1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

HELP c++ error (hijack log included)

Discussion in 'Virus & Other Malware Removal' started by f1rem0nkey, Apr 10, 2008.

Thread Status:
Not open for further replies.
  1. f1rem0nkey

    f1rem0nkey Thread Starter

    Joined:
    Apr 10, 2008
    Messages:
    7
    :mad:getting overburn error, and has to shut down explorer.exe. here is my hijack log. :eek: also getting popups and cant stop them. have the sites blocked in my zone alarm, but they somehow make their way through. help on either or both issues please.:(
    Logfile of HijackThis v1.99.1
    Scan saved at 16:33, on 2008-04-10
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
    C:\WINDOWS\system32\inetsrv\inetinfo.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\CDBurnerXP\NMSAccessU.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\Program Files\Spyware Terminator\sp_rsser.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\stsystra.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Azureus\Azureus.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\DAP Premium\DAP.exe
    C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\FrostWire\FrostWire.exe
    C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
    C:\Program Files\STOPzilla!\STOPzilla.exe
    C:\Program Files\Maxthon2\Maxthon.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://aol.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    R3 - URLSearchHook: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\STOPzilla!\SZSG.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: (no name) - {3294CD70-F841-49F8-80BA-2D9BE29F8BBD} - (no file)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7B9AC9EB-E101-4163-AED1-ACE0FEC558CD} - (no file)
    O2 - BHO: (no name) - {8E1BFC0E-8AD2-424D-AC8A-06038481516E} - C:\WINDOWS\system32\geBuSJbc.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
    O2 - BHO: (no name) - {D8A5D95C-D357-4AD4-9244-562A2B1A3FC5} - C:\WINDOWS\system32\nnnkJApO.dll (file missing)
    O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
    O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files\STOPzilla!\SZSG.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP Premium\Privacy Package\dapcleanerie.htm
    O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP Premium\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP Premium\dapextie2.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
    O23 - Service: IntelĀ® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: FireDaemon Service: svchost1 (svchost1) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
    O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
     
  2. f1rem0nkey

    f1rem0nkey Thread Starter

    Joined:
    Apr 10, 2008
    Messages:
    7
    ComboFix 08-04-10.5 - S M 2008-04-10 16:50:40.2 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.308 [GMT -5:00]
    Running from: C:\Documents and Settings\Sindy Mendez\Desktop\ComboFix.exe

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\Common Files\{185EB~1
    C:\WINDOWS\BM1b6d85ea.xml
    C:\WINDOWS\pskt.ini
    C:\WINDOWS\system32\adssite-remove.exe
    C:\WINDOWS\system32\Cache
    C:\WINDOWS\system32\mcrh.tmp
    C:\WINDOWS\system32\OpAJknnn.ini
    C:\WINDOWS\system32\OpAJknnn.ini2

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_SYSTEM
    -------\Legacy_SZKG5
    -------\Service_szkg5


    ((((((((((((((((((((((((( Files Created from 2008-03-10 to 2008-04-10 )))))))))))))))))))))))))))))))
    .

