Jump to content

JP6641

Experienced Members
 View Profile  See their activity

  • Posts

    14

  • Joined

  • Last visited

Reputation

0 Neutral
  1. JP6641
    I need to know why FF repeatedly fails to download files annoyingly. I am under NetZero and it trial expires next week. My ISP connection is like a light switch. It too connects and disconnects unexpectedly. Help would be appreciated.
  2. JP6641
    I got my update service going by downloading: WindowsUpdateAgent20-x86. Yeah it works way better than going into the registry or starting and restarting the service. I just reinstalled it and its working so far. I'm on trying to reinstall SP2, but its taking way too long update wise. Im gonna try the CD again and see what happens.
  3. JP6641
    During Dial-a-Fix I get this message 2x: "Error 127: C:\WINDOWSsystem32\qmgr.dll is not unregisterable or the file is corrupted.Your version of qmgr.dll is: 6.2.2600.1106.Please contact dial-a-fix@DjLizard.net so that an exception can be made for your version of this fiel." And no I still cannot turn my firewall on.
  4. JP6641
    Due to an unidentifeid problem, Windwos cannot display Firewall settings.
  5. JP6641
    SDFix: Version 1.87 Run by VJ on Thu 06/14/2007 at 05:31 AM Microsoft Windows XP [Version 5.1.2600] Running From: C:\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting... Normal Mode: Checking Files: No Trojan Files Found Removing Temp Files... ADS Check: Checking C:\WINDOWS\ C:\WINDOWS No streams found. Checking C:\WINDOWS\system32 C:\WINDOWS\system32 No streams found. Checking C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe No streams found. Checking C:\WINDOWS\system32\ntoskrnl.exe C:\WINDOWS\system32\ntoskrnl.exe No streams found. Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] Remaining Files: --------------- Listing Files with Hidden Attributes: C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\Joel\NTUSER.DAT.COPY.TMP.LOG C:\Documents and Settings\VJ\NTUSER.DAT.COPY.TMP.LOG C:\WINDOWS\system32\acbeg.tmp C:\WINDOWS\system32\prutv.tmp C:\WINDOWS\system32\config\default.tmp.LOG C:\WINDOWS\system32\config\software.tmp.LOG C:\WINDOWS\system32\config\system.tmp.LOG Listing User Accounts: User accounts for \\JESUS-O7G2CSL5J Administrator ASPNET Guest HelpAssistant Joel Neno SUPPORT_388945a0 VJ Finished ============================================================================================= Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 5:40:44 AM, on 6/14/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\SiteAdvisor\6066\SAService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\notepad.exe C:\WINDOWS\BCMSMMSG.exe C:\WINDOWS\System32\ctfmon.exe C:\WINDOWS\System32\WgaTray.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\VJ\Desktop\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [bCMSMMSG] BCMSMMSG.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab O20 - Winlogon Notify: rqrronl - rqrronl.dll (file missing) O20 - Winlogon Notify: ssqro - C:\WINDOWS\ O20 - Winlogon Notify: vturp - C:\WINDOWS\ O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe -- End of file - 4669 bytes
  6. JP6641
    GMER 1.0.12.12244 - http://www.gmer.net Rootkit scan 2007-06-13 19:50:29 Windows 5.1.2600 Service Pack 1 ---- Registry - GMER 1.0.12 ---- Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@bbaiigcjghfmpobdijmecdilfodoemhedfml 0x6A 0x61 0x66 0x65 ... Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@abkhcpojpoeklkgidaphlnoepjfadpcnom 0x6A 0x61 0x66 0x65 ... Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@iaaiigcjghfmpobdij 0x61 0x61 0x00 0x00 Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@hakhcpojpoeklkgi 0x61 0x61 0x00 0x00 Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@iaeginchkembmhapoa 0x61 0x61 0x00 0x00 Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@bbaiigcjghfmpobdijmecdilfododmegciah 0x6A 0x61 0x66 0x65 ... Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@abkhcpojpoeklkgidaphlnoepjcagadihj 0x6A 0x61 0x66 0x65 ... Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@bbaiigcjghfmpobdijmeankmpgellnjngfie 0x6A 0x61 0x66 0x65 ... Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@abkhcpojpoeklkgidafhjmgkgckggjpjpd 0x6A 0x61 0x66 0x65 ... Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@bbaiigcjghfmpobdijmeankmdmanppceodoi 0x6A 0x61 0x66 0x65 ... Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{04E9F7C7-7ADF-E339-4EDF-8481E8FE53FE}@abkhcpojpoeklkgidafhjmkkcopmdndcca 0x6A 0x61 0x66 0x65 ... Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1C118E24-2457-15AC-C01D-93999FC44876}@dbamoegnamgaahaapoamgapojjbhdhmjmenbjlei 0x6A 0x61 0x64 0x65 ... Reg \Registry\USER\S-1-5-21-2000478354-688789844-839522115-1007\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1C118E24-2457-15AC-C01D-93999FC44876}@cbgmaglheiednljeihfegldbdggnbgaldpancc 0x6A 0x61 0x64 0x65 ... ---- Files - GMER 1.0.12 ---- ADS C:\Documents and Settings\Neno\Start Menu\Programs\Startup\Registration Tom Clancy's Rainbow Six: Vegas.LNK ---- EOF - GMER 1.0.12 ----
  7. JP6641
    ComboFix 07-06-13.3 - C:\Documents and Settings\VJ\Desktop\ComboFix.exe "VJ" - 2007-06-13 17:58:45 - Service Pack 1 NTFS ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\regedit.com C:\WINDOWS\system32\taskmgr.com ((((((((((((((((((((((((( Files Created from 2007-05-13 to 2007-06-13 ))))))))))))))))))))))))))))))) 2007-06-13 17:48 <DIR> d-------- C:\WINDOWS\Prefetch 2007-06-13 17:39 <DIR> d-------- C:\WINDOWS\LastGood 2007-06-13 17:36 113,944 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-06-13 17:36 1,081,112 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-06-13 17:31 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll 2007-06-13 17:31 13,312 --a------ C:\WINDOWS\system32\irclass.dll 2007-06-13 17:07 <DIR> d-------- C:\WINDOWS\setup.pss 2007-06-13 17:06 <DIR> d-------- C:\WINDOWS\setupupd 2007-06-13 13:15 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-13 09:32 <DIR> d-------- C:\WINDOWS\LastGood.Tmp 2007-06-13 09:10 77,824 --a------ C:\WINDOWS\system32\isign32.dll 2007-06-13 09:10 69,632 --a------ C:\WINDOWS\system32\icwdial.dll 2007-06-13 09:10 61,440 --a------ C:\WINDOWS\system32\icwphbk.dll 2007-06-13 09:10 47,616 --a------ C:\WINDOWS\system32\inetres.dll 2007-06-13 09:10 40,960 --a------ C:\WINDOWS\system32\safrslv.dll 2007-06-13 09:10 39,424 --a------ C:\WINDOWS\system32\safrcdlg.dll 2007-06-13 09:10 33,280 --a------ C:\WINDOWS\system32\racpldlg.dll 2007-06-13 09:10 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe 2007-06-13 09:10 28,672 --a------ C:\WINDOWS\system32\isrdbg32.dll 2007-06-13 09:10 266,240 --a------ C:\WINDOWS\system32\inetcfg.dll 2007-06-13 09:10 26,624 --a------ C:\WINDOWS\system32\safrdm.dll 2007-06-13 09:09 9,728 --a------ C:\WINDOWS\system32\mstinit.exe 2007-06-13 09:09 81,408 --a------ C:\WINDOWS\system32\msoert2.dll 2007-06-13 09:09 73,728 --a------ C:\WINDOWS\system32\ils.dll 2007-06-13 09:09 69,248 --a------ C:\WINDOWS\system32\drivers\sr.sys 2007-06-13 09:09 65,536 --a------ C:\WINDOWS\system32\msconf.dll 2007-06-13 09:09 63,488 --a------ C:\WINDOWS\system32\srclient.dll 2007-06-13 09:09 587,776 --a------ C:\WINDOWS\system32\inetcomm.dll 2007-06-13 09:09 32,256 --a------ C:\WINDOWS\system32\mnmdd.dll 2007-06-13 09:09 250,368 --a------ C:\WINDOWS\system32\mstask.dll 2007-06-13 09:09 24,576 --a------ C:\WINDOWS\system32\nmmkcert.dll 2007-06-13 09:09 228,864 --a------ C:\WINDOWS\system32\msoeacct.dll 2007-06-13 09:09 226,304 --a------ C:\WINDOWS\system32\srrstr.dll 