virus ?? keep getting Run DLL messages every few minutes

57 views
Skip to first unread message

Gent_R

unread,
Oct 10, 2011, 3:08:22 PM10/10/11
to FreeFixer User Forum, grus...@yahoo.com
Please help me.
Thanks

FreeFixer v0.59 log
http://www.freefixer.com/
Operating system: Windows Vista Service Pack 2
Log dated 2011-10-10 11:49


Browser Helper Objects (7 whitelisted)
{243B17DE-77C7-46BF-B94B-0B5F309A0E64}, , C:\Program Files\Microsoft
Money\System\mnyside.dll
{5C255C8A-E604-49b4-9D64-90988571CECB}, , (no file specified)
{9421DD08-935F-4701-A9CA-22DF90AC4EA6}, Easy Photo Print, C:\Program
Files\Epson Software\Easy Photo Print\EPTBL.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9}, Java(tm) Plug-In 2 SSV Helper,
C:\Program Files\Java\jre6\bin\jp2ssv.dll
{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}, , (no file specified)

Internet Explorer toolbars (2 whitelisted)
HKLM\..\Toolbar\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo
Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

Basic Internet Explorer settings
HKCU\..\Main, Start Page = http://yahoo.com/
HKCU\..\Desktop\General, Wallpaper = C:\Users\Gena\Documents\Nolo
Documents Backup\Pictures\Pictures\Sasha Pumpkin Patch Fall
2010\IMG_7096.jpg

Registry Startups (15 whitelisted)
HKLM\..\Run, dscactivate = "C:\Program Files\Dell Support Center
\gs_agent\custom\dsca.exe"
HKLM\..\Run, MaxMenuMgr = "C:\Program Files\Seagate\SeagateManager
\FreeAgent Status\StxMenuMgr.exe"
HKLM\..\Run, QuickTime Task = "C:\Program Files\QuickTime\QTTask.exe" -
atboottime
HKLM\..\Run, LTCM Client = C:\Program Files\LTCM Client
\ltcmClient.exe /startup

Autostart shortcuts
Microsoft Find Fast.lnk, , C:\Program Files\Microsoft Office\Office
\FINDFAST.EXE
MozyHome Status.lnk, , C:\Program Files\MozyHome\mozystat.exe
Office Startup.lnk, , C:\Program Files\Microsoft Office\Office\OSA.EXE
PHOTOfunSTUDIO.lnk, , C:\Program Files\Panasonic\PHOTOfunSTUDIO
\PhAutoRun.exe
Yahoo! Widgets.lnk, , C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

Processes (71 whitelisted)
C:\Program Files\Seagate\SeagateManager\FreeAgent Status
\stxmenumgr.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\MozyHome\mozystat.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\Program Files\FreeFixer\freefixer.exe

Services (77 whitelisted)
EpsonBidirectionalService, EpsonBidirectionalService, c:\program files
\common files\epson\ebapi\eebsvc.exe
FreeAgentGoNext Service, Seagate Service, c:\program files\seagate
\seagatemanager\sync\freeagentservice.exe
gupdate, Google Update Service (gupdate), c:\program files\google
\update\googleupdate.exe
mozybackup, MozyHome Backup Service, c:\program files\mozyhome
\mozybackup.exe

Explorer.exe Modules (168 whitelisted)
C:\Program Files\MozyHome\mozyshell.dll
C:\Program Files\MozyHome\LIBEAY32.dll

IExplorer.exe Modules (167 whitelisted)
C:\Program Files\Microsoft Money\System\mnyside.dll
C:\Program Files\Microsoft Money\System\misstub.dll
C:\Program Files\Java\jre6\bin\jp2ssv.dll
C:\Program Files\Java\jre6\bin\MSVCR71.dll

Drivers (44 whitelisted)
SASDIFSV, SASDIFSV, c:\users\gena\appdata\local\temp\sas_selfextract
\sasdifsv.sys (file is missing)
SASKUTIL, SASKUTIL, c:\users\gena\appdata\local\temp\sas_selfextract
\saskutil.sys (file is missing)

Firefox Extensions
Microsoft .NET Framework Assistant, C:\Users\Gena\AppData\Roaming
\Mozilla\Firefox\Profiles\87ardvzz.default\extensions\{20a82645-
c095-46ed-80e3-08825760534b}\install.rdf
Yahoo! Toolbar, C:\Users\Gena\AppData\Roaming\Mozilla\Firefox\Profiles
\87ardvzz.default\extensions\{635abd67-4fe9-1b23-4f01-
e679fa7484c1}\install.rdf

Csrss.exe virtual memory files (296 whitelisted)
C:\Program Files\MozyHome\SSLEAY32.dll
C:\Program Files\MozyHome\LIBEAY32.dll
C:\Program Files\MozyHome\mozyshell.dll
C:\Program Files\MozyHome\backup.dll
C:\PROGRA~1\McAfee\MSC\mscinres.dll
C:\Program Files\Seagate\SeagateManager\Encryption
\SFEConfiguration.dll
C:\Program Files\Seagate\SeagateManager\Backup\MaxBackServiceInt.exe
C:\Program Files\Seagate\SeagateManager\Sync\STXDEVIF.dll
C:\Program Files\Seagate\SeagateManager\Backup\STXDEVIF.dll
C:\Program Files\Seagate\SeagateManager\Sync\synconf.dll
C:\Program Files\McAfee\SiteAdvisor\SaSSHMod.dll
C:\Program Files\Google\Update\1.3.21.69\GoogleCrashHandler.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\WinSxS
\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed
\MFC80U.DLL
C:\Program Files\MozyHome\mozybackup.exe
C:\Program Files\Seagate\SeagateManager\Encryption\SFECopier.dll
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Seagate\SeagateManager\Encryption\SFECrypto.dll
C:\Program Files\Seagate\SeagateManager\Encryption\SFEPassword.dll
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Gena\AppData\Local\Microsoft\Windows\Temporary Internet Files
\Content.IE5\P7IZ2JV1\freefixersetup[1].exe
c:\program files\seagate\seagatemanager\freeagent status
\ot4maxmenu.dll
C:\Windows\System32\spool\drivers\w32x86\3\E_SAG4ST.EXE
C:\Program Files\Driver Whiz\Driver Whiz\DriverWhiz.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_DUPA30.EXE
C:\Program Files\Google\Picasa3\PicasaPhotoViewer.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status
\stxmenumgr.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Yahoo!\Widgets\jsd.dll
C:\Program Files\MozyHome\mozyconf.exe
C:\Windows\twain_32\escndv\escndv.exe
C:\Program Files\Coupons\uninstall.exe
C:\Windows\Installer\{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}
\NewShortcut7_093EA01C878D4FB8BBB75CF2AF29E7A1.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\QuickTime\QTSystem\QuickTime.qts
C:\Program Files\Realtek\RTNICDiag\RTNICDiag.exe
C:\Program Files\Google\Picasa3\Uninstall.exe
C:\Program Files\QuickTime\QTSystem\QTCF.dll
C:\Program Files\LTCM Client\ltcmClient.exe
C:\Program Files\Google\Picasa3\Picasa3.exe
C:\Program Files\Yahoo!\Widgets\js32.dll
C:\Program Files\Seagate\muvee autoProducer 6.1 Seagate Edition
\muveeapp.exe
C:\Program Files\Google\Chrome\Application\14.0.835.202\Installer
\setup.exe
C:\Program Files\Seagate\SeagateManager\ManagerApp\stxmanager.exe
C:\Program Files\Google\Chrome\Application\14.0.835.202\chrome.dll
C:\Program Files\Epson Software\Easy Photo Print\EPQuicker.exe
C:\Program Files\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe
C:\Program Files\Google\Chrome\Application\14.0.835.202\pdf.dll
C:\Program Files\MozyHome\mozystat.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FINSGAA.EXE
C:\Users\Gena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\E-
centives\UninstallCouponActivator.exe
C:\Program Files\InstallShield Installation Information\
{C9D8A041-2963-4B31-8FFC-1500F3DB9293}\setup.exe
C:\Program Files\FreeFixer\freefixer.exe
C:\Program Files\Google\Chrome\Application
\14.0.835.202\ppGoogleNaClPluginChrome.dll
C:\Windows\twain_32\escndv\escfg.exe

The following errors occurred during the scan:
An unexpected exception occurred in the Recently Modified Files
Plugin:
Failed to duplicate handle using 'DuplicateHandle'. System error
message: Access is denied. Error code: 5.

End of FreeFixer log

Roger Karlsson

unread,
Oct 11, 2011, 4:48:53 PM10/11/11
to freefix...@googlegroups.com
Hello Gent_R,

I've examined the log but could not find anything suspicious. What does
the RunDll error message say?

/Roger


Please help me.
Thanks

End of FreeFixer log

--
You received this message because you are subscribed to the Google
Groups "FreeFixer User Forum" group. To post to this group, send email
to freefix...@googlegroups.com. To unsubscribe from this group,
send email to freefixer-for...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/freefixer-forum?hl=en.

Reply all
Reply to author
Forward
0 new messages