    2008-04-10 16:26 . 2008-04-10 16:51 <DIR> d-------- C:\Documents and Settings\Sindy Mendez\Application Data\MxBoost
    2008-04-10 16:25 . 2008-04-10 16:26 <DIR> d-------- C:\Program Files\Maxthon2
    2008-04-10 16:22 . 2008-04-10 16:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SITEguard
    2008-04-10 16:21 . 2008-04-10 16:21 <DIR> d-------- C:\Program Files\STOPzilla!
    2008-04-10 16:21 . 2008-04-10 16:21 <DIR> d-------- C:\Program Files\Common Files\iS3
    2008-04-10 16:21 . 2008-04-10 17:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\STOPzilla!
    2008-04-09 12:58 . 2008-04-09 12:58 89,070 --a------ C:\WINDOWS\system32\myss_sb_uninstall.exe
    2008-04-09 10:35 . 2008-04-09 10:35 333,824 --a------ C:\WINDOWS\system32\myss_sb.dll
    2008-04-08 20:16 . 2008-04-08 20:16 <DIR> d-------- C:\Program Files\BillP Studios
    2008-04-08 20:16 . 2008-04-08 20:16 <DIR> d-------- C:\Documents and Settings\Sindy Mendez\Application Data\WinPatrol
    2008-04-08 20:12 . 2008-04-08 20:17 <DIR> d-------- C:\WINDOWS\system32\QVJGTGljZW5zZUluZm8=
    2008-04-08 20:12 . 2008-04-08 22:04 <DIR> d-------- C:\Program Files\Advanced Registry Fix
    2008-04-08 20:07 . 2008-04-09 06:01 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
    2008-04-08 20:07 . 2008-04-09 07:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-04-08 19:09 . 2008-04-08 19:09 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Auslogics
    2008-04-08 19:06 . 2008-04-08 19:07 <DIR> d-------- C:\Inetpub
    2008-04-08 19:06 . 2004-08-10 05:00 290,816 --a------ C:\WINDOWS\system32\adsiis.dll
    2008-04-08 19:06 . 2004-08-10 05:00 133,632 --a------ C:\WINDOWS\system32\iisRtl.dll
    2008-04-08 19:06 . 2004-08-10 05:00 68,608 --a------ C:\WINDOWS\system32\iisext.dll
    2008-04-08 19:06 . 2004-08-10 05:00 64,512 --a------ C:\WINDOWS\system32\iismap.dll
    2008-04-08 19:06 . 2004-08-10 05:00 43,520 --a------ C:\WINDOWS\system32\admwprox.dll
    2008-04-08 19:06 . 2004-08-10 05:00 14,336 --a------ C:\WINDOWS\system32\exstrace.dll
    2008-04-08 19:06 . 2004-08-10 05:00 13,312 --a------ C:\WINDOWS\system32\infoadmn.dll
    2008-04-08 19:06 . 2004-08-10 05:00 8,192 --a------ C:\WINDOWS\system32\staxmem.dll
    2008-04-08 19:04 . 2008-04-08 19:04 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Spyware Terminator
    2008-04-08 18:43 . 2008-04-08 18:43 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Acoustica
    2008-04-08 18:10 . 2008-04-08 18:50 <DIR> d-------- C:\Program Files\3B Software
    2008-04-07 21:39 . 2008-04-08 16:33 <DIR> d-------- C:\Program Files\Spyware Terminator
    2008-04-07 21:39 . 2008-04-08 18:21 <DIR> d-------- C:\Documents and Settings\Sindy Mendez\Application Data\Spyware Terminator
    2008-04-07 21:39 . 2008-04-08 16:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
    2008-04-07 21:39 . 2008-04-07 21:39 138,752 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
    2008-04-07 20:09 . 2008-04-08 18:52 <DIR> d-------- C:\Program Files\XoftSpySE
    2008-04-07 20:07 . 2008-04-09 07:13 <DIR> d-------- C:\Program Files\RegistryFix
    2008-04-07 14:45 . 2008-04-07 14:53 <DIR> d-------- C:\Documents and Settings\Michel Marie-sainte\Application Data\AVG7
    2008-04-06 17:09 . 2008-04-06 17:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SupportSoft
    2008-04-06 17:08 . 2008-04-06 17:09 <DIR> d-------- C:\Program Files\Dell Support Center
    2008-04-06 17:08 . 2008-04-06 17:08 <DIR> d-------- C:\Program Files\Common Files\supportsoft
    2008-04-06 16:51 . 2008-04-06 16:55 <DIR> d-------- C:\Program Files\DAP Premium
    2008-04-06 14:55 . 2008-04-06 14:55 <DIR> d-------- C:\Program Files\Auslogics
    2008-04-06 14:55 . 2008-04-06 14:55 <DIR> d-------- C:\Documents and Settings\Sindy Mendez\Application Data\Auslogics
    2008-04-05 07:26 . 2008-04-05 17:43 45 --a------ C:\TEST.XML
    2008-04-02 18:34 . 2008-04-02 18:34 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared
    2008-04-02 18:34 . 2008-04-02 18:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems
    2008-03-22 12:37 . 2008-03-22 12:37 <DIR> d-------- C:\Program Files\Pcsx2_0.9.4
    2008-03-21 15:34 . 2004-10-01 23:02 724,807 --a------ C:\WINDOWS\wallpaper.jpg
    2008-03-21 15:33 . 2008-04-06 11:19 151 --a------ C:\WINDOWS\PhotoSnapViewer.INI
    2008-03-21 15:31 . 2008-03-21 15:31 216,881 --a------ C:\WINDOWS\Warning.jpg
    2008-03-21 15:31 . 2008-03-21 15:31 177,200 --a------ C:\WINDOWS\Warning2.jpg
    2008-03-21 15:31 . 2008-03-21 15:31 153,718 --a------ C:\WINDOWS\Warning_01.bmp
    2008-03-21 15:31 . 2008-03-21 15:31 44,790 --a------ C:\WINDOWS\Warning_Preview.jpg
    2008-03-21 15:31 . 2008-03-21 15:31 31,426 --a------ C:\WINDOWS\ReadMe.htm
    2008-03-21 15:31 . 2008-03-21 15:31 226 --a------ C:\WINDOWS\Warning_08-09.bmp
    2008-03-21 03:01 . 2008-03-21 03:01 <DIR> d-------- C:\Program Files\MSXML 6.0
    2008-03-19 20:45 . 2008-03-19 20:49 <DIR> d-------- C:\Program Files\AutoCAD 2009
    2008-03-19 20:19 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll
    2008-03-19 20:18 . 2008-03-19 20:18 <DIR> d-------- C:\Program Files\MSBuild
    2008-03-19 20:15 . 2008-03-19 20:15 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
    2008-03-19 20:14 . 2008-03-19 20:14 <DIR> d-------- C:\Program Files\Reference Assemblies
    2008-03-19 20:13 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
    2008-03-19 20:11 . 2008-03-19 20:50 <DIR> d-------- C:\Program Files\Common Files\Autodesk Shared
    2008-03-19 20:11 . 2008-03-19 20:32 <DIR> d-------- C:\Program Files\Autodesk
    2008-03-19 20:04 . 2008-03-19 20:04 <DIR> d-------- C:\Program Files\MagicDisc
    2008-03-19 20:04 . 2008-02-18 17:29 96,256 --a------ C:\WINDOWS\system32\drivers\mcdbus.sys
    2008-03-18 07:19 . 2008-03-18 07:19 153,600 --a------ C:\WINDOWS\system32\mysidesearch_sidebar.dll
    2008-03-10 19:12 . 2008-04-06 07:00 <DIR> d-------- C:\Program Files\ArchiCAD 11

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-10 21:58 --------- d-----w C:\Documents and Settings\Sindy Mendez\Application Data\Azureus
    2008-04-10 13:00 --------- d-----w C:\Documents and Settings\Sindy Mendez\Application Data\AVG7
    2008-04-10 00:45 --------- d-----w C:\Documents and Settings\Sindy Mendez\Application Data\Jasc Software Inc
    2008-04-08 23:49 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-04-08 23:45 --------- d-----w C:\Program Files\Common Files\AVSMedia
    2008-04-08 23:44 --------- d-----w C:\Program Files\VstPlugins
    2008-04-08 23:44 --------- d-----w C:\Program Files\Acoustica Mixcraft 3
    2008-04-07 19:54 --------- d-----w C:\Documents and Settings\Caryl Marie-sainte\Application Data\AVG7
    2008-04-06 22:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Dell
    2008-04-06 22:00 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-04-05 22:29 --------- d-----w C:\Program Files\Super Mario Blue Twilight DX
    2008-04-05 22:26 --------- d-----w C:\Program Files\Common Files\Adobe
    2008-04-05 16:52 --------- d-----w C:\Documents and Settings\Sindy Mendez\Application Data\Graphisoft
    2008-04-05 16:47 --------- d-----w C:\Program Files\Graphisoft
    2008-03-23 23:41 --------- d-----w C:\Documents and Settings\Sindy Mendez\Application Data\Autodesk
    2008-03-23 23:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Autodesk
    2008-03-21 20:33 --------- d-----w C:\Program Files\TGTSoft
    2008-03-21 17:46 --------- d-----w C:\Documents and Settings\Sindy Mendez\Application Data\FrostWire
    2008-03-15 00:09 --------- d-----w C:\Program Files\Sims2
    2008-03-14 21:53 --------- d-----w C:\Program Files\Acoustica CD Label Maker
    2008-03-13 02:37 --------- d-----w C:\Documents and Settings\Sindy Mendez\Application Data\Ahead
    2008-03-11 13:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead
    2008-03-11 13:21 --------- d-----w C:\Program Files\Common Files\Ahead
    2008-03-09 23:35 --------- d-----w C:\Documents and Settings\Sindy Mendez\Application Data\AVSMedia
    2008-03-09 23:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\AVS4YOU
    2008-03-09 23:32 --------- d-----w C:\Program Files\Common Files\Download Manager
    2008-03-09 23:32 --------- d-----w C:\Program Files\AVSMedia
    2008-03-06 22:07 --------- d-----w C:\Program Files\Azureus
    2008-03-06 03:22 --------- d-----w C:\Program Files\Copysafe
    2008-03-03 19:16 33,920 ----a-r C:\WINDOWS\system32\drivers\SZKG.sys
    2008-03-01 17:43 --------- d-----w C:\Documents and Settings\Sindy Mendez\Application Data\???????sAppData
    2008-02-25 22:12 --------- d-----w C:\Program Files\MKVTOAVI
    2008-02-25 04:03 --------- d-----w C:\Program Files\HDSoft
    2008-02-23 20:35 --------- d-----w C:\Program Files\Windows Media Connect 2
    2008-02-23 20:32 --------- d-----w C:\Program Files\Copy DVD Gold
    2008-02-23 20:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Droppix
    2008-02-23 20:31 --------- d-----w C:\Program Files\Apple Software Update
    2008-02-23 20:07 --------- d-----w C:\Program Files\FrostWire
    2008-02-23 16:44 --------- d-----w C:\Program Files\Real
    2008-02-23 16:44 --------- d-----w C:\Program Files\Common Files\xing shared
    2008-02-23 16:43 --------- d-----w C:\Program Files\Common Files\Real
    2008-02-20 23:17 --------- d-----w C:\Program Files\7-Zip
    2008-02-20 23:16 --------- d-----w C:\Program Files\Harry Potter and the Prisoner of Azkaban(TM)
    2008-02-11 19:41 --------- d-----w C:\Program Files\123 Free Solitaire
    2008-02-10 18:27 --------- d-----w C:\Program Files\directx
    2008-02-10 18:26 --------- d-----w C:\Program Files\Electronic Arts
    2008-02-10 18:21 --------- d-----w C:\Program Files\EA GAMES
    2008-01-19 06:38 6,172 ----a-w C:\info.exe
    2008-01-12 18:50 40,960 ----a-w C:\WINDOWS\Ziggy Stardust.dll
    2008-01-12 18:50 381,636 ----a-w C:\WINDOWS\Ziggy Stardust.scr
    2008-01-12 18:50 10,405,274 ----a-w C:\WINDOWS\Ziggy Stardust.exe
    2007-02-15 18:28 88 --sh--r C:\WINDOWS\system32\81800E4309.sys
    2006-08-01 22:55 410,147 --sh--w C:\WINDOWS\system32\fhkmp.bak1
    2006-08-06 14:21 495,480 --sh--w C:\WINDOWS\system32\fhkmp.bak2
    2006-08-08 20:59 410,262 --sh--w C:\WINDOWS\system32\fhkmp.ini2
    .
    Code:
    <pre>
    ----a-w         7,019,335 2008-04-06 21:50:19  C:\Documents and Settings\Sindy Mendez\My Documents\Azureus Downloads\DAP Premium Version 8.6.1.4\DAP Premium .exe
    </pre>

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3294CD70-F841-49F8-80BA-2D9BE29F8BBD}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7B9AC9EB-E101-4163-AED1-ACE0FEC558CD}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D8A5D95C-D357-4AD4-9244-562A2B1A3FC5}]
    C:\WINDOWS\system32\nnnkJApO.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 05:00 15360]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-06 19:03 68856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-14 13:51 7323648]
    "SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 16:20 339968 C:\WINDOWS\stsystra.exe]
    "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-22 21:48 579072]
    "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-09-06 17:14 919016]
    "WinPatrol"="C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" [2008-01-27 00:38 316728]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2006-07-11 11:00:52 24576]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]

    [HKLM\~\startupfolder\C:^Documents and Settings^Sindy Mendez^Start Menu^Programs^Startup^MagicDisc.lnk]

    [HKLM\~\startupfolder\C:^Documents and Settings^Sindy Mendez^Start Menu^Programs^Startup^Registry Repair Pro.lnk]

    [HKLM\~\startupfolder\C:^Documents and Settings^Sindy Mendez^Start Menu^Programs^Startup^Scheduler.lnk]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
    --a------ 2007-12-22 02:20 222080 C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
    --a------ 2002-07-29 11:54 473088 C:\WINDOWS\mHotkey.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
    --a------ 2007-03-15 11:09 460784 C:\Program Files\DellSupport\DSAgnt.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
    --a------ 2007-11-15 09:23 202544 C:\Program Files\Dell Support Center\bin\sprtcmd.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dlccmon.exe]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
    --a------ 2005-10-05 03:12 94208 C:\Program Files\Dell\Media Experience\DMXLauncher.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
    --a------ 2007-11-15 09:24 16384 C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
    --a------ 2005-09-29 14:01 67584 C:\WINDOWS\ehome\ehtray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
    --a------ 2005-06-17 07:56 139264 C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
    --a------ 2005-06-10 10:44 249856 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
    --a------ 2005-06-10 10:44 81920 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ledpointer]
    --a------ 2002-10-04 09:05 532992 C:\WINDOWS\CNYHKey.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
    --a------ 2007-08-23 18:36 455968 C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    --a------ 2004-10-13 11:24 1694208 C:\Program Files\Messenger\msmsgs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    --a------ 2007-03-01 15:57 153136 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    --a------ 2006-09-01 16:57 282624 C:\Program Files\QuickTime\qttask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
    --a------ 2008-04-07 21:39 2957824 C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP]
    --a------ 2006-05-24 13:31 1372160 C:\Program Files\TGTSoft\StyleXP\StyleXP.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    --a--c--- 2007-09-25 02:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    --a------ 2007-07-06 19:03 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    --a------ 2008-02-23 11:43 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XoftSpySE]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
    --a------ 2007-08-30 18:43 4670704 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
    "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
    "C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
    "C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
    "C:\\Program Files\\Java\\j2re1.4.2_03\\bin\\javaw.exe"=
    "C:\\Program Files\\FrostWire\\FrostWire.exe"=
    "C:\\Program Files\\Azureus\\Azureus.exe"=
    "C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "61818:TCP"= 61818:TCP:pORT_61818

    R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-04-07 21:39]
    R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2007-10-12 09:34]
    R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 09:23]
    R2 zumbus;Zune Bus Enumerator Driver;C:\WINDOWS\system32\DRIVERS\zumbus.sys [2007-11-15 22:38]
    S2 SMTPSVC;Simple Mail Transfer Protocol (SMTP);C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-10 05:00]
    S2 svchost1;FireDaemon Service: svchost1;C:\WINDOWS\Temp\FireDaemon.EXE []
    S3 Aspi;Advanced SCSI Programming Interface Driver;C:\WINDOWS\System32\DRIVERS\ASPI32.sys [2002-07-17 10:05]
    S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-14 22:50]
    S3 BrSerIf;Brother MFC Serial Port Interface WDM Driver;C:\WINDOWS\system32\Drivers\BrSerIf.sys [2006-01-18 08:44]
    S3 BrUsbSer;Brother MFC USB Serial WDM Driver;C:\WINDOWS\system32\Drivers\BrUsbSer.sys [2006-01-18 22:17]

    *Newly Created Service* - SZKG5

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
    .
    **************************************************************************

    catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-10 17:02:04
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\WINDOWS\ehome\ehrecvr.exe
    C:\WINDOWS\ehome\ehSched.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Spyware Terminator\sp_rsser.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\STOPzilla!\STOPzilla.exe
    .
    **************************************************************************
    .
    Completion time: 2008-04-10 17:08:22 - machine was rebooted []
    ComboFix-quarantined-files.txt 2008-04-10 22:08:17
    Pre-Run: 54,801,412,096 bytes free
    Post-Run: 54,691,844,096 bytes free
    .
    2008-03-21 08:01:06 --- E O F ---
     
  3. f1rem0nkey

    f1rem0nkey Thread Starter

    Joined:
    Apr 10, 2008
    Messages:
    7
    can anyone please help. the popups only occur with internet explorer. i use a different browser and no problem, but still getting c++ errors
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/702505

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice