Viruses, Spyware and other Nasties RSS Viruses, Spyware and other Nasties RSS

please help - xp explorer crashes

Reply

Join Date: Dec 2007
Posts: 3
Reputation: Gippy is an unknown quantity at this point 
Solved Threads: 0
Gippy Gippy is offline Offline
Newbie Poster

please help - xp explorer crashes

 
0
  #1
Dec 25th, 2007
Hello!
I am having problems with xp explorer crashing at startup and my taskbar and desktop disappearing. I can access the task manager, but when I open explorer it crashes again.
Have tried creating a new user account and still have the same problem.
I have read all important posts and beleive I have done all I can.
Any help is greatly appreciated.
thanks!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:39:20 PM, on 12/25/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Download all by Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Download by Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01016526-5E80-11D8-9E86-0007E96C65AE} (SmartAccess Ctl Class) - https://install.charter.com/diskless/bin/ssctlsma.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - http://creative.com/register/OCXs/Ct...lientNoMFC.cab
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - http://pccheckup.dellfix.com/rel/41/...l/gtdownde.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...91/mcfscan.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - Unknown owner - c:\program files\mcafee.com\agent\mcdetect.exe (file missing)
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O24 - Desktop Component 0: (no name) - http://sirocco.accuweather.com/sat_m...ei/isaegul.gif
O24 - Desktop Component 1: (no name) - http://sirocco.accuweather.com/nx_mo.../inmasirse.gif

--
End of file - 9598 bytes
Reply With Quote Quick reply to this message  
Join Date: Dec 2007
Posts: 3
Reputation: Gippy is an unknown quantity at this point 
Solved Threads: 0
Gippy Gippy is offline Offline
Newbie Poster

Re: please help - xp explorer crashes

 
0
  #2
Dec 26th, 2007
After reading through many other posts, I tried running combofix and this seemed to solve the issue.

Here is the combofix log and a new HJT log.
I would still appreciate an expert analysis of these logs.

thanks!

ComboFix 07-12-26.4 - Rob 2007-12-26 10:13:35.1 - NTFSx86
Running from: C:\Documents and Settings\Rob\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\imgdoc2.dll
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask .exe
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\SYSTEM32\hjllm.ini
C:\WINDOWS\SYSTEM32\hjllm.ini2
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\mlljh.dll
C:\WINDOWS\system32\mlljh.exe
C:\WINDOWS\system32\NeroCheck.exe
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\pthreadVC.dll
C:\WINDOWS\system32\tuvvtuv.dll
C:\WINDOWS\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_NPF
-------\NPF


((((((((((((((((((((((((( Files Created from 2007-11-26 to 2007-12-26 )))))))))))))))))))))))))))))))
.

