Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I Infected


  • Please log in to reply
3 replies to this topic

#1 riyad

riyad

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 31 August 2008 - 12:37 AM

for last fortnight my computer has slowed down to a halt....having few bsod's....i don't know if i'am infected. i'am posting a runscanner log file...if u need any further information then please guide me accordingly as i'am not much computer savvy...thanx in advance.

Runscanner logfile http://www.runscanner.net

* = signed file
- = file not found

General info
------------
Computer name : RIYAD-PC
Creation time : 31-08-2008 10:22:52
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 7.0.6001.18000
OS : Windows Vista ™ Home Basic
OS Build : 6001
OS SP : Service Pack 1
RunScanner Version : 1.7.0.0
User Language : English (India)
User rights : Administrator
Windows folder : C:\Windows

Running processes
-----------------
* C:\Windows\system32\agrsmsvc.exe (Agere Systems)
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
* C:\Program Files\COMODO\Firewall\cfp.exe
* C:\Windows\system32\csrss.exe (Microsoft Corporation)
* C:\Windows\system32\csrss.exe (Microsoft Corporation)
* C:\Program Files\COMODO\Firewall\cmdagent.exe
* C:\Program Files\COMODO\SafeSurf\cssurf.exe (COMODO)
* C:\Windows\system32\Dwm.exe (Microsoft Corporation)
* C:\Program Files\Winamp\elevator.exe
* C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
* C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
* C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
* C:\Windows\System32\hkcmd.exe (Intel Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\system32\svchost.exe (Microsoft Corporation)
* C:\Windows\system32\svchost.exe (Microsoft Corporation)
* C:\Windows\system32\svchost.exe (Microsoft Corporation)
* C:\Windows\system32\svchost.exe (Microsoft Corporation)
* C:\Windows\system32\svchost.exe (Microsoft Corporation)
* C:\Windows\system32\svchost.exe (Microsoft Corporation)
* C:\Windows\system32\svchost.exe (Microsoft Corporation)
* C:\Windows\system32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\system32\lsass.exe (Microsoft Corporation)
* C:\Windows\system32\lsm.exe (Microsoft Corporation)
* C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
* C:\Windows\system32\SLsvc.exe (Microsoft Corporation)
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Opera\opera.exe (Opera Software)
* C:\Program Files\ThreatFire\TFService.exe (PC Tools)
* C:\Program Files\ThreatFire\TFTray.exe (PC Tools)
* C:\Windows\System32\igfxpers.exe (Intel Corporation)
C:\Program Files\Process Lasso\ProcessGovernor.exe (Bitsum Technologies)
C:\Program Files\Process Lasso\ProcessLasso.exe (Bitsum Technologies)
* C:\Users\riyad\Downloads\runscanner\RunScanner.exe (Runscanner.net)
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
* C:\Windows\system32\services.exe (Microsoft Corporation)
* C:\Windows\System32\spoolsv.exe (Microsoft Corporation)
* C:\Users\riyad\Downloads\SysinternalsSuite\procexp.exe (Sysinternals - www.sysinternals.com)
* C:\Windows\system32\taskeng.exe (Microsoft Corporation)
C:\Windows\system32\TODDSrv.exe (TOSHIBA Corporation)
* C:\Program Files\Winamp\winamp.exe (Nullsoft)
* C:\Windows\system32\audiodg.exe (Microsoft Corporation)
* C:\Windows\system32\WUDFHost.exe (Microsoft Corporation)
* C:\Windows\Explorer.EXE (Microsoft Corporation)
* C:\Windows\system32\rundll32.exe (Microsoft Corporation)
* C:\Windows\system32\winlogon.exe (Microsoft Corporation)
* c:\windows\System32\smss.exe (Microsoft Corporation)
* C:\Windows\system32\wininit.exe (Microsoft Corporation)
* C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)

Unrated items
-------------
002 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
002 C:\Program Files\Process Lasso\processgovernor.exe (Bitsum Technologies)
002 * C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
003 C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
003 C:\Program Files\Process Lasso\ProcessLasso.exe (Bitsum Technologies)
010 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira AntiVir Personal - Free Antivirus Guard)
010 C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira AntiVir Personal - Free Antivirus Scheduler)
010 C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service)
010 C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (ConfigFree Service)
010 C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (InstallDriver Table Manager)
010 * C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee SiteAdvisor Service)
010 C:\Windows\system32\IoctlSvc.exe (PLFlash DeviceIoControl Service)
010 C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (ServiceLayer)
010 C:\Windows\system32\TODDSrv.exe (TOSHIBA Optical Disc Drive Service)
010 C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Burning Helper)
011 * C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys (avgio)
011 * C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (avgntflt)
011 * C:\Windows\system32\DRIVERS\avipbb.sys (avipbb)
011 * C:\Windows\system32\DRIVERS\inspect.sys (Comodo Firewall Network Driver)
011 * C:\Windows\System32\DRIVERS\cmdhlp.sys (COMODO Firewall Pro Helper Driver)
011 * C:\Windows\System32\DRIVERS\cmdguard.sys (COMODO Firewall Pro Sandbox Driver)
011 * C:\Windows\System32\Drivers\GEARAspiWDM.sys (GEARAspiWDM)
011 C:\Windows\System32\DRIVERS\gmer.sys (gmer)
011 * C:\Windows\System32\drivers\keyscrambler.sys (KeyScrambler)
011 * C:\Windows\System32\Drivers\PxHelp20.sys (PxHelp20)
011 C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SASDIFSV)
011 C:\Program Files\SUPERAntiSpyware\SASENUM.SYS (SASENUM)
011 C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SASKUTIL)
011 * C:\Windows\system32\DRIVERS\ssmdrv.sys (ssmdrv)
011 * C:\Windows\system32\DRIVERS\SynTP.sys (Synaptics TouchPad Driver)
031 * c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll {5513F07E-936B-4E52-9B00-067394E91CC5}
041 C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (Ask.com) {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}
041 * c:\program files\google\googletoolbar1.dll (Google Inc.) {2318C2B1-4965-11d4-9B18-009027A5CD4F}
041 * c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}
042 GUID / CLSID not found {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
042 GUID / CLSID not found {5C106A59-CC3C-4caa-81A4-6D909B5ACE23}
042 GUID / CLSID not found {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}
042 GUID / CLSID not found {7F9DB11C-E358-4ca6-A83D-ACC663939424}
042 GUID / CLSID not found {0026439F-A980-4f18-8C95-4F1CBBF9C1D8}
042 GUID / CLSID not found {92780B25-18CC-41C8-B9BE-3C9C571A8263}
042 GUID / CLSID not found {2670000A-7350-4f3c-8081-5663EE0C6C49}
045 C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (Ask.com) {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
045 * c:\program files\google\googletoolbar1.dll (Google Inc.) {2318C2B1-4965-11D4-9B18-009027A5CD4F}
050 C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}
052 GUID / CLSID not found {C920E44A-7F78-4E64-BDD7-A57026E7FEB7}
052 C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (Ask.com) {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}
052 * c:\program files\google\googletoolbar1.dll (Google Inc.) {AA58ED58-01DD-4d91-8333-CF10577473F7}
052 * C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll (Google Inc.) {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
052 C:\Program Files\IEPro\iepro.dll (IE7Pro.com) {00011268-E188-40DF-A514-835FCD78B1BF}
052 * C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation) {2B9F5787-88A5-4945-90E7-C4B18563BC5E}
052 * c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll {B164E929-A1B6-4A06-B104-2CD0E90A88FF}
061 C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.) {9999A076-A9E2-4C99-8A2B-632FC9429223}
061 * C:\Windows\system32\erasext.dll (-) {8BE13461-936F-11D1-A87D-444553540000}
061 C:\PROGRA~1\Glary Utilities\ContextHandler.dll (GlarySoft.com) {72923739-5A47-40A3-9895-25AF0DFBB9E4}
061 C:\Program Files\Nokia\Nokia PC Suite 7\phonebrowser.dll (Nokia) {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}
061 C:\Program Files\Sun\StarOffice 8\program\shlxthdl.dll (Sun Microsystems, Inc.) {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}
061 C:\Program Files\Sun\StarOffice 8\program\shlxthdl.dll (Sun Microsystems, Inc.) {087B3AE3-E237-4467-B8DB-5A38AB959AC9}
061 C:\Program Files\Sun\StarOffice 8\program\shlxthdl.dll (Sun Microsystems, Inc.) {63542C48-9552-494A-84F7-73AA6A7C99C1}
061 C:\Program Files\Sun\StarOffice 8\program\shlxthdl.dll (Sun Microsystems, Inc.) {3B092F0C-7696-40E3-A80F-68D74DA84210}
061 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
061 C:\PROGRA~1\ZIPGEN~1\contmenu.dll (M.Dev Software) {C169E5F0-E2B3-41F3-B81A-7BA529CBE193}
062 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (Adobe Systems, Inc.) {F9DB5320-233E-11D1-9F84-707F02C10627}
062 C:\Program Files\Sun\StarOffice 8\program\shlxthdl.dll (Sun Microsystems, Inc.) {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}
067 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
073 Check Updates for Windows Live Toolbar.job : C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE (Microsoft Corporation)
073 GlaryInitialize.job : C:\Program Files\Glary Utilities\initialize.exe (GlarySoft.com)
104 * C:\Windows\Downloaded Program Files\CONFLICT.1\tgctlsr.dll (Symantec, Inc.) {44990301-3C9D-426D-81DF-AAB636FA4345}
105 &Windows Live Search : res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
105 Add to Google Photos Screensa&ver : res://C:\Windows\system32\GPhotos.scr/200
105 Add to Windows &Live Favorites : http://favorites.live.com/quickadd.aspx
105 E&xport to Microsoft Excel : res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
105 Search In &All Reference : C:\Program Files\Dictionary.com\Dictionary.com Toolbar\all_reference.htm
105 Search In &Dictionary : C:\Program Files\Dictionary.com\Dictionary.com Toolbar\dictionary.htm
105 Search In &Encyclopedia : C:\Program Files\Dictionary.com\Dictionary.com Toolbar\encyclopedia.htm
105 Search In &Thesaurus : C:\Program Files\Dictionary.com\Dictionary.com Toolbar\thesaurus.htm
105 Search In &Web : C:\Program Files\Dictionary.com\Dictionary.com Toolbar\web.htm
107 C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
120 NameServer {AC63787E-4503-4134-B300-888FEB69E60D} : 202.56.240.5 202.56.250.6
121 C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL (Google)
145 * C:\Windows\system32\drivers\keyscrambler.sys (QFX Software Corporation)
173 * C:\Windows\system32\erasext.dll (-) {8BE13461-936F-11D1-A87D-444553540000}
173 C:\PROGRA~1\Glary Utilities\ContextHandler.dll (GlarySoft.com) {72923739-5A47-40A3-9895-25AF0DFBB9E4}
173 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
173 C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL (SUPERAntiSpyware.com) SUPERAntiSpyware Context Menu
173 C:\PROGRA~1\ZIPGEN~1\contmenu.dll (M.Dev Software) {C169E5F0-E2B3-41F3-B81A-7BA529CBE193}
221 * C:\Windows\system32\erasext.dll (-) {8BE13461-936F-11D1-A87D-444553540000}
221 C:\PROGRA~1\Glary Utilities\ContextHandler.dll (GlarySoft.com) {72923739-5A47-40A3-9895-25AF0DFBB9E4}
221 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
221 C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL (SUPERAntiSpyware.com) SUPERAntiSpyware Context Menu
221 C:\PROGRA~1\ZIPGEN~1\contmenu.dll (M.Dev Software) {C169E5F0-E2B3-41F3-B81A-7BA529CBE193}
225 * C:\Windows\system32\erasext.dll (-) {8BE13461-936F-11D1-A87D-444553540000}
225 * C:\Windows\system32\erasext.dll (-) {8BE13461-936F-11D1-A87D-444553540000}
225 C:\PROGRA~1\Glary Utilities\ContextHandler.dll (GlarySoft.com) {72923739-5A47-40A3-9895-25AF0DFBB9E4}
225 C:\PROGRA~1\Glary Utilities\ContextHandler.dll (GlarySoft.com) {72923739-5A47-40A3-9895-25AF0DFBB9E4}
225 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
225 C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
227 C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL (SUPERAntiSpyware.com) SUPERAntiSpyware Context Menu
227 C:\PROGRA~1\ZIPGEN~1\contmenu.dll (M.Dev Software) {C169E5F0-E2B3-41F3-B81A-7BA529CBE193}
231 C:\Program Files\Sun\StarOffice 8\program\shlxthdl.dll (Sun Microsystems, Inc.) OpenOffice.org Column Handler
231 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (Adobe Systems, Inc.) PDF Column Info
241 GUID / CLSID not found {B19BA1A8-02E5-4283-9DEF-C7DC97E570B7}

Missing files
-------------
011 C:\Windows\system32\drivers\ASWave.sys
011 c:\windows\system32\drivers\blbdrive.sys
011 c:\windows\system32\DRIVERS\ipinip.sys
011 c:\windows\system32\DRIVERS\nwlnkflt.sys
011 c:\windows\system32\DRIVERS\nwlnkfwd.sys
011 C:\Windows\system32\drivers\Tosrfcom.sys
032 rdpclip
042 http:
073 C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe
121 AS_WAVEHook.dll C:\Windows\system32\guard32.dll C:\Windows\system32\cssdll32.dll

BC AdBot (Login to Remove)

 


#2 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:06:15 PM

Posted 31 August 2008 - 07:00 AM

Your overlapping and redundant(duplicate) security protections would seem to be the problem, I am not sure that any malware scan could be trusted with the system conflicts you must be having.

Too much security can be worse than not enough.
Chewy

No. Try not. Do... or do not. There is no try.

#3 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:06:15 PM

Posted 31 August 2008 - 07:08 AM

A further note, if you can't get this problem fixed by uninstalling these potential conflicts, in the future I would rely on avira and winpatrol, they seem to be the top rated free programs. Comodo the same but the other component SafeSurf might be a conflict, too new.

you have several programs of very dubious value, here's just one example

http://www.benedelman.org/spyware/installa...kjeeves-banner/

Edited by DaChew, 31 August 2008 - 07:28 AM.

Chewy

No. Try not. Do... or do not. There is no try.

#4 riyad

riyad
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 31 August 2008 - 08:31 AM

thank you very much to give me an insight on where to start...before i had norton internet security 2007,i removed it and installed avira,now i have comodo as my firewall and i also have threatfire so i think i'll uninstall safe surf and threatfire for now to see if it solves the problem due to the conflicts....thanx again and i'll keep you posted if it solves my problem. :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users