HELP c++ error (hijack log included)

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

f1rem0nkey

Thread Starter
Joined
Apr 10, 2008
Messages
7
:mad:getting overburn error, and has to shut down explorer.exe. here is my hijack log. :eek: also getting popups and cant stop them. have the sites blocked in my zone alarm, but they somehow make their way through. help on either or both issues please.:(
Logfile of HijackThis v1.99.1
Scan saved at 16:33, on 2008-04-10
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\stsystra.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAP Premium\DAP.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\FrostWire\FrostWire.exe
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\Program Files\STOPzilla!\STOPzilla.exe
C:\Program Files\Maxthon2\Maxthon.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://aol.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\STOPzilla!\SZSG.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {3294CD70-F841-49F8-80BA-2D9BE29F8BBD} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7B9AC9EB-E101-4163-AED1-ACE0FEC558CD} - (no file)
O2 - BHO: (no name) - {8E1BFC0E-8AD2-424D-AC8A-06038481516E} - C:\WINDOWS\system32\geBuSJbc.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: (no name) - {D8A5D95C-D357-4AD4-9244-562A2B1A3FC5} - C:\WINDOWS\system32\nnnkJApO.dll (file missing)
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files\STOPzilla!\SZSG.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP Premium\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP Premium\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP Premium\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: FireDaemon Service: svchost1 (svchost1) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
 

f1rem0nkey

Thread Starter
Joined
Apr 10, 2008
Messages
7
ComboFix 08-04-10.5 - S M 2008-04-10 16:50:40.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.308 [GMT -5:00]
Running from: C:\Documents and Settings\Sindy Mendez\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Common Files\{185EB~1
C:\WINDOWS\BM1b6d85ea.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\adssite-remove.exe
C:\WINDOWS\system32\Cache
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\OpAJknnn.ini
C:\WINDOWS\system32\OpAJknnn.ini2

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SYSTEM
-------\Legacy_SZKG5
-------\Service_szkg5


((((((((((((((((((((((((( Files Created from 2008-03-10 to 2008-04-10 )))))))))))))))))))))))))))))))
.

2008-04-10 16:26 . 2008-04-10 16:51 <DIR> d-------- C:\Documents and Settings\Sindy Mendez\Application Data\MxBoost
2008-04-10 16:25 . 2008-04-10 16:26 <DIR> d-------- C:\Program Files\Maxthon2
2008-04-10 16:22 . 2008-04-10 16:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SITEguard
2008-04-10 16:21 . 2008-04-10 16:21 <DIR> d-------- C:\Program Files\STOPzilla!
2008-04-10 16:21 . 2008-04-10 16:21 <DIR> d-------- C:\Program Files\Common Files\iS3
2008-04-10 16:21 . 2008-04-10 17:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2008-04-09 12:58 . 2008-04-09 12:58 89,070 --a------ C:\WINDOWS\system32\myss_sb_uninstall.exe
2008-04-09 10:35 . 2008-04-09 10:35 333,824 --a------ C:\WINDOWS\system32\myss_sb.dll
2008-04-08 20:16 . 2008-04-08 20:16 <DIR> d-------- C:\Program Files\BillP Studios
2008-04-08 20:16 . 2008-04-08 20:16 <DIR> d-------- C:\Documents and Settings\Sindy Mendez\Application Data\WinPatrol
2008-04-08 20:12 . 2008-04-08 20:17 <DIR> d-------- C:\WINDOWS\system32\QVJGTGljZW5zZUluZm8=
2008-04-08 20:12 . 2008-04-08 22:04 <DIR> d-------- C:\Program Files\Advanced Registry Fix
2008-04-08 20:07 . 2008-04-09 06:01 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-04-08 20:07 . 2008-04-09 07:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-08 19:09 . 2008-04-08 19:09 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Auslogics
2008-04-08 19:06 . 2008-04-08 19:07 <DIR> d-------- C:\Inetpub
2008-04-08 19:06 . 2004-08-10 05:00 290,816 --a------ C:\WINDOWS\system32\adsiis.dll
2008-04-08 19:06 . 2004-08-10 05:00 133,632 --a------ C:\WINDOWS\system32\iisRtl.dll
2008-04-08 19:06 . 2004-08-10 05:00 68,608 --a------ C:\WINDOWS\system32\iisext.dll
2008-04-08 19:06 . 2004-08-10 05:00 64,512 --a------ C:\WINDOWS\system32\iismap.dll
2008-04-08 19:06 . 2004-08-10 05:00 43,520 --a------ C:\WINDOWS\system32\admwprox.dll
2008-04-08 19:06 . 2004-08-10 05:00 14,336 --a------ C:\WINDOWS\system32\exstrace.dll
2008-04-08 19:06 . 2004-08-10 05:00 13,312 --a------ C:\WINDOWS\system32\infoadmn.dll
2008-04-08 19:06 . 2004-08-10 05:00 8,192 --a------ C:\WINDOWS\system32\staxmem.dll
2008-04-08 19:04 . 2008-04-08 19:04 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Spyware Terminator
2008-04-08 18:43 . 2008-04-08 18:43 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Acoustica
2008-04-08 18:10 . 2008-04-08 18:50 <DIR> d-------- C:\Program Files\3B Software
2008-04-07 21:39 . 2008-04-08 16:33 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-04-07 21:39 . 2008-04-08 18:21 <DIR> d-------- C:\Documents and Settings\Sindy Mendez\Application Data\Spyware Terminator
2008-04-07 21:39 . 2008-04-08 16:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-04-07 21:39 . 2008-04-07 21:39 138,752 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-04-07 20:09 . 2008-04-08 18:52 <DIR> d-------- C:\Program Files\XoftSpySE
2008-04-07 20:07 . 2008-04-09 07:13 <DIR> d-------- C:\Program Files\RegistryFix
2008-04-07 14:45 . 2008-04-07 14:53 <DIR> d-------- C:\Documents and Settings\Michel Marie-sainte\Application Data\AVG7
2008-04-06 17:09 . 2008-04-06 17:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SupportSoft
2008-04-06 17:08 . 2008-04-06 17:09 <DIR> d-------- C:\Program Files\Dell Support Center
2008-04-06 17:08 . 2008-04-06 17:08 <DIR> d-------- C:\Program Files\Common Files\supportsoft
2008-04-06 16:51 . 2008-04-06 16:55 <DIR> d-------- C:\Program Files\DAP Premium
2008-04-06 14:55 . 2008-04-06 14:55 <DIR> d-------- C:\Program Files\Auslogics
2008-04-06 14:55 . 2008-04-06 14:55 <DIR> d-------- C:\Documents and Settings\Sindy Mendez\Application Data\Auslogics
2008-04-05 07:26 . 2008-04-05 17:43 45 --a------ C:\TEST.XML
2008-04-02 18:34 . 2008-04-02 18:34 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2008-04-02 18:34 . 2008-04-02 18:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2008-03-22 12:37 . 2008-03-22 12:37 <DIR> d-------- C:\Program Files\Pcsx2_0.9.4
2008-03-21 15:34 . 2004-10-01 23:02 724,807 --a------ C:\WINDOWS\wallpaper.jpg
2008-03-21 15:33 . 2008-04-06 11:19 151 --a------ C:\WINDOWS\PhotoSnapViewer.INI
2008-03-21 15:31 . 2008-03-21 15:31 216,881 --a------ C:\WINDOWS\Warning.jpg
2008-03-21 15:31 . 2008-03-21 15:31 177,200 --a------ C:\WINDOWS\Warning2.jpg
2008-03-21 15:31 . 2008-03-21 15:31 153,718 --a------ C:\WINDOWS\Warning_01.bmp
2008-03-21 15:31 . 2008-03-21 15:31 44,790 --a------ C:\WINDOWS\Warning_Preview.jpg
2008-03-21 15:31 . 2008-03-21 15:31 31,426 --a------ C:\WINDOWS\ReadMe.htm
2008-03-21 15:31 . 2008-03-21 15:31 226 --a------ C:\WINDOWS\Warning_08-09.bmp
2008-03-21 03:01 . 2008-03-21 03:01 <DIR> d-------- C:\Program Files\MSXML 6.0
2008-03-19 20:45 . 2008-03-19 20:49 <DIR> d-------- C:\Program Files\AutoCAD 2009
2008-03-19 20:19 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll
2008-03-19 20:18 . 2008-03-19 20:18 <DIR> d-------- C:\Program Files\MSBuild
2008-03-19 20:15 . 2008-03-19 20:15 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
2008-03-19 20:14 . 2008-03-19 20:14 <DIR> d-------- C:\Program Files\Reference Assemblies
2008-03-19 20:13 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2008-03-19 20:11 . 2008-03-19 20:50 <DIR> d-------- C:\Program Files\Common Files\Autodesk Shared
2008-03-19 20:11 . 2008-03-19 20:32 <DIR> d-------- C:\Program Files\Autodesk
2008-03-19 20:04 . 2008-03-19 20:04 <DIR> d-------- C:\Program Files\MagicDisc
2008-03-19 20:04 . 2008-02-18 17:29 96,256 --a------ C:\WINDOWS\system32\drivers\mcdbus.sys
2008-03-18 07:19 . 2008-03-18 07:19 153,600 --a------ C:\WINDOWS\system32\mysidesearch_sidebar.dll
2008-03-10 19:12 . 2008-04-06 07:00 <DIR> d-------- C:\Program Files\ArchiCAD 11

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-10 21:58 --------- d-----w C:\Documents and Settings\Sindy Mendez\Application Data\Azureus
2008-04-10 13:00 --------- d-----w C:\Documents and Settings\Sindy Mendez\Application Data\AVG7
2008-04-10 00:45 --------- d-----w C:\Documents and Settings\Sindy Mendez\Application Data\Jasc Software Inc
2008-04-08 23:49 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-08 23:45 --------- d-----w C:\Program Files\Common Files\AVSMedia
2008-04-08 23:44 --------- d-----w C:\Program Files\VstPlugins
2008-04-08 23:44 --------- d-----w C:\Program Files\Acoustica Mixcraft 3
2008-04-07 19:54 --------- d-----w C:\Documents and Settings\Caryl Marie-sainte\Application Data\AVG7
2008-04-06 22:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Dell
2008-04-06 22:00 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-05 22:29 --------- d-----w C:\Program Files\Super Mario Blue Twilight DX
2008-04-05 22:26 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-05 16:52 --------- d-----w C:\Documents and Settings\Sindy Mendez\Application Data\Graphisoft
2008-04-05 16:47 --------- d-----w C:\Program Files\Graphisoft
2008-03-23 23:41 --------- d-----w C:\Documents and Settings\Sindy Mendez\Application Data\Autodesk
2008-03-23 23:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Autodesk
2008-03-21 20:33 --------- d-----w C:\Program Files\TGTSoft
2008-03-21 17:46 --------- d-----w C:\Documents and Settings\Sindy Mendez\Application Data\FrostWire
2008-03-15 00:09 --------- d-----w C:\Program Files\Sims2
2008-03-14 21:53 --------- d-----w C:\Program Files\Acoustica CD Label Maker
2008-03-13 02:37 --------- d-----w C:\Documents and Settings\Sindy Mendez\Application Data\Ahead
2008-03-11 13:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead
2008-03-11 13:21 --------- d-----w C:\Program Files\Common Files\Ahead
2008-03-09 23:35 --------- d-----w C:\Documents and Settings\Sindy Mendez\Application Data\AVSMedia
2008-03-09 23:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\AVS4YOU
2008-03-09 23:32 --------- d-----w C:\Program Files\Common Files\Download Manager
2008-03-09 23:32 --------- d-----w C:\Program Files\AVSMedia
2008-03-06 22:07 --------- d-----w C:\Program Files\Azureus
2008-03-06 03:22 --------- d-----w C:\Program Files\Copysafe
2008-03-03 19:16 33,920 ----a-r C:\WINDOWS\system32\drivers\SZKG.sys
2008-03-01 17:43 --------- d-----w C:\Documents and Settings\Sindy Mendez\Application Data\???????sAppData
2008-02-25 22:12 --------- d-----w C:\Program Files\MKVTOAVI
2008-02-25 04:03 --------- d-----w C:\Program Files\HDSoft
2008-02-23 20:35 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-02-23 20:32 --------- d-----w C:\Program Files\Copy DVD Gold
2008-02-23 20:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Droppix
2008-02-23 20:31 --------- d-----w C:\Program Files\Apple Software Update
2008-02-23 20:07 --------- d-----w C:\Program Files\FrostWire
2008-02-23 16:44 --------- d-----w C:\Program Files\Real
2008-02-23 16:44 --------- d-----w C:\Program Files\Common Files\xing shared
2008-02-23 16:43 --------- d-----w C:\Program Files\Common Files\Real
2008-02-20 23:17 --------- d-----w C:\Program Files\7-Zip
2008-02-20 23:16 --------- d-----w C:\Program Files\Harry Potter and the Prisoner of Azkaban(TM)
2008-02-11 19:41 --------- d-----w C:\Program Files\123 Free Solitaire
2008-02-10 18:27 --------- d-----w C:\Program Files\directx
2008-02-10 18:26 --------- d-----w C:\Program Files\Electronic Arts
2008-02-10 18:21 --------- d-----w C:\Program Files\EA GAMES
2008-01-19 06:38 6,172 ----a-w C:\info.exe
2008-01-12 18:50 40,960 ----a-w C:\WINDOWS\Ziggy Stardust.dll
2008-01-12 18:50 381,636 ----a-w C:\WINDOWS\Ziggy Stardust.scr
2008-01-12 18:50 10,405,274 ----a-w C:\WINDOWS\Ziggy Stardust.exe
2007-02-15 18:28 88 --sh--r C:\WINDOWS\system32\81800E4309.sys
2006-08-01 22:55 410,147 --sh--w C:\WINDOWS\system32\fhkmp.bak1
2006-08-06 14:21 495,480 --sh--w C:\WINDOWS\system32\fhkmp.bak2
2006-08-08 20:59 410,262 --sh--w C:\WINDOWS\system32\fhkmp.ini2
.
Code:
<pre>
----a-w         7,019,335 2008-04-06 21:50:19  C:\Documents and Settings\Sindy Mendez\My Documents\Azureus Downloads\DAP Premium Version 8.6.1.4\DAP Premium .exe
</pre>

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3294CD70-F841-49F8-80BA-2D9BE29F8BBD}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7B9AC9EB-E101-4163-AED1-ACE0FEC558CD}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D8A5D95C-D357-4AD4-9244-562A2B1A3FC5}]
C:\WINDOWS\system32\nnnkJApO.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 05:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-06 19:03 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-14 13:51 7323648]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 16:20 339968 C:\WINDOWS\stsystra.exe]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-22 21:48 579072]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-09-06 17:14 919016]
"WinPatrol"="C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" [2008-01-27 00:38 316728]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2006-07-11 11:00:52 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^Sindy Mendez^Start Menu^Programs^Startup^MagicDisc.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^Sindy Mendez^Start Menu^Programs^Startup^Registry Repair Pro.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^Sindy Mendez^Start Menu^Programs^Startup^Scheduler.lnk]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
--a------ 2007-12-22 02:20 222080 C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
--a------ 2002-07-29 11:54 473088 C:\WINDOWS\mHotkey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
--a------ 2007-03-15 11:09 460784 C:\Program Files\DellSupport\DSAgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
--a------ 2007-11-15 09:23 202544 C:\Program Files\Dell Support Center\bin\sprtcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dlccmon.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
--a------ 2005-10-05 03:12 94208 C:\Program Files\Dell\Media Experience\DMXLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
--a------ 2007-11-15 09:24 16384 C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
--a------ 2005-09-29 14:01 67584 C:\WINDOWS\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
--a------ 2005-06-17 07:56 139264 C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
--a------ 2005-06-10 10:44 249856 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
--a------ 2005-06-10 10:44 81920 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ledpointer]
--a------ 2002-10-04 09:05 532992 C:\WINDOWS\CNYHKey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
--a------ 2007-08-23 18:36 455968 C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2004-10-13 11:24 1694208 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 15:57 153136 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2006-09-01 16:57 282624 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
--a------ 2008-04-07 21:39 2957824 C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP]
--a------ 2006-05-24 13:31 1372160 C:\Program Files\TGTSoft\StyleXP\StyleXP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a--c--- 2007-09-25 02:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-07-06 19:03 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-02-23 11:43 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XoftSpySE]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2007-08-30 18:43 4670704 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
"C:\\Program Files\\Java\\j2re1.4.2_03\\bin\\javaw.exe"=
"C:\\Program Files\\FrostWire\\FrostWire.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"61818:TCP"= 61818:TCP:pORT_61818

R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-04-07 21:39]
R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe [2007-10-12 09:34]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 09:23]
R2 zumbus;Zune Bus Enumerator Driver;C:\WINDOWS\system32\DRIVERS\zumbus.sys [2007-11-15 22:38]
S2 SMTPSVC;Simple Mail Transfer Protocol (SMTP);C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-10 05:00]
S2 svchost1;FireDaemon Service: svchost1;C:\WINDOWS\Temp\FireDaemon.EXE []
S3 Aspi;Advanced SCSI Programming Interface Driver;C:\WINDOWS\System32\DRIVERS\ASPI32.sys [2002-07-17 10:05]
S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-14 22:50]
S3 BrSerIf;Brother MFC Serial Port Interface WDM Driver;C:\WINDOWS\system32\Drivers\BrSerIf.sys [2006-01-18 08:44]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver;C:\WINDOWS\system32\Drivers\BrUsbSer.sys [2006-01-18 22:17]

*Newly Created Service* - SZKG5

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
.
**************************************************************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-10 17:02:04
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\STOPzilla!\STOPzilla.exe
.
**************************************************************************
.
Completion time: 2008-04-10 17:08:22 - machine was rebooted []
ComboFix-quarantined-files.txt 2008-04-10 22:08:17
Pre-Run: 54,801,412,096 bytes free
Post-Run: 54,691,844,096 bytes free
.
2008-03-21 08:01:06 --- E O F ---
 

f1rem0nkey

Thread Starter
Joined
Apr 10, 2008
Messages
7
can anyone please help. the popups only occur with internet explorer. i use a different browser and no problem, but still getting c++ errors
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top