2007-12-25 12:21 . 2007-12-25 12:21 <DIR> d-------- C:\Program Files\SpywareBlaster
2007-12-25 12:19 . 2007-12-25 12:20 2,566,736 --a------ C:\Program Files\spywareblastersetup351.exe
2007-12-25 12:04 . 2007-12-25 12:04 401,720 --a------ C:\Program Files\HiJackThis.exe
2007-12-25 09:23 . 2007-12-25 09:23 <DIR> d-------- C:\Documents and Settings\Rob\Application Data\Grisoft
2007-12-25 09:22 . 2007-12-25 09:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-25 09:22 . 2007-05-30 07:10 10,872 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\AvgAsCln.sys
2007-12-25 09:17 . 2007-12-25 09:21 12,413,440 --a------ C:\Program Files\avgas-setup-7.5.1.43.exe
2007-12-24 13:52 . 2007-12-24 13:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-12-24 13:51 . 2007-12-25 09:14 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-12-24 13:51 . 2007-12-24 13:51 <DIR> d-------- C:\Documents and Settings\Rob\Application Data\SUPERAntiSpyware.com
2007-12-24 13:50 . 2007-12-24 13:50 5,914,648 --a------ C:\Program Files\SUPERAntiSpyware.exe
2007-12-24 13:25 . 2004-01-21 22:34 <DIR> d-------- C:\Documents and Settings\Hooper\Application Data\Sonic
2007-12-24 13:25 . 2004-01-21 22:36 <DIR> d-------- C:\Documents and Settings\Hooper\Application Data\Jasc Software Inc
2007-12-24 13:22 . 2004-08-04 02:56 15,360 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\ctfmon.exe
2007-12-24 13:22 . 2004-08-04 02:56 15,360 --a------ C:\WINDOWS\SYSTEM32\ctfmon.exe
2007-12-24 11:57 . 2007-12-24 11:57 559,856 --a------ C:\Program Files\WindowsXP-KB906569-v2-x86-ENU.exe
2007-12-24 11:55 . 2007-12-24 11:55 <DIR> d-------- C:\Program Files\WebCyberCoach
2007-12-24 11:53 . 2005-07-04 16:03 1,650,688 --a------ C:\WINDOWS\SYSTEM32\qdiagdwc.ocx
2007-12-24 11:53 . 2004-06-15 15:55 7,882 --a------ C:\WINDOWS\SYSTEM32\GTKCMOS.sys
2007-12-24 11:53 . 2005-02-08 12:37 7,626 --a------ C:\WINDOWS\SYSTEM32\GPCIEnum.sys
2007-12-24 11:53 . 2005-02-09 13:08 7,168 --a------ C:\WINDOWS\SYSTEM32\DLPT64.sys
2007-12-24 11:53 . 2004-06-09 09:29 6,977 --a------ C:\WINDOWS\SYSTEM32\DDMI2.sys
2007-12-24 11:53 . 2005-03-13 16:54 6,656 --a------ C:\WINDOWS\SYSTEM32\DLPT2.sys
2007-12-24 11:53 . 2005-02-08 13:04 5,632 --a------ C:\WINDOWS\SYSTEM32\GPCIEn64.sys
2007-12-24 11:53 . 2005-02-08 15:46 5,120 --a------ C:\WINDOWS\SYSTEM32\GTKCMO64.sys
2007-12-24 11:53 . 2005-02-07 19:07 4,608 --a------ C:\WINDOWS\SYSTEM32\DDMI64.sys
2007-12-24 11:19 . 2007-12-24 11:20 120,680 --a------ C:\Program Files\R57664.EXE
2007-12-24 11:11 . 2007-12-24 11:11 2,521 --a------ C:\Program Files\xp_taskbar_desktop_fixall.vbs