2007-06-13 09:09 221,696 --a------ C:\WINDOWS\system32\qmgr.dll 2007-06-13 09:09 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll 2007-06-13 09:09 159,232 --a------ C:\WINDOWS\system32\schedsvc.dll 2007-06-13 09:09 158,720 --a------ C:\WINDOWS\system32\srsvc.dll 2007-06-13 09:08 98,816 --a------ C:\WINDOWS\system32\clipbrd.exe 2007-06-13 09:08 9,728 --a------ C:\WINDOWS\system32\xolehlp.dll 2007-06-13 09:08 9,216 --a------ C:\WINDOWS\system32\wuauserv.dll 2007-06-13 09:08 9,216 --a------ C:\WINDOWS\system32\icaapi.dll 2007-06-13 09:08 88,064 --a------ C:\WINDOWS\system32\tscfgwmi.dll 2007-06-13 09:08 869,376 --a------ C:\WINDOWS\system32\msdtctm.dll 2007-06-13 09:08 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll 2007-06-13 09:08 83,968 --a------ C:\WINDOWS\system32\mtxoci.dll 2007-06-13 09:08 82,432 --a------ C:\WINDOWS\system32\comrepl.dll 2007-06-13 09:08 75,912 --a------ C:\WINDOWS\system32\rdpwsx.dll 2007-06-13 09:08 61,952 --a------ C:\WINDOWS\system32\rdshost.exe 2007-06-13 09:08 6,144 --a------ C:\WINDOWS\system32\msdtc.exe 2007-06-13 09:08 598,016 --a------ C:\WINDOWS\system32\mstscax.dll 2007-06-13 09:08 582,656 --a------ C:\WINDOWS\system32\catsrvut.dll 2007-06-13 09:08 56,832 --a------ C:\WINDOWS\system32\colbact.dll 2007-06-13 09:08 56,320 --a------ C:\WINDOWS\system32\remotepg.dll 2007-06-13 09:08 54,784 --a------ C:\WINDOWS\system32\msdtclog.dll 2007-06-13 09:08 534,016 --a------ C:\WINDOWS\system32\spider.exe 2007-06-13 09:08 53,248 --a------ C:\WINDOWS\system32\servdeps.dll 2007-06-13 09:08 495,616 --a------ C:\WINDOWS\system32\comuid.dll 2007-06-13 09:08 489,984 --a------ C:\WINDOWS\system32\hypertrm.dll 2007-06-13 09:08 468,480 --a------ C:\WINDOWS\system32\clbcatq.dll 2007-06-13 09:08 44,032 --a------ C:\WINDOWS\system32\rdpclip.exe 2007-06-13 09:08 40,960 --a------ C:\WINDOWS\system32\tscupgrd.exe 2007-06-13 09:08 388,608 --a------ C:\WINDOWS\system32\mstsc.exe 2007-06-13 09:08 359,936 --a------ C:\WINDOWS\system32\msdtcprx.dll 2007-06-13 09:08 339,968 --a------ C:\WINDOWS\system32\mspaint.exe 2007-06-13 09:08 32,768 --a------ C:\WINDOWS\system32\cfgbkend.dll 2007-06-13 09:08 215,040 --a------ C:\WINDOWS\system32\catsrv.dll 2007-06-13 09:08 200,192 --a------ C:\WINDOWS\system32\termsrv.dll 2007-06-13 09:08 20,232 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys 2007-06-13 09:08 18,432 --a------ C:\WINDOWS\system32\qprocess.exe 2007-06-13 09:08 179,200 --a------ C:\WINDOWS\system32\accwiz.exe 2007-06-13 09:08 174,592 --a------ C:\WINDOWS\system32\cmprops.dll 2007-06-13 09:08 16,384 --a------ C:\WINDOWS\system32\mmfutil.dll 2007-06-13 09:08 151,040 --a------ C:\WINDOWS\system32\msdtcuiu.dll 2007-06-13 09:08 14,848 --a------ C:\WINDOWS\system32\rdpsnd.dll 2007-06-13 09:08 135,680 --a------ C:\WINDOWS\system32\rdchost.dll 2007-06-13 09:08 129,024 --a------ C:\WINDOWS\system32\sessmgr.exe 2007-06-13 09:08 124,416 --a------ C:\WINDOWS\system32\sndrec32.exe 2007-06-13 09:08 12,288 --a------ C:\WINDOWS\system32\rdsaddin.exe 2007-06-13 09:08 116,736 --a------ C:\WINDOWS\system32\mplay32.exe 2007-06-13 09:08 115,976 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys 2007-06-13 09:08 11,144 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys 2007-06-13 09:08 100,864 --a------ C:\WINDOWS\system32\clbcatex.dll 2007-06-13 09:08 1,172,992 --a------ C:\WINDOWS\system32\comsvcs.dll 2007-06-13 09:07 57,856 --a------ C:\WINDOWS\system32\licwmi.dll 2007-06-13 09:07 182,400 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys 2007-06-13 09:04 56,576 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2007-06-13 09:04 50,048 --a------ C:\WINDOWS\system32\drivers\DMusic.sys 2007-06-13 09:04 5,888 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2007-06-13 09:02 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2007-06-13 09:01 38,024 --a------ C:\WINDOWS\system32\drivers\termdd.sys 2007-06-13 09:00 71,168 --a------ C:\WINDOWS\system32\storprop.dll 2007-06-13 09:00 10,496 --a------ C:\WINDOWS\system32\drivers\irenum.sys 2007-06-12 21:36 <DIR> d-------- C:\WINDOWS\BDOSCAN8 2007-06-12 21:17 <DIR> d-------- C:\WINDOWS\SoftwareDistribution 2007-06-12 21:12 <DIR> d-------- C:\WINDOWS\system32\CatRoot2 2007-06-12 20:07 <DIR> d-------- C:\Program Files\Sonic 2007-06-12 20:07 <DIR> d-------- C:\Program Files\Common Files\SureThing Shared 2007-06-12 11:52 <DIR> d-------- C:\Program Files\Dell 2007-06-12 11:52 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Dell 2007-06-12 10:18 6,553,600 --a------ C:\DOCUME~1\VJ\ntuser.dat (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-13 23:55:16 -------- d--h--w C:\Program Files\WindowsUpdate 2007-06-13 23:37:18 23,388 ----a-w C:\WINDOWS\system32\emptyregdb.dat 2007-06-13 15:09:57 -------- d-----w C:\Program Files\Movie Maker 2007-06-13 15:08:18 -------- d-----w C:\Program Files\Windows NT 2007-06-13 11:26:48 -------- d--h--w C:\Program Files\InstallShield Installation Information 2007-06-12 15:46:10 6,468 ----a-w C:\WINDOWS\mozver.dat 2007-06-07 13:39:00 -------- d-----w C:\Program Files\Foxit Software 2007-05-25 01:23:00 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll 2007-05-08 23:52:57 -------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2 2007-05-08 22:00:38 -------- d-----w C:\DOCUME~1\VJ\APPLIC~1\LimeWire 2007-05-01 18:52:14 -------- d--h--w C:\DOCUME~1\VJ\APPLIC~1\yahoo! 2007-04-28 15:45:49 -------- d-----w C:\Program Files\NVIDIA Corporation 2007-04-23 16:15:05 135,936 ----a-w C:\WINDOWS\system32\drivers\sp_rsdrv2.sys 2007-04-22 19:17:21 682,232 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2007-04-21 12:46:54 249,856 ------w C:\WINDOWS\Setup1.exe 2007-04-21 12:46:41 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE 2007-04-20 12:12:28 -------- d-----w C:\Program Files\Yahoo! 2007-04-19 07:35:40 240,368 ----a-w C:\WINDOWS\UNBOC.EXE 2007-04-17 18:17:53 -------- d-----w C:\Program Files\Auto Cleaner 2007-04-10 15:26:12 335 ----a-w C:\WINDOWS\mozregistry.dat 2007-04-09 20:46:05 14 ----a-w C:\WINDOWS\system32\getfile.dat 2007-04-09 20:15:53 81,984 ----a-w C:\WINDOWS\system32\bdod.bin 2007-04-08 13:14:43 0 ----a-w C:\WINDOWS\system32\SBRC.dat 2007-04-08 13:14:43 0 ----a-w C:\WINDOWS\system32\SBFC.dat 2007-04-06 23:31:26 1,266,814 --sh--w C:\WINDOWS\system32\prutv.ini2 2007-04-06 22:25:28 1,247,754 --sh--w C:\WINDOWS\system32\prutv.bak2 2007-04-05 00:53:42 81,768 ----a-w C:\WINDOWS\system32\xinput1_3.dll 2007-03-30 21:30:15 1,100 ----a-w C:\WINDOWS\system32\d3d8caps.dat 2007-03-30 21:04:00 1,246,685 --sh--w C:\WINDOWS\system32\prutv.bak1 2007-03-23 21:06:41 1,241,108 --sha-w C:\WINDOWS\system32\acbeg.ini2 2007-03-23 20:33:04 229,376 ----a-w C:\WINDOWS\CMDLIC.DLL 2007-03-23 12:07:56 1,683,280 ----a-w C:\WINDOWS\system32\XpsSvcs.dll 2007-03-23 12:07:54 583,504 ----a-w C:\WINDOWS\system32\XPSSHHDR.dll 2007-03-23 02:25:02 124,928 ----a-w C:\WINDOWS\system32\prntvpt.dll 2007-03-19 02:22:43 6,637,696 ----a-w C:\WINDOWS\system32\exec1.exe 2007-03-14 08:52:10 1,073,152 ----a-w C:\WINDOWS\system32\nvCplUIR.dll 2007-03-14 08:52:08 745,472 ----a-w C:\WINDOWS\system32\nvCplUI.exe 2007-03-14 08:51:52 307,200 ----a-w C:\WINDOWS\system32\nvExpBar.dll 2007-03-13 22:05:04 1,158,883 --sha-w C:\WINDOWS\system32\gjllm.bak2 ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {089FD14D-132B-48FC-8861-0048AE113215}=C:\Program Files\SiteAdvisor\6066\SiteAdv.dll [2007-03-30 09:41] {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}=C:\Program Files\Yahoo!\Common\yiesrvc.dll [2006-10-31 15:29] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 05:59 C:\WINDOWS\BCMSMMSG.exe] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\System32\ctfmon.exe" [2003-07-16 14:26] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "NoVisualStyleChoice"=0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "DisableRegistryTools"=0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\rqrronl] rqrronl.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqro] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vturp] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages scecli scecli scecli scecli scecli scecli [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\WdfLoadGroup] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CBitSpirit] "C:\Program Files\BitSpirit\BitSpirit.exe" /start [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Dell AIO Printer A940"="C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe" *Newly Created Service* - WUAUSERV Contents of the 'Scheduled Tasks' folder 2007-06-08 23:15:42 C:\WINDOWS\tasks\1-Click Maintenance.job ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-13 17:59:57 Windows 5.1.2600 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-06-13 18:00:26 C:\ComboFix-quarantined-files.txt ... 2007-06-13 18:00 --- E O F ---
  8. JP6641
    *BitDefender Online Scanner - Real Time Virus Report* Generated at: Wed, Jun 13, 2007 - 06:44:03 ------------------------------------------------------------------------ *Scan Info* Scanned Files 267926 Infected Files 0 * * *Virus Detected* No virus found. ------------------------------------------------------------------------ This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world. ============================================================================================= Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 6:47:44 AM, on 6/13/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\SiteAdvisor\6066\SAService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Mozilla Firefox\firefox.exe F:\YVD\YGO Virtual Desktop V086.exe F:\Program Files\ronin.exe C:\Documents and Settings\VJ\Desktop\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) F3 - REG:win.ini: load= O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab O20 - Winlogon Notify: rqrronl - rqrronl.dll (file missing) O20 - Winlogon Notify: ssqro - C:\WINDOWS\ O20 - Winlogon Notify: vturp - C:\WINDOWS\ O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe -- End of file - 4455 bytes
  9. JP6641
    Currently scanning with BitDefender.
  10. JP6641
    Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 9:31:02 PM, on 6/12/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\VJ\Desktop\HiJackThis_v2.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) F3 - REG:win.ini: load= O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab O20 - Winlogon Notify: rqrronl - rqrronl.dll (file missing) O20 - Winlogon Notify: ssqro - C:\WINDOWS\ O20 - Winlogon Notify: vturp - C:\WINDOWS\ O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe -- End of file - 3975 bytes
  11. JP6641
    The Firewall turned on temporarly and then off. How do I do all that stuff you said?
  12. JP6641
    everything in the security center is turned-off. I can't seem to enable anything. what should I do?
  13. JP6641
    If I may make a few suggestions ^^ 1. NoScript https://addons.mozilla.org/en-US/firefox/addon/722 <<< Addon page http://noscript.net/ <<< Homepage 2. McAfee SiteAdvisor http://www.siteadvisor.com/download/ie.html <<< Internt Explorer http://www.siteadvisor.com/download/ff.html <<< Mozilla Firefox 3. Update Notifier - https://addons.mozilla.org/en-US/firefox/addon/2098 <<< Addon page http://www.longfocus.com/firefox/updatenotifier/ <<< Homepage
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept