|
Gaming Use this board for problem solving and the discussion of PC & Console Gaming issues |
|
Topic Tools |
#1
|
|||
|
|||
(Moved by AM) Help!
so i dont actually know if theres anything wrong with my computer, it will shut down though and sometimes freeze up when playing games so if you could please help me that would be great
here are many computer logs ComboFix Zach - 06-09-24 20:51:29.31 Service Pack 2 |
#2
|
|||
|
|||
2006-09-21 16:20 304,128 --a------ C:\WINDOWS\IsUninst.exe
2006-09-21 16:05 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll 2006-09-21 16:05 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll 2006-09-20 21:34 208,896 --a------ C:\WINDOWS\system32\nvudisp.exe 2006-09-20 21:27 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE 2006-09-20 21:20 127,208 --a------ C:\WINDOWS\system32\mucltui.dll 2006-09-20 20:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe 2006-09-20 20:16 991,232 --a------ C:\WINDOWS\system32\virtear.dll 2006-09-20 20:16 974,848 --a------ C:\WINDOWS\SynthCoreA.Dll 2006-09-20 20:16 720,896 --a------ C:\WINDOWS\system32\Audio3d.dll 2006-09-20 20:16 720,896 --a------ C:\WINDOWS\system32\a3d.dll 2006-09-20 20:16 49,152 --a------ C:\WINDOWS\system32\S11thk32.dll 2006-09-20 20:16 45,056 --a------ C:\WINDOWS\system32\SynthCore11Resources.dll 2006-09-20 20:16 45,056 --a------ C:\WINDOWS\system32\DSndUp.exe 2006-09-20 20:16 45,056 --a------ C:\WINDOWS\system32\CleanUp.exe 2006-09-20 20:16 44 --a------ C:\WINDOWS\system32\msssc.dll 2006-09-20 20:16 40,820 --a------ C:\WINDOWS\system32\Syncor11.dll 2006-09-20 20:16 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2006-09-20 20:16 380,928 --a------ C:\WINDOWS\SynCor.exe 2006-09-20 20:16 30,208 --a------ C:\WINDOWS\system32\wdmioctl.dll 2006-09-20 20:16 1,285,632 --a------ C:\WINDOWS\system32\SMMedia.dll 2006-09-20 20:13 155,648 --a------ C:\WINDOWS\system32\igfxres.dll 2006-09-20 20:12 94,208 --a------ C:\WINDOWS\system32\igfxext.exe 2006-09-20 20:12 90,112 --a------ C:\WINDOWS\system32\igfxzoom.exe 2006-09-20 20:12 880,640 --a------ C:\WINDOWS\system32\igfxress.dll 2006-09-20 20:12 86,016 --a------ C:\WINDOWS\system32\igfxdo.dll 2006-09-20 20:12 739,387 --a------ C:\WINDOWS\system32\ialmdd5.dll 2006-09-20 20:12 61,440 --a------ C:\WINDOWS\system32\iAlmCoIn_v3762.dll 2006-09-20 20:12 49,152 --a------ C:\WINDOWS\system32\ialmrem.dll 2006-09-20 20:12 471,040 --a------ C:\WINDOWS\system32\ialmgdev.dll 2006-09-20 20:12 462,848 --a------ C:\WINDOWS\system32\igfxcfg.exe 2006-09-20 20:12 45,056 --a------ C:\WINDOWS\system32\igfxdgps.dll 2006-09-20 20:12 36,415 --a------ C:\WINDOWS\system32\ialmrnt5.dll 2006-09-20 20:12 339,968 --a------ C:\WINDOWS\system32\igfxsrvc.dll 2006-09-20 20:12 32,768 --a------ C:\WINDOWS\system32\igfxexps.dll 2006-09-20 20:12 225,280 --a------ C:\WINDOWS\system32\igfxpph.dll 2006-09-20 20:12 221,184 --a------ C:\WINDOWS\system32\igfxeud.dll 2006-09-20 20:12 2,273,280 --a------ C:\WINDOWS\system32\ialmgicd.dll 2006-09-20 20:12 155,648 --a------ C:\WINDOWS\system32\igfxtray.exe 2006-09-20 20:12 151,552 --a------ C:\WINDOWS\system32\igfxdiag.exe 2006-09-20 20:12 143,360 --a------ C:\WINDOWS\system32\igfxdev.dll 2006-09-20 20:12 126,976 --a------ C:\WINDOWS\system32\igfxhk.dll 2006-09-20 20:12 126,651 --a------ C:\WINDOWS\system32\ialmdev5.dll 2006-09-20 20:12 118,784 --a------ C:\WINDOWS\system32\hkcmd.exe 2006-09-20 20:12 118,784 --a------ C:\WINDOWS\system32\hccutils.dll 2006-09-20 20:12 103,484 --a------ C:\WINDOWS\system32\ialmdnt5.dll 2006-09-20 20:09 44,875 --a------ C:\WINDOWS\system32\IPrtCnst.dll 2006-09-20 19:39 112,128 --a------ C:\WINDOWS\system32\mapi32.dll 2006-09-20 19:39 0 -rahs---- C:\MSDOS.SYS 2006-09-20 19:39 0 -rahs---- C:\IO.SYS 2006-09-20 19:39 0 --a------ C:\CONFIG.SYS 2006-09-20 19:39 0 --a------ C:\AUTOEXEC.BAT 2006-09-20 19:37 81,920 --a------ C:\WINDOWS\system32\isign32.dll 2006-09-20 19:37 81,920 --a------ C:\WINDOWS\system32\ils.dll 2006-09-20 19:37 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll 2006-09-20 19:37 73,728 --a------ C:\WINDOWS\system32\icwdial.dll 2006-09-20 19:37 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll 2006-09-20 19:37 69,632 --a------ C:\WINDOWS\system32\msconf.dll 2006-09-20 19:37 679,424 --a------ C:\WINDOWS\system32\inetcomm.dll 2006-09-20 19:37 67,584 --a------ C:\WINDOWS\system32\srclient.dll 2006-09-20 19:37 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll 2006-09-20 19:37 64,512 --a------ C:\WINDOWS\system32\acctres.dll 2006-09-20 19:37 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll 2006-09-20 19:37 48,128 --a------ C:\WINDOWS\system32\inetres.dll 2006-09-20 19:37 465,176 --a------ C:\WINDOWS\system32\wuapi.dll 2006-09-20 19:37 45,568 --a------ C:\WINDOWS\system32\safrslv.dll 2006-09-20 19:37 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll 2006-09-20 19:37 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll 2006-09-20 19:37 41,240 --a------ C:\WINDOWS\system32\wups.dll 2006-09-20 19:37 382,464 --a------ C:\WINDOWS\system32\qmgr.dll 2006-09-20 19:37 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll 2006-09-20 19:37 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe 2006-09-20 19:37 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll 2006-09-20 19:37 29,696 --a------ C:\WINDOWS\system32\safrdm.dll 2006-09-20 19:37 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll 2006-09-20 19:37 274,944 --a------ C:\WINDOWS\system32\mstask.dll 2006-09-20 19:37 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll 2006-09-20 19:37 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll 2006-09-20 19:37 239,104 --a------ C:\WINDOWS\system32\srrstr.dll 2006-09-20 19:37 23,040 --a------ C:\WINDOWS\system32\fltmc.exe 2006-09-20 19:37 194,328 --a------ C:\WINDOWS\system32\wuaueng1.dll 2006-09-20 19:37 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll 2006-09-20 19:37 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll 2006-09-20 19:37 173,536 --a------ C:\WINDOWS\system32\wuweb.dll 2006-09-20 19:37 172,312 --a------ C:\WINDOWS\system32\wuauclt1.exe 2006-09-20 19:37 170,496 --a------ C:\WINDOWS\system32\srsvc.dll 2006-09-20 19:37 16,896 --a------ C:\WINDOWS\system32\fltlib.dll 2006-09-20 19:37 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll 2006-09-20 19:37 127,256 --a------ C:\WINDOWS\system32\wucltui.dll 2006-09-20 19:37 124,184 --a------ C:\WINDOWS\system32\wuauclt.exe 2006-09-20 19:37 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll 2006-09-20 19:37 12,288 --a------ C:\WINDOWS\system32\mstinit.exe 2006-09-20 19:37 11,264 --a------ C:\WINDOWS\system32\atrace.dll 2006-09-20 19:37 105,984 --a------ C:\WINDOWS\system32\msoert2.dll 2006-09-20 19:37 1,343,768 --a------ C:\WINDOWS\system32\wuaueng.dll 2006-09-20 19:36 97,792 --a------ C:\WINDOWS\system32\comrepl.dll 2006-09-20 19:36 9,728 --a------ C:\WINDOWS\system32\reset.exe 2006-09-20 19:36 80,384 --a------ C:\WINDOWS\system32\charmap.exe 2006-09-20 19:36 73,216 --a------ C:\WINDOWS\system32\avwav.dll 2006-09-20 19:36 605,696 --a------ C:\WINDOWS\system32\getuname.dll 2006-09-20 19:36 56,832 --a------ C:\WINDOWS\system32\sol.exe 2006-09-20 19:36 55,296 --a------ C:\WINDOWS\system32\freecell.exe 2006-09-20 19:36 54,272 --a------ C:\WINDOWS\system32\stclient.dll 2006-09-20 19:36 5,632 --a------ C:\WINDOWS\system32\write.exe 2006-09-20 19:36 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe 2006-09-20 19:36 44,544 --a------ C:\WINDOWS\system32\hticons.dll 2006-09-20 19:36 4,096 --a------ C:\WINDOWS\system32\rdpcfgex.dll 2006-09-20 19:36 4,096 --a------ C:\WINDOWS\system32\mtxex.dll 2006-09-20 19:36 35,328 --a------ C:\WINDOWS\system32\winchat.exe 2006-09-20 19:36 33,792 --a------ C:\WINDOWS\system32\regini.exe 2006-09-20 19:36 25,600 --a------ C:\WINDOWS\system32\comaddin.dll 2006-09-20 19:36 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll 2006-09-20 19:36 227,840 --a------ C:\WINDOWS\system32\avtapi.dll 2006-09-20 19:36 22,016 --a------ C:\WINDOWS\system32\qwinsta.exe 2006-09-20 19:36 20,992 --a------ C:\WINDOWS\system32\msg.exe 2006-09-20 19:36 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll 2006-09-20 19:36 16,896 --a------ C:\WINDOWS\system32\tsshutdn.exe 2006-09-20 19:36 16,896 --a------ C:\WINDOWS\system32\qappsrv.exe 2006-09-20 19:36 16,384 --a------ C:\WINDOWS\system32\tskill.exe 2006-09-20 19:36 16,384 --a------ C:\WINDOWS\system32\avmeter.dll 2006-09-20 19:36 15,872 --a------ C:\WINDOWS\system32\rwinsta.exe 2006-09-20 19:36 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll 2006-09-20 19:36 15,360 --a------ C:\WINDOWS\system32\logoff.exe 2006-09-20 19:36 147,456 --a------ C:\WINDOWS\system32\comsnap.dll 2006-09-20 19:36 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe 2006-09-20 19:36 14,848 --a------ C:\WINDOWS\system32\tscon.exe 2006-09-20 19:36 14,848 --a------ C:\WINDOWS\system32\shadow.exe 2006-09-20 19:36 138,752 --a------ C:\WINDOWS\system32\sndvol32.exe 2006-09-20 19:36 126,976 --a------ C:\WINDOWS\system32\mshearts.exe 2006-09-20 19:36 119,808 --a------ C:\WINDOWS\system32\winmine.exe 2006-09-20 19:36 114,688 --a------ C:\WINDOWS\system32\calc.exe 2006-09-20 19:36 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd 2006-09-20 19:35 956,416 --a------ C:\WINDOWS\system32\msdtctm.dll 2006-09-20 19:35 93,696 --a------ C:\WINDOWS\system32\tscfgwmi.dll 2006-09-20 19:35 91,136 --a------ C:\WINDOWS\system32\mtxoci.dll 2006-09-20 19:35 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll 2006-09-20 19:35 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll 2006-09-20 19:35 67,072 --a------ C:\WINDOWS\system32\rdshost.exe 2006-09-20 19:35 655,360 --a------ C:\WINDOWS\system32\mstscax.dll 2006-09-20 19:35 625,152 --a------ C:\WINDOWS\system32\catsrvut.dll 2006-09-20 19:35 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe 2006-09-20 19:35 60,416 --a------ C:\WINDOWS\system32\remotepg.dll 2006-09-20 19:35 60,416 --a------ C:\WINDOWS\system32\colbact.dll 2006-09-20 19:35 6,144 --a------ C:\WINDOWS\system32\msdtc.exe 2006-09-20 19:35 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll 2006-09-20 19:35 58,880 --a------ C:\WINDOWS\system32\licwmi.dll 2006-09-20 19:35 56,320 --a------ C:\WINDOWS\system32\servdeps.dll 2006-09-20 19:35 540,160 --a------ C:\WINDOWS\system32\comuid.dll 2006-09-20 19:35 538,624 --a------ C:\WINDOWS\system32\spider.exe 2006-09-20 19:35 498,688 --a------ C:\WINDOWS\system32\clbcatq.dll 2006-09-20 19:35 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe 2006-09-20 19:35 426,496 --a------ C:\WINDOWS\system32\msdtcprx.dll 2006-09-20 19:35 407,552 --a------ C:\WINDOWS\system32\mstsc.exe 2006-09-20 19:35 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll 2006-09-20 19:35 347,136 --a------ C:\WINDOWS\system32\hypertrm.dll 2006-09-20 19:35 343,040 --a------ C:\WINDOWS\system32\mspaint.exe 2006-09-20 19:35 295,424 --a------ C:\WINDOWS\system32\termsrv.dll 2006-09-20 19:35 225,792 --a------ C:\WINDOWS\system32\catsrv.dll 2006-09-20 19:35 20,480 --a------ C:\WINDOWS\system32\qprocess.exe 2006-09-20 19:35 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll 2006-09-20 19:35 185,344 --a------ C:\WINDOWS\system32\cmprops.dll 2006-09-20 19:35 183,808 --a------ C:\WINDOWS\system32\accwiz.exe 2006-09-20 19:35 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll 2006-09-20 19:35 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll 2006-09-20 19:35 147,968 --a------ C:\WINDOWS\system32\rdchost.dll 2006-09-20 19:35 140,800 --a------ C:\WINDOWS\system32\sessmgr.exe 2006-09-20 19:35 131,584 --a------ C:\WINDOWS\system32\sndrec32.exe 2006-09-20 19:35 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe 2006-09-20 19:35 123,392 --a------ C:\WINDOWS\system32\mplay32.exe 2006-09-20 19:35 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll 2006-09-20 19:35 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll 2006-09-20 19:35 11,264 --a------ C:\WINDOWS\system32\icaapi.dll 2006-09-20 19:35 102,912 --a------ C:\WINDOWS\system32\clipbrd.exe 2006-09-20 19:35 1,267,200 --a------ C:\WINDOWS\system32\comsvcs.dll 2006-09-19 23:50 74,240 --a------ C:\WINDOWS\system32\usbui.dll 2006-09-19 23:49 85,020 --a------ C:\WINDOWS\system32\dgsetup.dll 2006-09-19 23:49 8,704 --a------ C:\WINDOWS\system32\batt.dll 2006-09-19 23:49 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll 2006-09-19 23:49 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll 2006-09-19 23:49 69,120 --a------ C:\WINDOWS\NOTEPAD.EXE 2006-09-19 23:49 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll 2006-09-19 23:49 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll 2006-09-19 23:49 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll 2006-09-19 23:49 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll 2006-09-19 23:49 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll 2006-09-19 23:49 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll 2006-09-19 23:49 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll 2006-09-19 23:49 6,656 -ra------ C:\WINDOWS\system32\kbdcz1.dll 2006-09-19 23:49 6,656 -ra------ C:\WINDOWS\system32\kbdcr.dll 2006-09-19 23:49 6,656 -ra------ C:\WINDOWS\system32\KBDAL.DLL 2006-09-19 23:49 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll 2006-09-19 23:49 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll 2006-09-19 23:49 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll 2006-09-19 23:49 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll 2006-09-19 23:49 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll 2006-09-19 23:49 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll 2006-09-19 23:49 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbdycc.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbduzb.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbdur.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbdtat.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbdru1.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbdru.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbdro.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbdpl1.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbdkaz.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbdhu1.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbdbu.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbdblr.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll 2006-09-19 23:49 5,632 -ra------ C:\WINDOWS\system32\kbdaze.dll 2006-09-19 23:49 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll 2006-09-19 23:49 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll 2006-09-19 23:49 15,360 --a------ C:\WINDOWS\TASKMAN.EXE 2006-09-19 23:49 13,312 --a------ C:\WINDOWS\system32\irclass.dll 2006-09-19 23:49 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll 2006-09-19 23:48 74,752 --a------ C:\WINDOWS\system32\storprop.dll |
#3
|
|||
|
|||
Find3M Report
2006-09-24 20:45 -------- d-------- C:\Program Files\Common Files\Microsoft Shared 2006-09-24 16:55 -------- d-------- C:\Program Files\Microsoft Windows OneCare Live 2006-09-24 15:44 -------- d-------- C:\Program Files\MSN 2006-09-24 14:59 -------- d-------- C:\Documents and Settings\Zach\Application Data\MSNInstaller 2006-09-24 14:59 -------- d-------- C:\Documents and Settings\Zach\Application Data\MSN6 2006-09-24 14:43 -------- d---s---- C:\Documents and Settings\Zach\Application Data\Microsoft 2006-09-24 14:40 -------- d-------- C:\Program Files\Atari 2006-09-23 23:49 2508 --a------ C:\Documents and Settings\Zach\Application Data\$_hpcst$.hpc 2006-09-23 23:49 -------- d-------- C:\Program Files\Microsoft ActiveSync 2006-09-22 15:18 12400 --a------ C:\WINDOWS\system32\drivers\secdrv.sys 2006-09-22 15:12 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-09-21 16:52 -------- d-------- C:\Program Files\EA GAMES 2006-09-21 16:20 -------- d-------- C:\Program Files\Acclaim Entertainment 2006-09-21 16:15 -------- d-------- C:\Program Files\Spyware Doctor 2006-09-21 16:05 -------- d-------- C:\Documents and Settings\Zach\Application Data\PC Tools 2006-09-20 21:32 -------- d-------- C:\Program Files\Common Files\InstallShield 2006-09-20 21:21 -------- d-------- C:\Documents and Settings\Zach\Application Data\Macromedia 2006-09-20 21:11 -------- d-------- C:\Documents and Settings\Zach\Application Data\Identities 2006-09-20 20:58 -------- d-------- C:\Program Files\Windows Live Toolbar 2006-09-20 20:57 -------- d-------- C:\Program Files\MSN Messenger 2006-09-20 20:45 -------- d-------- C:\Program Files\Windows Defender 2006-09-20 20:45 -------- d-------- C:\Program Files\MSXML 4.0 2006-09-20 20:41 -------- d-------- C:\Program Files\Internet Explorer 2006-09-20 20:40 -------- d-------- C:\Program Files\Windows Media Player 2006-09-20 20:30 -------- d-------- C:\Program Files\Outlook Express 2006-09-20 20:30 -------- d-------- C:\Program Files\Common Files\System 2006-09-20 20:29 -------- d-------- C:\Program Files\Messenger 2006-09-20 20:19 -------- d-------- C:\Program Files\Intel 2006-09-20 20:16 -------- d-------- C:\Program Files\Analog Devices 2006-09-20 20:05 -------- d-------- C:\Program Files\Common Files 2006-09-20 19:43 -------- d--h----- C:\Program Files\Uninstall Information 2006-09-20 19:39 -------- d-------- C:\Program Files\xerox 2006-09-20 19:39 -------- d-------- C:\Program Files\microsoft frontpage 2006-09-20 19:38 -------- d--h----- C:\Program Files\WindowsUpdate 2006-09-20 19:37 -------- d-------- C:\Program Files\NetMeeting 2006-09-20 19:37 -------- d-------- C:\Program Files\Movie Maker 2006-09-20 19:37 -------- d-------- C:\Program Files\Common Files\Services 2006-09-20 19:37 -------- d-------- C:\Program Files\Common Files\MSSoap 2006-09-20 19:36 -------- d-------- C:\Program Files\Windows NT 2006-09-20 19:36 -------- d-------- C:\Program Files\Online Services 2006-09-20 19:36 -------- d-------- C:\Program Files\MSN Gaming Zone 2006-09-20 19:36 -------- d-------- C:\Program Files\ComPlus Applications 2006-09-19 23:49 -------- d-------- C:\Program Files\Common Files\SpeechEngines 2006-09-19 23:49 -------- d-------- C:\Program Files\Common Files\ODBC 2006-09-19 23:48 62 --ahs---- C:\Documents and Settings\Zach\Application Data\desktop.ini 2006-08-24 11:40 51072 --a------ C:\WINDOWS\system32\drivers\ikhlayer.sys 2006-08-21 02:14 128896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys 2006-08-11 21:45 888832 --a------ C:\WINDOWS\system32\nvmobls.dll 2006-08-11 21:45 581632 --a------ C:\WINDOWS\system32\nvhwvid.dll 2006-08-11 21:45 5611520 --a------ C:\WINDOWS\system32\nvdisps.dll 2006-08-11 21:45 5251072 --a------ C:\WINDOWS\system32\nvdispsr.dll 2006-08-11 21:45 458752 --a------ C:\WINDOWS\system32\nvmccssr.dll 2006-08-11 21:45 45056 --a------ C:\WINDOWS\system32\nvmccsrs.dll 2006-08-11 21:45 3039232 --a------ C:\WINDOWS\system32\nvgames.dll 2006-08-11 21:45 2953216 --a------ C:\WINDOWS\system32\nvvitvsr.dll 2006-08-11 21:45 2928640 --a------ C:\WINDOWS\system32\nvgamesr.dll 2006-08-11 21:45 2904064 --a------ C:\WINDOWS\system32\nvvitvs.dll 2006-08-11 21:45 2859008 --a------ C:\WINDOWS\system32\nvmoblsr.dll 2006-08-11 21:45 229376 --a------ C:\WINDOWS\system32\nvmccs.dll 2006-08-11 21:45 188416 --a------ C:\WINDOWS\system32\nvmccss.dll 2006-08-11 21:45 1732608 --a------ C:\WINDOWS\system32\nvwssr.dll 2006-08-11 21:45 1236992 --a------ C:\WINDOWS\system32\nvwss.dll 2006-08-11 21:44 147456 --a------ C:\WINDOWS\system32\nvcolor.exe 2006-08-11 21:43 86016 --a------ C:\WINDOWS\system32\nvmctray.dll 2006-08-11 21:43 81920 --a------ C:\WINDOWS\system32\nvwddi.dll 2006-08-11 21:43 794624 --a------ C:\WINDOWS\system32\nvcplui.exe 2006-08-11 21:43 7630848 --a------ C:\WINDOWS\system32\nvcpl.dll 2006-08-11 21:43 466944 --a------ C:\WINDOWS\system32\nvshell.dll 2006-08-11 21:43 442368 --a------ C:\WINDOWS\system32\nvappbar.exe 2006-08-11 21:43 425984 --a------ C:\WINDOWS\system32\keystone.exe 2006-08-11 21:43 311296 --a------ C:\WINDOWS\system32\nvexpbar.dll 2006-08-11 21:43 286720 --a------ C:\WINDOWS\system32\nvnt4cpl.dll 2006-08-11 21:43 196608 --a------ C:\WINDOWS\system32\nvapi.dll 2006-08-11 21:43 1662976 --a------ C:\WINDOWS\system32\nvwdmcpl.dll 2006-08-11 21:43 1519616 --a------ C:\WINDOWS\system32\nwiz.exe 2006-08-11 21:43 1470464 --a------ C:\WINDOWS\system32\nview.dll 2006-08-11 21:43 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe 2006-08-11 21:43 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll 2006-08-11 21:43 1011712 --a------ C:\WINDOWS\system32\nvcpluir.dll 2006-08-11 21:42 5636096 --a------ C:\WINDOWS\system32\nvoglnt.dll 2006-08-11 21:42 4496128 --a------ C:\WINDOWS\system32\nv4_disp.dll 2006-08-11 21:42 3958496 --a------ C:\WINDOWS\system32\drivers\nv4_mini.sys 2006-08-11 21:42 35840 --a------ C:\WINDOWS\system32\nvcodins.dll 2006-08-11 21:42 35840 --a------ C:\WINDOWS\system32\nvcod.dll 2006-08-11 21:42 155715 --a------ C:\WINDOWS\system32\nvsvc32.exe 2006-08-04 12:18 613208 --a------ C:\WINDOWS\system32\WINSSWEBAGENT.DLL 2006-07-29 19:32 48936 --a------ C:\WINDOWS\system32\sirenacm.dll 2006-07-21 01:24 72704 --a------ C:\WINDOWS\system32\hlink.dll 2006-06-26 16:13 129832 --a------ C:\WINDOWS\system32\rapi.dll 2006-06-26 16:12 20264 --a------ C:\WINDOWS\system32\ceutil.dll Reg Loading Points *Note* empty entries are not shown [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run] "Spyware Doctor"="" "H/PC Connection Agent"="\"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe\"" "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run] "IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.ex e" "HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.ex e" "Smapp"="C:\\Program Files\\Analog Devices\\SoundMAX\\Smtray.exe" "Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide" "OneCareUI"="\"C:\\Program Files\\Microsoft Windows OneCare Live\\winssnotify.exe\"" "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000001 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="My Current Home Page" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00 ,00,04,00,00,a2,03,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00 ,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff ,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,e1 ,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Cur rentVersion\Run] "Spyware Doctor"="" [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spyware Doctor"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Cur rentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\securityproviders securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job C:\WINDOWS\tasks\MP Scheduled Scan.job Completion time: Sun 09/24/2006 20:52:10.76 ComboFix.txt |
#4
|
|||
|
|||
Hijack this
Logfile of HijackThis v1.99.1 Scan saved at 9:43:56 PM, on 9/24/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MSMPSVC.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Spyware Doctor\sdhelp.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe C:\Program Files\Microsoft Windows OneCare Live\winss.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\SoundMAX\Smtray.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\MICROS~3\rapimgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\DOCUME~1\Zach\LOCALS~1\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?f0536156bfbf4694abc41fadcb30a93c O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?f0536156bfbf4694abc41fadcb30a93c O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/insta...SSWebAgent.CAB O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1158808781381 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: MSMPSVC - Unknown owner - C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MSMPSVC.exe" -n 4 (file missing) O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe i also ran edwido but it found nothing "Silent Runners.vbs", revision 48, http://www.silentrunners.org/ Operating System: Windows XP SP2 Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run \ {++} "Spyware Doctor" = (empty string) "H/PC Connection Agent" = ""C:\Program Files\Microsoft ActiveSync\wcescomm.exe"" [MS] "MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run \ {++} "IgfxTray" = "C:\WINDOWS\system32\igfxtray.exe" ["Intel Corporation"] "HotKeysCmds" = "C:\WINDOWS\system32\hkcmd.exe" ["Intel Corporation"] "Smapp" = "C:\Program Files\Analog Devices\SoundMAX\Smtray.exe" ["Analog Devices, Inc."] "Windows Defender" = ""C:\Program Files\Windows Defender\MSASCui.exe" -hide" [MS] "OneCareUI" = ""C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"" [MS] "NvCplDaemon" = "RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup" [MS] "nwiz" = "nwiz.exe /install" ["NVIDIA Corporation"] "NvMediaCenter" = "RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit" [MS] HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\ {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}\(Default) = (no title provided) -> {HKLM...CLSID} = "PCTools Site Guard" \InProcServer32\(Default) = "C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll" ["PC Tools"] {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM...CLSID} = "Windows Live Sign-in Helper" \InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll" [MS] {B56A7D7D-6927-48C8-A975-17DF180C71AC}\(Default) = (no title provided) -> {HKLM...CLSID} = "PCTools Browser Monitor" \InProcServer32\(Default) = "C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll" ["PC Tools"] {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\(Default) = (no title provided) -> {HKLM...CLSID} = "Windows Live Toolbar Helper" \InProcServer32\(Default) = "C:\Program Files\Windows Live Toolbar\msntb.dll" [MS] HKLM\Software\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved\ "{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension" -> {HKLM...CLSID} = "Display Panning CPL Extension" \InProcServer32\(Default) = "deskpan.dll" [file not found] "{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext" -> {HKLM...CLSID} = "HyperTerminal Icon Ext" \InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."] "{21569614-B795-46b1-85F4-E737A8DC09AD}" = "Shell Search Band" -> {HKLM...CLSID} = "Shell Search Band" \InProcServer32\(Default) = "C:\WINDOWS\system32\browseui.dll" [MS] "{640167b4-59b0-47a6-b335-a6b3c0695aea}" = "Portable Media Devices" -> {HKLM...CLSID} = "Portable Media Devices" \InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS] "{cc86590a-b60a-48e6-996b-41d25ed39a1e}" = "Portable Media Devices Menu" -> {HKLM...CLSID} = "Portable Media Devices Menu" \InProcServer32\(Default) = "C:\WINDOWS\system32\Audiodev.dll" [MS] "{e82a2d71-5b2f-43a0-97b8-81be15854de8}" = "ShellLink for Application References" -> {HKLM...CLSID} = "ShellLink for Application References" \InProcServer32\(Default) = "C:\WINDOWS\system32\dfshim.dll" [MS] "{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}" = "Shell Icon Handler for Application References" -> {HKLM...CLSID} = "Shell Icon Handler for Application References" \InProcServer32\(Default) = "C:\WINDOWS\system32\dfshim.dll" [MS] "{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}" = "Messenger Sharing Folders" -> {HKLM...CLSID} = "My Sharing Folders" \InProcServer32\(Default) = "C:\Program Files\MSN Messenger\fsshext.8.0.0812.00.dll" [MS] "{A70C977A-BF00-412C-90B7-034C51DA2439}" = "NvCpl DesktopContext Class" -> {HKLM...CLSID} = "DesktopContext Class" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"] "{FFB699E0-306A-11d3-8BD1-00104B6F7516}" = "Play on my TV helper" -> {HKLM...CLSID} = "NVIDIA CPL Extension" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvcpl.dll" ["NVIDIA Corporation"] "{1CDB2949-8F65-4355-8456-263E7C208A5D}" = "Desktop Explorer" -> {HKLM...CLSID} = "Desktop Explorer" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"] "{1E9B04FB-F9E5-4718-997B-B8DA88302A47}" = "Desktop Explorer Menu" -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"] "{1E9B04FB-F9E5-4718-997B-B8DA88302A48}" = "nView Desktop Context Menu" -> {HKLM...CLSID} = "nView Desktop Context Menu" \InProcServer32\(Default) = "C:\WINDOWS\system32\nvshell.dll" ["NVIDIA Corporation"] "{49BF5420-FA7F-11cf-8011-00A0C90A8F78}" = "Mobile Device" -> {HKLM...CLSID} = "Mobile Device" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~3\Wcesview.dll" [MS] HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellExecuteHooks\ INFECTION WARNING! "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}" = "Microsoft AntiMalware ShellExecuteHook" -> {HKLM...CLSID} = "Microsoft AntiMalware ShellExecuteHook" \InProcServer32\(Default) = "C:\PROGRA~1\WINDOW~4\MpShHook.dll" [MS] HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ INFECTION WARNING! igfxcui\DLLName = "igfxsrvc.dll" ["Intel Corporation"] Active Desktop and Wallpaper: ----------------------------- Active Desktop is disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellState HKCU\Control Panel\Desktop\ "Wallpaper" = "C:\Documents and Settings\Zach\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp" Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ "SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS] Enabled Scheduled Tasks: ------------------------ "Check Updates for Windows Live Toolbar" -> launches: "C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE" [MS] "MP Scheduled Scan" -> launches: "C:\Program Files\Windows Defender\MpCmdRun.exe Scan -RestrictPrivileges" [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Pa rameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] 000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS] 000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Pa rameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 13 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" -> {HKLM...CLSID} = "Windows Live Toolbar" \InProcServer32\(Default) = "C:\Program Files\Windows Live Toolbar\msntb.dll" [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\Software\Microsoft\Internet Explorer\Extensions\ {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}\ "ButtonText" = "Create Mobile Favorite" "CLSIDExtension" = "{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F}" -> {HKLM...CLSID} = "Create Mobile Favorite" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~3\INetRepl.dll" [MS] {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}\ "MenuText" = "Create Mobile Favorite..." "CLSIDExtension" = "{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F}" -> {HKLM...CLSID} = "Create Mobile Favorite" \InProcServer32\(Default) = "C:\PROGRA~1\MICROS~3\INetRepl.dll" [MS] {FB5F1910-F110-11D2-BB9E-00C04F795683}\ "ButtonText" = "Messenger" "MenuText" = "Windows Messenger" "Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Microsoft Protection Service, msfwsvc, ""C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe"" [MS] MSMPSVC, MSMPSVC, ""C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MSMPSVC.exe" -n 4" [MS] NVIDIA Display Driver Service, NVSvc, "C:\WINDOWS\system32\nvsvc32.exe" ["NVIDIA Corporation"] PC Tools Spyware Doctor, SDhelper, "C:\Program Files\Spyware Doctor\sdhelp.exe" ["PC Tools Research Pty Ltd"] SoundMAX Agent Service, SoundMAX Agent Service (default), "C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe" ["Analog Devices, Inc."] Windows Defender Service, WinDefend, ""C:\Program Files\Windows Defender\MsMpEng.exe"" [MS] Windows Live OneCare, winss, "C:\Program Files\Microsoft Windows OneCare Live\winss.exe" [MS] Windows User Mode Driver Framework, UMWdf, "C:\WINDOWS\system32\wdfmgr.exe" [MS] ---------- + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + The search for DESKTOP.INI DLL launch points on all local fixed drives took 10 seconds. + The search for all Registry CLSIDs containing dormant Explorer Bars took 8 seconds. ---------- (total run time: 46 seconds) |
#5
|
||||
|
||||
I cant see any problems in any of your logs Zach.
Just to be sure that you do not have a rootkit infection, download gmer.zip from here. Once downloaded, doubleclick on gmer.zip and unzip the file to its own folder When you have done this, close all running programs and doubleclick on Gmer.exe to run it and click on Settings. Check the first five settings (see below) System Protection and Tracing Processes Save created processes to the log Drivers Save loaded drivers to the log You will be prompted to restart your computer. Please do so. Run Gmer again and click on the Rootkit tab. Look at the righthand side (under Files) and uncheck all drives with the exception of your C drive and then click on Scan (before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan). When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Save the file and copy the information and post it here please. Warning! Please do not select the "Show all" checkbox during the scan |
#6
|
|||
|
|||
GMER 1.0.11.11384 - http://www.gmer.net
Rootkit 2006-09-26 15:11:48 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.11 ---- SSDT \??\C:\Program Files\ewido anti-spyware 4.0\guard.sys ZwOpenProcess SSDT \??\C:\Program Files\ewido anti-spyware 4.0\guard.sys ZwTerminateProcess ---- EOF - GMER 1.0.11 ---- |
#7
|
||||
|
||||
Nope that's fine too. I am transferring your topic the the Gaming Forum. I am sure you will get the help you need there. Good luck.
|
#8
|
||||
|
||||
Have you made sure that all your drivers are all upto date also can you please can you post your system specs, thx. If they are above I appoligise, I'm just to lazy to read all that, lol.
|
#9
|
|||
|
|||
Metr0 I read all of it and it has no system specs included in all those logs, just what software is on that computer.
|
Bookmarks |
«
Previous Topic
|
Next Topic
»
Topic Tools | |
|
|
Similar Topics | ||||
Topic | Topic Starter | Forum | Replies | Last Post |
Help Please! - moved from XP | DDHarris | Malware Removal | 1 | January 25th, 2009 06:35 AM |
A little help please.... {moved by PL} | n0b0dy | Malware Removal | 7 | November 11th, 2007 04:03 AM |
pop ups - moved by Tom | bol1 | Internet / Browsers | 3 | July 5th, 2007 10:34 PM |
Something is just not right - moved by Tom | Dr J | Windows XP | 13 | March 24th, 2007 06:04 PM |
All times are GMT +1. The time now is 02:52 PM.