-28 13:49 12,810,390 a------- c:\users\andrea\tweakvi-basic-sfx.exe
2007-10-20 11:40 388,915 a------- c:\users\andrea\dustbuster.zip
2007-10-14 18:50 827,024 a------- c:\users\andrea\PhotoGreetingCards.exe
2007-09-21 16:18 174,952 a------- c:\users\andrea\spoofstick-ie.exe
2007-09-16 19:14 482,408 a------- c:\users\andrea\ccsetup141_slim.exe
2007-09-14 19:21 423,736 a------- c:\users\andrea\avgarkt-setup-1.1.0.42.exe
2007-09-02 20:56 2,437,120 a------- c:\users\andrea\ZenMicroP4S_PCFW_L16_2_21_02.exe
2007-09-02 14:24 956,344 a------- c:\users\andrea\SaveAsPDFandXPS.exe
2007-09-02 14:23 163,712 a------- c:\users\andrea\pfbackup.exe
2007-08-31 16:59 308,888 a------- c:\users\andrea\Install_AIM.exe
2007-08-31 14:01 38,990,192 a------- c:\users\andrea\bitdefender_internetsecurity_2008_32b.exe
2007-08-31 12:32 439,296 a------- c:\users\andrea\GoToAssist_phone__317_en.exe
2007-04-18 18:04 9,393,768 a------- c:\users\andrea\winzip111.exe
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 12:06:33.29 ===============

Attached File(s)

 Attach.txt ( 5.07k ) Number of downloads: 12