2007-12-24 11:02 . 2007-12-24 11:02 <DIR> d-------- C:\WINDOWS\McAfee.com
2007-12-24 10:49 . 2007-12-24 13:18 <DIR> d-------- C:\Program Files\DellSupport
2007-12-24 10:48 . 2007-12-24 10:48 7,609,896 --a------ C:\Program Files\R157977.EXE
2007-12-24 10:46 . 2007-12-24 10:47 647,728 --a------ C:\Program Files\R92578.EXE
2007-12-24 10:45 . 2007-12-24 10:45 1,134,168 --a------ C:\Program Files\R120895.EXE
2007-12-24 10:38 . 2007-12-24 10:39 537,306 --a------ C:\Program Files\D4600A12.EXE
2007-12-24 10:28 . 2000-10-05 18:05 165,888 --a------ C:\Program Files\setup.exe
2007-12-24 10:26 . 2000-03-23 12:50 446,464 -ra------ C:\WINDOWS\SYSTEM32\hhactivex.dll
2007-12-24 10:26 . 1998-11-10 10:46 328,480 --a------ C:\WINDOWS\SYSTEM32\ssa3d30.ocx
2007-12-24 10:26 . 2002-01-08 17:00 176,128 --a------ C:\WINDOWS\SYSTEM32\RcdScan.dll
2007-12-24 10:25 . 1998-09-24 12:03 171,967 --a------ C:\WINDOWS\SYSTEM32\Odbcjet.hlp
2007-12-24 10:25 . 1998-06-17 23:00 89,360 --a------ C:\WINDOWS\SYSTEM32\VB5DB.DLL
2007-12-24 10:25 . 1998-09-24 12:03 7,348 --a------ C:\WINDOWS\SYSTEM32\Odbcjet.cnt
2007-12-24 10:17 . 2007-12-24 10:20 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2007-12-24 10:16 . 2007-12-24 10:16 <DIR> d-------- C:\Program Files\Security Task Manager
2007-12-24 10:16 . 2007-12-24 10:16 1,570,920 --a------ C:\Program Files\taskmanager17.exe
2007-12-24 01:00 . 2007-12-26 09:50 221,184 --a------ C:\WINDOWS\SYSTEM32\LVCOMSX .EXE
2007-12-24 01:00 . 2007-12-24 01:00 94,208 --a------ C:\WINDOWS\SYSTEM32\igfxtray .exe
2007-12-23 23:17 . 2007-12-23 23:17 <DIR> d-------- C:\WINDOWS\RegistryCleaner
2007-12-23 22:45 . 2007-12-24 00:59 28,672 --a------ C:\WINDOWS\SYSTEM32\DSentry .exe
2007-12-23 22:26 . 2007-12-24 01:00 77,824 --a------ C:\WINDOWS\SYSTEM32\hkcmd .exe
2007-12-23 22:22 . 2007-12-25 12:01 15,360 --a------ C:\WINDOWS\SYSTEM32\ctfmon .exe
2007-12-23 12:53 . 2007-12-23 12:53 <DIR> dr-h----- C:\Documents and Settings\Rob\Application Data\SecuROM
2007-12-23 12:18 . 2007-12-23 12:18 32,764 --a------ C:\WINDOWS\17PHolmes72.exe
2007-12-23 12:15 . 2007-12-24 05:50 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-23 12:15 . 2007-12-23 12:15 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-15 12:17 . 2007-12-15 12:17 108,144 --a------ C:\WINDOWS\SYSTEM32\CmdLineExt.dll
2007-12-15 12:10 . 2007-12-15 12:10 <DIR> d-------- C:\Program Files\Electronic Arts
2007-12-06 13:51 . 2007-12-06 13:51 268 --ah----- C:\sqmdata04.sqm
2007-12-06 13:51 . 2007-12-06 13:51 244 --ah----- C:\sqmnoopt04.sqm
2007-12-05 11:56 . 2007-12-05 11:56 268 --ah----- C:\sqmdata03.sqm
2007-12-05 11:56 . 2007-12-05 11:56 244 --ah----- C:\sqmnoopt03.sqm
2007-12-05 11:16 . 2007-12-05 11:16 268 --ah----- C:\sqmdata02.sqm
2007-12-05 11:16 . 2007-12-05 11:16 244 --ah----- C:\sqmnoopt02.sqm
2007-12-03 20:33 . 2007-12-03 20:33 823,296 --a------ C:\WINDOWS\SYSTEM32\divx_xx0c.dll
2007-12-03 20:33 . 2007-12-03 20:33 823,296 --a------ C:\WINDOWS\SYSTEM32\divx_xx07.dll
2007-12-03 20:33 . 2007-12-03 20:33 802,816 --a------ C:\WINDOWS\SYSTEM32\divx_xx11.dll
2007-12-03 20:33 . 2007-12-03 20:33 682,496 --a------ C:\WINDOWS\SYSTEM32\DivX.dll
2007-12-03 20:33 . 2007-12-03 20:33 630,784 --a------ C:\WINDOWS\SYSTEM32\divxdec.ax
2007-12-03 18:30 . 2007-12-03 18:30 <DIR> d-------- C:\Program Files\Western Digital Technologies
2007-11-29 20:14 . 2007-11-29 20:14 268 --ah----- C:\sqmdata01.sqm
2007-11-29 20:14 . 2007-11-29 20:14 244 --ah----- C:\sqmnoopt01.sqm
2007-11-29 17:30 . 2007-11-29 17:30 3,596,288 --a------ C:\WINDOWS\SYSTEM32\qt-dx331.dll
2007-11-29 17:30 . 2007-11-29 17:30 1,044,480 --a------ C:\WINDOWS\SYSTEM32\libdivx.dll
2007-11-29 17:30 . 2007-11-29 17:30 524,288 --a------ C:\WINDOWS\SYSTEM32\DivXsm.exe
2007-11-29 17:30 . 2007-11-29 17:30 200,704 --a------ C:\WINDOWS\SYSTEM32\ssldivx.dll
2007-11-29 17:30 . 2007-11-29 17:30 4,816 --a------ C:\WINDOWS\SYSTEM32\divxsm.tlb
2007-11-29 17:28 . 2007-11-29 17:28 196,608 --a--c--- C:\WINDOWS\SYSTEM32\dtu100.dll
2007-11-29 17:28 . 2007-11-29 17:28 81,920 --a--c--- C:\WINDOWS\SYSTEM32\dpl100.dll
2007-11-29 17:28 . 2007-11-29 17:28 416 --a------ C:\WINDOWS\SYSTEM32\dtu100.dll.manifest
2007-11-29 17:28 . 2007-11-29 17:28 416 --a------ C:\WINDOWS\SYSTEM32\dpl100.dll.manifest
2007-11-28 16:55 . 2007-11-28 16:55 156,992 --a------ C:\WINDOWS\SYSTEM32\DivXCodecVersionChecker.exe
2007-11-28 16:53 . 2007-11-28 16:53 593,920 --a--c--- C:\WINDOWS\SYSTEM32\dpuGUI11.dll
2007-11-28 16:53 . 2007-11-28 16:53 352,401 --a------ C:\WINDOWS\SYSTEM32\DivXMedia.ax
2007-11-28 16:53 . 2007-11-28 16:53 344,064 --a--c--- C:\WINDOWS\SYSTEM32\dpus11.dll
2007-11-28 16:53 . 2007-11-28 16:53 294,912 --a--c--- C:\WINDOWS\SYSTEM32\dpu11.dll
2007-11-28 16:53 . 2007-11-28 16:53 294,912 --a--c--- C:\WINDOWS\SYSTEM32\dpu10.dll
2007-11-28 16:53 . 2007-11-28 16:53 57,344 --a--c--- C:\WINDOWS\SYSTEM32\dpv11.dll
2007-11-28 16:53 . 2007-11-28 16:53 53,248 --a--c--- C:\WINDOWS\SYSTEM32\dpuGUI10.dll
2007-11-28 16:52 . 2007-11-28 16:52 12,288 --a------ C:\WINDOWS\SYSTEM32\DivXWMPExtType.dll
2007-11-26 15:44 . 2007-11-26 15:44 <DIR> d-------- C:\Documents and Settings\Rob\Application Data\MSN6
2007-11-26 15:44 . 2007-11-26 15:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MSN6

