Sitcoms Online - Main Page / Message Boards - Main Page / News Blog / Photo Galleries / DVD Reviews / Buy TV Shows on DVD and Blu-ray

View Today's Active Threads / View New Posts / Mark All Boards Read / Chit Chat Board

Games / Movies / Music / Sports / Random Posts / Politics


Sitcoms Online Message Boards - Forums  

Go Back   Sitcoms Online Message Boards - Forums > Chit Chat
User Name
Password


Welcome to the Sitcoms Online Message Boards - Forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, search, view attachments, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

SitcomsOnline.com News Blog Headlines Twitter Facebook Instagram RSS

The Office Scores on Comedy Central; The Tick Gets 2nd Season on Amazon
Comedy Central Picks Up The Jim Jefferies Show for Second Season; Remembering Donnelly Rhodes from Soap
TCA 2018 Winter Press Tour: More Cable, Crackle, Paramount Network and More
TCA 2018 Winter Press Tour: Cable Roundup of IFC, AMC, Hallmark, Pop and More
Sitcom Stars on Talk Shows; This Week in Sitcoms (Week of January 15, 2018)
SitcomsOnline Digest: American Dad Gets Two Season Renewal at TBS; New Details About Roseanne Reboot
Fri-Yay: What Does the Future Hold for Fox Sitcoms?; TCA 2018 Winter Press Tour: TBS and HBO
Hulu Orders 2nd Season of Future Man; Michael J. Fox Heads Back to Politics on TV
TCA 2018 Winter Press Tour: NBC; grown-ish Premieres Strong on Freeform
TCA 2018 Winter Press Tour: ABC, Includes ABC 2018 Midseason Schedule; Goldbergs Spin-off Pilot Airs Jan. 24
TCA 2018 Winter Press Tour: CBS, CW and Showtime; Remembering Jerry Van Dyke


New on DVD/Blu-ray (November/December/January)

The Wayans Bros. - The Complete Third Season Living Single - The Complete Third Season Alice - The Complete Sixth Season One Day at a Time - The Complete Series Fuller House - The Complete Second Season

11/07 - American Dad! - Volume 12
11/07 - Family Guy - Season Fifteen
11/07 - The Wayans Bros. - The Complete Third Season
11/14 - D.C. Follies - The Complete Series
11/21 - Living Single - The Complete Third Season
11/24 - Grandfathered - Season 1
12/05 - Alice - The Complete Sixth Season
12/05 - One Day at a Time - The Complete Series
12/05 - The Simpsons - The Eighteenth Season
12/05 - South Park - The Complete First Season (Blu-ray) / 2 / 3 / 4 / 5
12/12 - Fuller House - The Complete Second Season
12/19 - South Park - The Complete Sixth Season (Blu-ray) / 7 / 8 / 9 / 10 / 11
01/09 - Girlfriends - The Complete Series
More TV DVD Releases / DVD Reviews Archive / SitcomsOnline Digest


Reply
 
Thread Tools Search this Thread
Old 06-29-2008, 04:27 PM   #16
dawsongirl
Forum Legend
Member
 
Join Date: Jan 04, 2001
Posts: 52,539
Default

Okay...

ComboFix log:
ComboFix 08-06-20.4 - Owner 2008-06-29 15:24:38.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.586 [GMT -5:00]
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\Downloaded Program Files\setup.inf
D:\Autorun.inf
.
((((((((((((((((((((((((( Files Created from 2008-05-28 to 2008-06-29 )))))))))))))))))))))))))))))))
.
2008-06-29 15:08 . 2008-06-29 15:08 <DIR> d-------- C:\WINDOWS\ERUNT
2008-06-29 15:04 . 2008-06-29 15:22 <DIR> d-------- C:\SDFix
2008-06-28 20:18 . 2008-06-28 20:18 <DIR> d-------- C:\Program Files\Trend Micro
2008-06-27 22:35 . 2008-06-27 23:42 <DIR> d-------- C:\Program Files\Network Associates
2008-06-27 22:27 . 2008-06-27 22:27 <DIR> d-------- C:\Program Files\Lavasoft
2008-06-27 22:27 . 2008-06-27 22:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-27 22:26 . 2008-06-27 22:26 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-27 20:44 . 2008-06-28 17:16 <DIR> d-------- C:\Cleaner
2008-06-27 20:41 . 2008-06-27 20:41 <DIR> d-------- C:\Program Files\CCleaner
2008-06-20 20:02 . 2008-06-25 21:21 <DIR> d--h----- C:\$AVG8.VAULT$
2008-06-11 20:54 . 2008-06-13 08:10 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 20:54 . 2008-06-13 08:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-04 20:56 . 2008-06-29 13:38 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2008-06-04 20:56 . 2008-06-04 20:56 <DIR> d-------- C:\Program Files\AVG
2008-06-04 20:56 . 2008-06-04 20:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-06-04 20:56 . 2008-06-04 20:56 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-06-04 20:56 . 2008-06-04 20:56 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-06-04 20:56 . 2008-06-04 20:56 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-29 19:26 --------- d-----w C:\Program Files\ydkj volume 2
2008-06-29 19:25 --------- d-----w C:\Program Files\Hasbro Interactive
2008-06-29 19:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-29 19:24 --------- d-----w C:\Program Files\MumboJumbo
2008-06-29 19:23 --------- d-----w C:\Program Files\iWin.com Games
2008-06-29 19:23 --------- d-----w C:\Program Files\iWin.com
2008-06-29 19:21 --------- d-----w C:\Program Files\FreezeTag
2008-06-29 00:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-26 00:56 --------- d-----w C:\Program Files\a-squared Free
2008-05-31 20:54 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-31 20:07 --------- d-----w C:\Program Files\Mystery Case Files - Madame Fate
2008-05-27 01:47 --------- d-----w C:\Program Files\eMule
2008-05-16 16:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-04 02:29 --------- d-----w C:\Program Files\DesignPro
2008-04-29 16:20 15,648 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2008-04-29 16:19 15,648 ----a-w C:\WINDOWS\system32\drivers\Awrtrd.sys
2008-04-29 16:19 12,960 ----a-w C:\WINDOWS\system32\drivers\Awrtpd.sys
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-03-20 05:28 0 ----a-w C:\Program Files\temp01
2006-07-24 02:46 150 ----a-w C:\Documents and Settings\Owner\hiNoYahtz.dat
2006-07-24 02:45 22 ----a-w C:\Documents and Settings\Owner\Yahtzee.dat
2006-07-09 06:51 147 ----a-w C:\Documents and Settings\Owner\hi.dat
2005-01-19 23:35 513,024 ----a-w C:\Program Files\zsnesw.exe
2003-08-27 20:19 36,963 -c--a-r C:\Program Files\Common Files\SM1updtr.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A8FB8EB3-183B-4598-924D-86F0E5E37085**]
2006-01-24 18:07 220672 --a------ C:\Program Files\PeoplePC\Toolbar\PPCToolbar.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 05:40 218032]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTrayp"="VTtrayp.exe" [2005-11-01 08:15 163840 C:\WINDOWS\system32\VTTrayp.exe]
"VTTimer"="VTTimer.exe" [2005-03-08 07:33 53248 C:\WINDOWS\system32\VTTimer.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-10-07 16:52 737370]
"SM1BG"="C:\WINDOWS\SM1BG.EXE" [2003-08-27 15:20 94208]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 23:24 32768]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2002-09-14 02:42 212992]
"LXSUPMON"="C:\WINDOWS\system32\LXSUPMON.EXE" [2002-03-08 05:02 900096]
"AGRSMMSG"="AGRSMMSG.exe" [2005-10-14 18:29 88203 C:\WINDOWS\AGRSMMSG.exe]
"QUICKCARE"="C:\Program Files\Qwest\QuickCare\bin\sprtcmd.exe" [2006-11-07 21:07 192512]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09 63712]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-24 03:24 282624]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-06-04 20:56 1177368]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BigFix.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BigFix.lnk
backup=C:\WINDOWS\pss\BigFix.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 14:50 155648 C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2006-09-24 03:24 282624 C:\Program Files\QuickTime\qttask.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Java\\jre1.5.0_02\\launch4j-tmp\\yahtzee.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Yahoo! Games\\Slingo Deluxe\\Slingo.exe"=
"C:\\Program Files\\funkitron\\Slingo Deluxe\\Slingo-am-G.exe"=
"C:\\Program Files\\BitLord\\BitLord.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-06-04 20:56]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-06-04 20:56]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-06-04 20:56]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-06-04 20:56]
S3 PortlUSB;PortlUSB;C:\WINDOWS\system32\DRIVERS\YH-820.sys [2004-09-09 21:42]
S3 TucbDriverV32;TucbDriverV32;C:\WINDOWS\system32\drivers\TucbDriverV32.sys [2008-03-13 16:22]
S3 TucbVideo32;TucbVideo32;C:\WINDOWS\system32\DRIVERS\TucbVideo32.sys [2008-03-13 16:22]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f0630c96-b994-11dc-9943-00c0a8ac5f1f**]
\Shell\AutoRun\command - F:\Autorun.exe /run
\Shell\Shell00\Command - F:\Autorun.exe /run
\Shell\Shell01\Command - F:\Autorun.exe /action
\Shell\Shell02\Command - F:\Autorun.exe /uninstall

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{582610B8-E496-4813-993C-4B027173FE38**]
C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-29 15:26:15
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-06-29 15:27:39
ComboFix-quarantined-files.txt 2008-06-29 20:27:29
Pre-Run: 38,353,395,712 bytes free
Post-Run: 38,354,202,624 bytes free
153 --- E O F --- 2008-06-20 00:48:56
  Reply With Quote
Old 06-29-2008, 04:27 PM   #17
dawsongirl
Forum Legend
Member
 
Join Date: Jan 04, 2001
Posts: 52,539
Default

SDFix log:
SDFix: Version 1.198
Run by Owner on Sun 06/29/2008 at 03:12 PM
Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix
Checking Services :

Restoring Default Security Values
Restoring Default Hosts File
Rebooting

Checking Files :
Trojan Files Found:
C:\WINDOWS\system32\braviax.exe - Deleted
C:\WINDOWS\system32\winivstr.exe - Deleted


Removing Temp Files
ADS Check :


Final Check :
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-29 15:19:35
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:0000003c
"TracesSuccessful"=dword:00000030
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Remaining Services :


Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Application Loader"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe:*:Enabled:AOLTsMon"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe:*:Enabled:AOLTopSpeed"
"C:\\Program Files\\Common Files\\AOL\\1137632486\\EE\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1137632486\\EE\\AOLServiceHost.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"="C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"="C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe:*:Enabled:AOL"
"C:\\Program Files\\Java\\jre1.5.0_02\\launch4j-tmp\\yahtzee.exe"="C:\\Program Files\\Java\\jre1.5.0_02\\launch4j-tmp\\yahtzee.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Yahoo! Games\\Slingo Deluxe\\Slingo.exe"="C:\\Program Files\\Yahoo! Games\\Slingo Deluxe\\Slingo.exe:*:Enabled:Slingo r"
"C:\\Program Files\\funkitron\\Slingo Deluxe\\Slingo-am-G.exe"="C:\\Program Files\\funkitron\\Slingo Deluxe\\Slingo-am-G.exe:*:Enabled:Slingo r"
"C:\\Program Files\\BitLord\\BitLord.exe"="C:\\Program Files\\BitLord\\BitLord.exe:*:Enabled:BitLord"
"C:\\Documents and Settings\\Owner\\My Documents\\eMule 0.48a\\eMule\\eMule.exe"="C:\\Documents and Settings\\Owner\\My Documents\\eMule 0.48a\\eMule\\eMule.exe:*:Enabled:eMule"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"E:\\Life\\life.exe"="E:\\Life\\life.exe:*:Enabled:The Game Of Life"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Encore\\Rock & Roll JEOPARDY!\\Rock & Roll JEOPARDY!.exe"="C:\\Program Files\\Encore\\Rock & Roll JEOPARDY!\\Rock & Roll JEOPARDY!.exe:*:Enabled:Rock & Roll JEOPARDY!"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"="C:\\Program Files\\AVG\\AVG8\\avgemc.exe:*:Enabled:avgemc.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
Remaining Files :

File Backups: - C:\SDFix\backups\backups.zip
Files with Hidden Attributes :
Tue 8 Jan 2008 14,210,376 ...H. --- "C:\Program Files\Mystery Case Files - Madame Fate\Madame Fate.exe"
Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Sun 8 Oct 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Wed 21 Nov 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Fri 20 Oct 2006 121,344 ...H. --- "C:\Documents and Settings\Owner\Application Data\MSN6\msnupdate!@#@.exe"
Tue 6 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\fd0264849c01086f3c6b505dc02dbd44\BIT12.tmp"
Sun 8 Oct 2006 4,348 ...H. --- "C:\Documents and Settings\Owner\My Documents\My Music\License Backup\drmv1key.bak"
Tue 31 Oct 2006 20 A..H. --- "C:\Documents and Settings\Owner\My Documents\My Music\License Backup\drmv1lic.bak"
Sun 8 Oct 2006 400 A.SH. --- "C:\Documents and Settings\Owner\My Documents\My Music\License Backup\drmv2key.bak"
Finished!
  Reply With Quote
Old 06-29-2008, 04:29 PM   #18
dawsongirl
Forum Legend
Member
 
Join Date: Jan 04, 2001
Posts: 52,539
Default

HijackThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:31:17 PM, on 6/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Qwest\QuickCare\bin\sprtcmd.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3** - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0** - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Popup-Blocker Class - {52706EF7-D7A2-49AD-A615-E903858CF284** - C:\Program Files\NetZero\qsacc\X1IEBHO.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F** - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43** - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: PPCScamBHO Class - {7E3659A6-4BC5-4d93-B3FD-8B5ACC2FEDED** - C:\Program Files\PeoplePC\Toolbar\ScamGrd.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6** - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: PeoplePal Toolbar - {A8FB8EB3-183B-4598-924D-86F0E5E37085** - C:\Program Files\PeoplePC\Toolbar\PPCToolbar.dll
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [QUICKCARE] C:\Program Files\Qwest\QuickCare\bin\sprtcmd.exe /P QUICKCARE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Amazon Unbox.lnk = ?
O8 - Extra context menu item: Display All Images with Full Quality - res://C:\Program Files\NetZero\qsacc\appres.dll/228
O8 - Extra context menu item: Display Image with Full Quality - res://C:\Program Files\NetZero\qsacc\appres.dll/227
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501** - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501** - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263** - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1** - (no file)
O9 - Extra button: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0** - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0** - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE** - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2** - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2** - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583** - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583** - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683** - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683** - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://hoylegames.sierra.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C** (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3** (StagingUI Object) - http://zone.msn.com/binFrameWork/v10...I.cab55579.cab
O16 - DPF: {09C6CAC0-936E-40A0-BC26-707480103DC3** - http://www.uproar.com/applets/active...side_web18.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC** (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1** (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B** (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC** (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/Pog...rInstaller.CAB
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8** (MSN Games Buddy Invite) - http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134** (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21** - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3** (ZonePAChat Object) - http://zone.msn.com/binframework/v10...t.cab55579.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565** (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24** (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/.../GAME_UNO1.cab
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C** - http://mediaplayer.walmart.com/installer/install.cab
O16 - DPF: {7CCAD6DD-DD0B-440B-91FF-7670F5AADC21** (SpinTop Games Launcher) - http://download-games.pogo.com/onlin...esLauncher.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A** (MJLauncherCtrl Class) - http://messenger.zone.msn.com/EN-US/...jolauncher.cab
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA** (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames...1.cab60096.cab
O16 - DPF: {8C63DABA-CBA8-4B5D-A0F7-AE00F2920929** (Bridge Installer) - http://cdn2.zone.msn.com/Bingame/BRD.../heartbeat.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D** (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {A031D222-B496-11D2-9CC8-00105A10AAF6** - http://hoylegames.sierra.com/cab/WON...herControl.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539** (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {ABB660B6-6694-407B-950A-EDBA5A159722** (DVCDownloadControl) - http://download.games.yahoo.com/game...oadControl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592** (MSN Games - Installer) - http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072** (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {C7E002D6-324B-4500-883D-84B620FD8640** (Bridge Installer) - http://cdn2.zone.msn.com/Bingame/BRD.../heartbeat.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937** (MSN Games Game Communicator) - http://zone.msn.com/binframework/v10...y.cab55579.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A** (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822** (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48** (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF** (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1** - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Amazon Unbox Video Service (ADVService) - Unknown owner - C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe (file missing)
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
--
End of file - 11523 bytes
  Reply With Quote
Old 06-29-2008, 04:30 PM   #19
dawsongirl
Forum Legend
Member
 
Join Date: Jan 04, 2001
Posts: 52,539
Default

My firewall was turned off...should I go ahead and turn it back on? It's just Windows firewall.
  Reply With Quote
Old 06-29-2008, 05:08 PM   #20
robyrob
Moderator
Forum Legend
certified wackball#3
 
robyrob's Avatar
 
Join Date: Aug 03, 2003
Location: hiding under the third booth at Arnold's
Posts: 54,506
Default

yeah, you can turn it back on, you may also want to clear out any System Restore points that might have infected files, by turning System Restore off then reboot and turn it back on again

and it wouldn't be a bad idea to install the Recovery Console

you may want to do an online scan with either Kaspersky or TrendMicro's free online scan
  Reply With Quote
Old 06-29-2008, 09:55 PM   #21
dawsongirl
Forum Legend
Member
 
Join Date: Jan 04, 2001
Posts: 52,539
Default

That little bubble went away and I haven't gotten any alerts. Yay! Maybe it's really gone.

Thanks a bunch, Roby!
  Reply With Quote
Old 06-29-2008, 10:47 PM   #22
robyrob
Moderator
Forum Legend
certified wackball#3
 
robyrob's Avatar
 
Join Date: Aug 03, 2003
Location: hiding under the third booth at Arnold's
Posts: 54,506
Default

Quote:
Originally Posted by dawsongirl
That little bubble went away and I haven't gotten any alerts. Yay! Maybe it's really gone.

Thanks a bunch, Roby!
lets cross our fingers and hope

let me know if it does come back, and you're welcome
  Reply With Quote
Old 06-29-2008, 11:03 PM   #23
Stormtracker TF
Moderator
Forum Idol
Member
 
Stormtracker TF's Avatar
 
Join Date: Jul 19, 2002
Location: Dearborn, Michigan
Posts: 101,793
Default

I also was able to get rid of whatever that was. Thanks.
  Reply With Quote
Old 06-29-2008, 11:26 PM   #24
dawsongirl
Forum Legend
Member
 
Join Date: Jan 04, 2001
Posts: 52,539
Default

Quote:
Originally Posted by Stormtracker TF
I also was able to get rid of whatever that was. Thanks.
Awesome.
  Reply With Quote
Old 02-03-2009, 07:49 PM   #25
LuLu Rogers
Forum Veteran
Colonel Brandon
 
LuLu Rogers's Avatar
 
Join Date: Mar 23, 2004
Location: The Hogwarts Dungeons
Posts: 11,000
Send a message via Yahoo to LuLu Rogers
Default

I have them now
__________________
-Lauren-


"I can teach you how to bewitch the mind and ensnare the senses. I can tell you how to bottle fame, brew glory, and even put a stopper in death."-Professor Severus Snape
  Reply With Quote
Old 02-03-2009, 08:17 PM   #26
dawsongirl
Forum Legend
Member
 
Join Date: Jan 04, 2001
Posts: 52,539
Default

Quote:
Originally Posted by LuLu Rogers
I have them now
Did you try the stuff here? It worked for me.
  Reply With Quote
Old 02-03-2009, 08:50 PM   #27
LuLu Rogers
Forum Veteran
Colonel Brandon
 
LuLu Rogers's Avatar
 
Join Date: Mar 23, 2004
Location: The Hogwarts Dungeons
Posts: 11,000
Send a message via Yahoo to LuLu Rogers
Default

Quote:
Originally Posted by dawsongirl
Did you try the stuff here? It worked for me.

Working on it, what did you do before you went into safe mode?
  Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -5. The time now is 10:40 PM.


Although the administrators and moderators of the Sitcoms Online Message Boards will attempt to keep all objectionable messages off this forum, it is impossible for us to review all messages. All messages express the views of the author, and neither the owners of the Sitcoms Online Message Boards, nor Jelsoft Enterprises Ltd. (developers of vBulletin) will be held responsible for the content of any message. The owners of the Sitcoms Online Message Boards reserve the right to remove, edit, move or close any thread for any reason.

Powered by: vBulletin Version 3.5.0
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.