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-26 15:24 --------- d-----w C:\Program Files\D-Tools
2007-12-26 15:23 --------- d-----w C:\Program Files\QuickTime
2007-12-26 13:13 9,646 ----a-w C:\Program Files\hijackthis.log
2007-12-26 05:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2007-12-24 18:50 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-12-24 16:55 --------- d--ha-w C:\Documents and Settings\All Users\Application Data\GTek
2007-12-24 16:15 --------- d-----w C:\Program Files\America Online 9.0b
2007-12-24 15:57 --------- d-----w C:\Program Files\Common Files\Adobe
2007-12-24 15:52 --------- d--h--w C:\Documents and Settings\Rob\Application Data\GTek
2007-12-24 15:46 --------- d-----w C:\Program Files\Dell
2007-12-24 15:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\Dell
2007-12-24 15:43 --------- d-----w C:\Program Files\AIM6
2007-12-24 15:25 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-24 11:39 --------- d-----w C:\Program Files\Viewpoint
2007-12-24 11:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2007-12-24 03:35 --------- d-----w C:\Documents and Settings\Rob\Application Data\uTorrent
2007-12-24 03:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software
2007-12-23 17:32 --------- d-----w C:\Program Files\MSN Messenger
2007-12-23 17:27 --------- d-----w C:\Program Files\PeerGuardian2
2007-12-11 18:44 --------- d-----w C:\Program Files\DivX
2007-12-02 13:05 --------- d-----w C:\Program Files\dvdSanta
2007-11-30 00:51 --------- d-----w C:\Program Files\MP3Gain
2007-11-28 22:00 --------- d-----w C:\Program Files\Audio Converter
2007-11-28 21:58 --------- d-----w C:\Program Files\Monkey's Audio
2007-11-22 16:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2007-11-17 14:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\SlySoft
2007-11-17 14:48 --------- d-----w C:\Program Files\SlySoft
2007-11-17 14:45 1,133 ----a-w C:\Program Files\SlySoft.AnyDVD.HD.v6.1.9.3.Multilingual.WinALL-BRD.torrent
2007-11-15 14:03 --------- d-----w C:\Program Files\mIRC
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-08 16:18 --------- d--h--w C:\Program Files\Zero G Registry
2007-11-08 16:17 --------- d-----w C:\Program Files\Gcom
2007-11-06 14:07 --------- d-----w C:\Program Files\Java
2007-11-01 16:47 --------- d-----w C:\Program Files\Picasa2
2007-10-28 17:16 96,832 ----a-w C:\WINDOWS\system32\drivers\AnyDVD.sys
2007-07-11 14:00 16,125,952 ----a-w C:\Program Files\ZENVisionM_60GB_PCFW_L21_1_21_02.exe
2007-06-23 14:43 3,420,605 ----a-w C:\Program Files\doc2img2_setup.exe
2007-06-20 09:46 643,144 ----a-w C:\Program Files\XviD-1.1.2-01112006.exe
2007-06-10 15:42 26,811,404 ----a-w C:\Program Files\SUPERsetup.exe
2007-05-29 13:49 3,500,012 ----a-w C:\Program Files\XP Smoker Pro v5.2 Setup.exe
2007-05-29 13:48 47 ----a-w C:\Program Files\Torrent downloaded from Demonoid.com.txt
2007-05-29 13:48 398 ----a-w C:\Program Files\Read Me[baseball2525].txt
2007-05-29 13:45 3,100 ----a-w C:\Program Files\XP_Smoker_Pro_v5_2_(Latest_Version_No_Seria_Crack_Patch_Needed)-++Demonoid.com++_369896.0724.torrent
2007-03-28 22:41 2,251 ----a-w C:\Program Files\sg_backup_2007-03-28-1841.spg
2007-03-28 22:41 2,251 ----a-w C:\Program Files\FirstBackup.spg
2007-03-28 22:31 610,304 ----a-w C:\Program Files\TCPOptimizer.exe
2007-03-28 22:01 701,912 ----a-w C:\Program Files\infinst_autol.exe
2007-03-28 21:58 163,840 ----a-w C:\Program Files\chiputil.exe
2007-03-22 12:39 16,121,856 ----a-w C:\Program Files\ZENVisionM_60GB_PCFW_L21_1_20_02.exe
2007-03-05 13:57 1,382,289 ----a-w C:\Program Files\MP4Cam2AVI_v2.51.zip
2007-02-20 22:56 2,367,762 ----a-w C:\Program Files\Vdownloader.rar
2007-02-06 17:19 525,012 ----a-w C:\Program Files\lame3.97.zip
2007-02-06 17:06 1,328,058 ----a-w C:\Program Files\lame-3.97.tar.tar
2007-02-06 15:35 4,131,192 ----a-w C:\Program Files\dMC-r12-Registered.exe
2007-01-26 15:18 465,423 ----a-w C:\Program Files\imagegrab30en.zip
2007-01-26 15:18 2,143,341 ----a-w C:\Program Files\DVDFabDecrypter3052Beta.exe
2007-01-08 14:35 4,708,382 ----a-w C:\Program Files\ZNVM_PCPatch_LA.exe
2007-01-08 14:11 15,851,520 ----a-w C:\Program Files\ZENVisionM_30GB_PCFW_L21_1_61_01.exe
2007-01-07 18:34 2,125,249 -c--a-w C:\Program Files\burrrn_package.exe
2006-12-31 15:48 667,344 ----a-w C:\Program Files\mp3gain-win-1_2_5.exe
2006-12-28 22:41 44,295 ----a-w C:\Program Files\hj-join.zip
2006-12-26 18:30 17,172,599 ----a-w C:\Program Files\setup_blazemp.exe
2006-12-26 16:19 16,179,264 ----a-w C:\Program Files\DivXInstaller.exe
2006-12-12 15:16 344,624 ----a-w C:\Program Files\MCPR.exe
2006-10-19 17:10 1,104,384 ----a-w C:\Program Files\gifsetup.exe
2006-06-25 15:59 12,580,696 ----a-w C:\Program Files\mm20enu.exe
2006-06-25 14:37 5,118,288 ----a-w C:\Program Files\Firefox Setup 1.5.0.4.exe
2006-04-04 13:40 1,592 -c--a-w C:\Program Files\DVD XCopy Platinum.torrent
2006-01-16 15:21 882,489 -c--a-w C:\Program Files\pg2-050918-nt.exe
2006-01-15 17:34 9,352,392 -c--a-w C:\Program Files\Install_MSN_Messenger.exe
2005-12-31 15:36 5,027,808 -c--a-w C:\Program Files\BitTorrent-4.2.2.exe
2005-11-21 16:29 22,460,918 -c--a-w C:\Program Files\Avi2Dvd_Setup_042.exe
2005-09-19 05:06 244,211 -c--a-w C:\Program Files\dMC-AccurateRip.exe
2005-09-07 16:49 475,844 -c--a-w C:\Program Files\OggDS0995.exe
2005-09-07 16:21 12,754,672 -c--a-w C:\Program Files\MP10Setup.exe
2005-09-07 13:17 734,160 -c--a-w C:\Program Files\VobSub_2.23.exe
2005-08-19 04:42 6,871,966 -c--a-w C:\Program Files\Azureus_2.3.0.4_Win32.setup.exe
2005-07-25 17:07 2,667,342 -c--a-w C:\Program Files\foobar2000_0.8.3_special.exe
2005-07-25 16:17 1,325,371 -c--a-w C:\Program Files\foobar2000_0.8.3.exe
2005-06-04 18:35 635,569 -c--a-w C:\Program Files\XviD-1.0.3-20122004.exe
2005-05-05 01:25 24 -c--a-w C:\Program Files\language.set
2005-04-26 04:25 522,682 -c--a-w C:\Program Files\aspi_471a2.exe
2005-04-21 17:38 885,935 -c--a-w C:\Program Files\cdwav193.exe
2005-04-01 16:24 12,624,424 -c--a-w C:\Program Files\TMDV-trial-1[1].6.33.87-en.exe
2005-04-01 05:51 707,047 -c--a-w C:\Program Files\SubRip_1.17.1.exe
2005-03-03 16:55 4,278,741 -c--a-w C:\Program Files\icuii7.exe
2005-01-23 05:14 4,155,032 -c--a-w C:\Program Files\eMule0.44d-Installer.exe
2005-01-13 15:06 843,824 -c--a-w C:\Program Files\SetupDVDDecrypter_3.5.2.0.exe
2005-01-13 15:03 1,718 -c--a-w C:\Program Files\leech.htm
2004-10-27 23:12 2,186,426 -c--a-w C:\Program Files\dvdsantasetup.exe
2004-10-27 20:35 2,186,448 -c--a-w C:\Program Files\rn9493.exe
2004-06-10 14:40 6,104,336 -c--a-w C:\Program Files\acwizard.exe
2004-06-10 14:30 8,676,864 -c--a-w C:\Program Files\AudioConverter.exe
2004-06-10 14:30 3,094,528 -c--a-w C:\Program Files\AudioEdit.exe
2004-05-20 13:51 1,310,934 -c--a-w C:\Program Files\rm_converter.exe
2004-05-06 23:09 27,652,458 -c--a-w C:\Program Files\nero63110.exe
2004-04-23 13:39 6,447,938 -c--a-w C:\Program Files\setup_aed.exe
2004-04-03 16:31 69,632 -c--a-w C:\Program Files\SFTPSetup.exe
2004-03-19 17:58 598,729 -c--a-w C:\Program Files\InstallSageBjShr.exe
2004-02-29 17:18 2,593,792 -c--a-w C:\Program Files\ica32.msi
2005-03-27 14:20 56 -csh--r C:\WINDOWS\SYSTEM32\CD3F8B51E0.sys
2006-05-03 09:06 163,328 --sha-r C:\WINDOWS\SYSTEM32\flvDX.dll
2007-02-21 10:47 31,232 --sha-r C:\WINDOWS\SYSTEM32\msfDX.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" []
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" []
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" []
"DVDSentry"="C:\WINDOWS\System32\DSentry.exe" []
"PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" []
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" []
"mmtask"="c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe" []
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" []
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" []
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoInstrumentation"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DellSupport"="C:\Program Files\Dell Support\DSAgnt.exe" /startup
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"AOLDialer"=C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"HostManager"=C:\Program Files\Common Files\AOL\1103728675\ee\AOLHostManager.exe
"MMTray"=C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
"WinampAgent"=C:\Program Files\Winamp\winampa.exe
"ymetray"="C:\Program Files\Yahoo!\Yahoo! Music Engine\ymetray.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Contents of the 'Scheduled Tasks' folder
"2007-12-23 17:28:22 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-26 10:37:47
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-26 10:41:23 - machine was rebooted
.
2007-12-12 08:06:30 --- E O F ---

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:45:42 AM, on 12/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Download all by Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Download by Net Transport - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01016526-5E80-11D8-9E86-0007E96C65AE} (SmartAccess Ctl Class) - https://install.charter.com/diskless/bin/ssctlsma.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - http://creative.com/register/OCXs/Ct...lientNoMFC.cab
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - http://pccheckup.dellfix.com/rel/41/...l/gtdownde.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...91/mcfscan.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - Unknown owner - c:\program files\mcafee.com\agent\mcdetect.exe (file missing)
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O24 - Desktop Component 0: (no name) - http://sirocco.accuweather.com/sat_m...ei/isaegul.gif
O24 - Desktop Component 1: (no name) - http://sirocco.accuweather.com/nx_mo.../inmasirse.gif

--
End of file - 9762 bytes
Reply With Quote Quick reply to this message  
Join Date: Feb 2004
Posts: 9,989
Reputation: crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold crunchie is a splendid one to behold 
Solved Threads: 756
Moderator
Featured Poster
crunchie's Avatar
crunchie crunchie is offline Offline
Spyware Killer

Re: please help - xp explorer crashes

 
0
  #3
Dec 26th, 2007
Hi and welcome to Daniweb forums .

Stay away from cracks.

==

Log appears to be clean.
Proud member of ASAP (Alliance of Security analysis Professionals).
Opera AVAST anti-virus Comodo Firewall Spywareblaster
Reply With Quote Quick reply to this message  
Join Date: Dec 2007
Posts: 3
Reputation: Gippy is an unknown quantity at this point 
Solved Threads: 0
Gippy Gippy is offline Offline
Newbie Poster

Re: please help - xp explorer crashes

 
0
  #4
Dec 27th, 2007
thank you
Reply With Quote Quick reply to this message  
Reply

Quick Reply to Thread
This thread is more than three months old.
Perhaps start a new thread instead?
Message:



Similar Threads
Other Threads in the Viruses, Spyware and other Nasties Forum
Thread Tools Search this Thread



adware anti-malware anti-virussitesaccessissue antivirus apple attack avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial conficker connect control cyber cybercrime cyberwarfare ddos education email europe exam exploit facebook fake fancheckvirus gaming gtaiv halloween herss.exe hijack hosting internet iphone kaspersky legal logfiles malware mcafee messagelabs microsoft mobile msn nazi news obama onlinethreats paedophile panel parents patch phishing police policeprovirusmba-mblockedinternetaccess president privacy pro problem redirect redirecting reliability report research risk rogueantivirus samhain sans scareware school search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system teen translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses vista war warning windows worm yahoo zeroday
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC