|
|
||
05-19-2008, 06:25 AM
|
#1 (permalink) |
|
Silver Member
 Join Date: Nov 2007
Posts: 159
|
please help, desktop and icons disappeared
Well, I googled "flat bottom boats" and when I clicked on a link for building instructions, I got a porn site and a number of virus warnings. My AVG software healed all the virus warning popups and then I let the AVG software do a complete scan but now when I go to boot up, my desktop and icons appear for a few seconds and then goes black and then comes on again for a few more seconds and then goes black and this cycle continues 3 times. The last time it turns black and freezes up. During the 3 cycles, I can execute programs but I must get them up and running before that third time. I tried to go to a earlier restore point but it seems that that feature is not working because I am not seeing any bold dates. Please help. Thank you. Frank
|
|
|
|
05-19-2008, 06:43 AM
|
#2 (permalink) | |
|
Folding@Home
 
Join Date: Aug 2007
Location: Northern Cali
Age: 29
Posts: 8,667
|
Post a hijackthis log. Download the program here.
__________________
Core i7 920 @ 2.66 GHz || Cooler Master V8 || Foxconn BloodRage X58|| 896MB EVGA GTX 260 (55nm)|| 6GB G Skill DDR3 @ 1600MHz|| 2X 300GB WD Velociraptors (RAID 0) || 1TB Hitachi Deskstar || Cooler Master HAF 932 || 620W Corsair HX PSU || Windows 7 Ultimate/Vista Ultimate x64/Windows XP Pro FOLDING FOR THE GOOD OF MANKIND:F@H Team 44358 Quote:
|
|
|
|
|
|
05-19-2008, 01:32 PM
|
#3 (permalink) |
|
Silver Member
Join Date: Nov 2007
Posts: 159
|
Thank you.
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:28:02 AM, on 5/19/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\BrmfBAgS.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Panasonic\Device Monitor\dmwakeup.exe C:\Program Files\Panasonic\MFStation\PCCMFSDM.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\PANASO~1\LocalCom\lmsrvnt.exe C:\PROGRA~1\PANASO~1\TRAPMO~1\Trapmnnt.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\system32\imapi.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [HP Lamp] "C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe" O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Panasonic Device Monitor Wakeup] C:\Program Files\Panasonic\Device Monitor\dmwakeup.exe O4 - HKLM\..\Run: [Panasonic Device Manager for Multi-Function Station software] C:\Program Files\Panasonic\MFStation\PCCMFSDM.exe O4 - HKLM\..\Run: [Panasonic PCFAX for Multi-Function Station software] C:\Program Files\Panasonic\MFStation\KmPcFax.exe -1 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O20 - AppInit_DLLs: O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Brother BidiAgent Service for Resource manager (brmfbags) - Brother Industries, Ltd. - C:\WINDOWS\system32\BrmfBAgS.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Panasonic Local Printer Service - Panasonic Communications Co., Ltd. - C:\PROGRA~1\PANASO~1\LocalCom\lmsrvnt.exe O23 - Service: Panasonic Trap Monitor Service - Panasonic - C:\PROGRA~1\PANASO~1\TRAPMO~1\Trapmnnt.exe -- End of file - 7767 bytes |
|
|
|
|
05-19-2008, 06:17 PM
|
#5 (permalink) |
|
Diamond Member
 
Join Date: Jan 2007
Location: France
Age: 19
Posts: 5,283
|
You're HJT log doesn't show any spyware. let's look deeper:
Download and Run ComboFix If you already have Combofix, please delete this copy and download it again as it's being updated regularly.
Combofix should never take more that 20 minutes including the reboot if malware is detected. If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue. If that happened we want to know, and also what process you had to end.
__________________
Punk's Website making and registering tutorial! Rise And Fall, Rage And Grace The Offspring! Huck it! I just want to be who I want to be
guess that's hard for others to see |
|
|
|
|
05-19-2008, 08:35 PM
|
#6 (permalink) |
|
Silver Member
Join Date: Nov 2007
Posts: 159
|
Here is the log that you asked for. The whole process only took about 10 minutes. By the way, I was not online during this process. I downloaded the file from my other computer. I was told to stay offline on the infected computer. Please let me know if I need to rerun combo fix again while being online. Thank you.
ComboFix 08-05-15.3 - Frank 2008-05-19 14:25:14.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1342 [GMT -4:00] Running from: J:\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Frank\g2mdlhlpx.exe C:\WINDOWS\system32\JjlSBJlm.ini C:\WINDOWS\system32\JjlSBJlm.ini2 . ((((((((((((((((((((((((( Files Created from 2008-04-19 to 2008-05-19 ))))))))))))))))))))))))))))))) . 2008-05-19 14:24 . 2008-05-19 14:25 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\ntuser.da t.LOG 2008-05-19 07:26 . 2008-05-19 07:26 <DIR> d-------- C:\Program Files\Trend Micro 2008-05-19 07:11 . 2001-08-17 22:36 8,704 --a------ C:\WINDOWS\system32\kbdjpn.dll 2008-05-18 21:47 . 2008-05-18 21:47 <DIR> d-------- C:\Documents and Settings\Guest\Application Data\Panasonic 2008-05-18 21:47 . 2008-05-18 21:47 <DIR> d-------- C:\Documents and Settings\Guest\Application Data\AVG7 2008-05-18 21:42 . 2008-05-18 21:42 <DIR> d-------- C:\Documents and Settings\Problem correction\Application Data\Panasonic 2008-05-18 21:42 . 2008-05-18 21:42 <DIR> d-------- C:\Documents and Settings\Problem correction\Application Data\AVG7 2008-05-18 18:47 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2008-05-18 18:47 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2008-05-18 18:47 . 2008-05-15 23:22 86,528 --a------ C:\WINDOWS\system32\VACFix.exe 2008-05-18 18:47 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe 2008-05-18 18:47 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\404Fix.exe 2008-05-18 18:47 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe 2008-05-18 18:47 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2008-05-18 18:47 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2008-05-18 15:24 . 2008-05-18 15:24 1,390,340 --a------ C:\SmitfraudFix.exe 2008-05-18 13:40 . 2008-05-18 18:48 3,050 --a------ C:\WINDOWS\system32\tmp.reg 2008-05-18 13:28 . 2008-05-18 13:28 <DIR> d-------- C:\Documents and Settings\Guest 2008-05-18 13:28 . 2008-05-19 14:28 1,024 --ah----- C:\Documents and Settings\Guest\ntuser.dat.LOG 2008-05-18 13:20 . 2006-02-28 08:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-05-18 13:19 . 2008-05-18 13:19 <DIR> d-------- C:\Documents and Settings\Problem correction 2008-05-18 13:19 . 2008-05-19 14:28 1,024 --ah----- C:\Documents and Settings\Problem correction\ntuser.dat.LOG 2008-05-18 10:53 . 2008-05-18 10:53 319,872 --a------ C:\WINDOWS\system32\mlJBSljJ.dll 2008-05-18 10:48 . 2008-05-18 10:48 <DIR> dr-h----- C:\$VAULT$.AVG 2008-05-18 10:48 . 2008-05-17 17:14 286,720 --a------ C:\WINDOWS\pxgdslro.dll 2008-05-18 10:48 . 2008-05-17 17:15 245,760 --a------ C:\WINDOWS\nldfmtappek.dll 2008-05-18 10:48 . 2008-05-18 10:48 28,800 --a------ C:\WINDOWS\system32\cbXQkhFu.dll 2008-05-07 17:43 . 2008-05-08 13:51 <DIR> d-------- C:\Program Files\Avalon Health Care 2008-05-03 11:53 . 2008-05-03 11:53 <DIR> d-------- C:\Program Files\Common Files\xing shared 2008-05-03 11:52 . 2008-05-03 11:53 <DIR> d-------- C:\Program Files\Common Files\Real 2008-05-03 11:50 . 2008-05-03 11:50 <DIR> d-------- C:\Program Files\Real 2008-04-28 11:21 . 2008-04-28 11:21 <DIR> d-------- C:\Program Files\SiteChallenge 2008-04-28 11:21 . 2007-05-03 10:15 68,496 --a------ C:\WINDOWS\system32\MLSecurityCOM.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )) . 2008-05-19 04:13 --------- d-----w C:\Program Files\LogMeIn 2008-05-18 14:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7 2008-05-17 13:12 --------- d-----w C:\Program Files\COMODO 2008-05-17 13:12 --------- d-----w C:\Documents and Settings\Frank\Application Data\Comodo 2008-05-12 15:34 --------- d-----w C:\Documents and Settings\Frank\Application Data\AdobeUM 2008-04-15 12:09 1,880 ----a-w C:\WINDOWS\AUTOLNCH.REG 2008-04-02 15:27 --------- d-----w C:\Program Files\Microsoft Works 2008-03-30 14:44 --------- d-----w C:\Program Files\2nd Story Software . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{47551F98-CC7F-4701-A650-D7231EEA60BD}] 2008-05-18 10:48 28800 --a------ C:\WINDOWS\system32\cbXQkhFu.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{966CE0C2-7AD7-40CE-ABB9-87D9E632FD50}] 2008-05-18 10:53 319872 --a------ C:\WINDOWS\system32\mlJBSljJ.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-15 08:15 579584] "HP Lamp"="C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\hplamp.exe" [2001-04-27 12:00 53248] "type32"="C:\Program Files\Microsoft IntelliType Pro\type32.exe" [2005-03-15 05:46 196608] "IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\point32.exe" [2005-03-23 19:26 217088] "nwiz"="nwiz.exe" [2007-06-28 12:43 1626112 C:\WINDOWS\system32\nwiz.exe] "PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2003-09-06 01:16 57393] "IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2003-09-06 01:35 40960] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-28 12:43 8466432] "Panasonic Device Monitor Wakeup"="C:\Program Files\Panasonic\Device Monitor\dmwakeup.exe" [2006-11-02 15:54 303104] "Panasonic Device Manager for Multi-Function Station software"="C:\Program Files\Panasonic\MFStation\PCCMFSDM.exe" [2007-05-21 13:46 126976] "Panasonic PCFAX for Multi-Function Station software"="C:\Program Files\Panasonic\MFStation\KmPcFax.exe" [2007-05-29 11:31 757760] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-05-03 11:52 185896] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-12-02 11:19 219136] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26 29696] Device Detector 3.lnk - C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe [2007-12-16 02:47:49 114688] [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer] "NoResolveSearch"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\curr entversion\explorer\shellexecutehooks] "{A213B520-C6C2-11d0-AF9D-008029E1027E}"= C:\Program Files\Symantec\WinFax\WfxSeh32.Dll [1998-07-27 05:54 38400] "{47551F98-CC7F-4701-A650-D7231EEA60BD}"= C:\WINDOWS\system32\cbXQkhFu.dll [2008-05-18 10:48 28800] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cbXQkhFu] cbXQkhFu.dll 2008-05-18 10:48 28800 C:\WINDOWS\system32\cbXQkhFu.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit] LMIinit.dll 2007-11-15 19:46 87352 C:\WINDOWS\system32\LMIinit.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"= [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.YV12"= yv12vfw.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Service Manager.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk backup=C:\WINDOWS\pss\Service Manager.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] --a------ 2005-05-03 11:43 69632 C:\WINDOWS\Alcmtr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter2.0] --------- 2005-01-07 18:30 864256 C:\Program Files\Brother\ControlCenter2\brctrcen.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] --a------ 2006-02-28 08:00 15360 C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI] --a------ 2007-08-03 16:09 63048 C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] --a------ 2007-06-28 12:43 8466432 C:\WINDOWS\system32\NvCpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm] --a------ 2007-12-05 11:47 160592 C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc] --a------ 2003-07-18 18:23 868352 C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioEngineUtility] --a------ 2003-05-01 19:44 65536 C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] --a------ 2006-06-01 09:48 16208384 C:\WINDOWS\RTHDCPL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt] --------- 2004-11-11 18:14 49152 C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] --a------ 2006-05-16 11:04 2879488 C:\WINDOWS\SkyTel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] --a------ 2006-09-28 14:16 185896 C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFaxAppPortStarter] --a------ 2000-02-14 18:36 43008 C:\WINDOWS\system32\WFXSNT40.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "BITS"=2 (0x2) "WZCSVC"=2 (0x2) "W32Time"=2 (0x2) "CiSvc"=3 (0x3) [HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"= "C:\\WINDOWS\\system32\\usmt\\migwiz.exe"= "C:\\Program Files\\Panasonic\\TrapMonitor\\Trapmnnt.exe"= "C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2007-08-03 16:09] R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sy s [2007-08-03 16:09] R2 Panasonic Local Printer Service;Panasonic Local Printer Service;C:\PROGRA~1\PANASO~1\LocalCom\lmsrvnt.exe [2004-08-03 05:33] S3 brfilt;Brother MFC Filter Driver;C:\WINDOWS\system32\Drivers\Brfilt.sys [2001-08-17 14:12] S3 brparimg;Brother Multi Function Parallel Image driver;C:\WINDOWS\system32\DRIVERS\BrParImg.sys [2001-08-17 14:12] S3 BrParWdm;Brother WDM Parallel Driver;C:\WINDOWS\system32\Drivers\BrParwdm.sys [2001-08-17 14:12] S3 BrSerWDM;Brother WDM Serial driver;C:\WINDOWS\system32\Drivers\BrSerWdm.sys [2004-11-23 18:39] S4 wfxsvc;WinFax PRO;C:\WINDOWS\system32\WFXSVC.EXE [2000-02-14 18:36] . ************************************************** ************************ disk not found C:\ please note that you need administrator rights to perform deep scan disk not found C:\ please note that you need administrator rights to perform deep scan disk not found C:\ please note that you need administrator rights to perform deep scan disk not found C:\ please note that you need administrator rights to perform deep scan disk not found C:\ please note that you need administrator rights to perform deep scan disk not found C:\ please note that you need administrator rights to perform deep scan disk not found C:\ please note that you need administrator rights to perform deep scan disk not found C:\ please note that you need administrator rights to perform deep scan disk not found C:\ please note that you need administrator rights to perform deep scan disk not found C:\ please note that you need administrator rights to perform deep scan disk not found C:\ please note that you need administrator rights to perform deep scan disk not found C:\ please note that you need administrator rights to perform deep scan disk not found C:\ please note that you need administrator rights to perform deep scan disk not found C:\ please note that you need administrator rights to perform deep scan disk not found C:\ scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... disk not found C:\ disk not found C:\ disk not found C:\ disk not found C:\ disk not found C:\ disk not found C:\ disk not found C:\ disk not found C:\ disk not found C:\ disk not found C:\ disk not found C:\ disk not found C:\ disk not found C:\ disk not found C:\ disk not found C:\ scan completed successfully hidden files: ************************************************** ************************ . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\WINDOWS\system32\winlogon.exe -> C:\WINDOWS\system32\cbXQkhFu.dll . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\BRSS01A.EXE C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\BrmfBAgS.exe C:\Program Files\LogMeIn\x86\ramaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\PANASO~1\TRAPMO~1\Trapmnnt.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\system32\MsPMSPSv.exe . ************************************************** ************************ . Completion time: 2008-05-19 14:30:33 - machine was rebooted ComboFix-quarantined-files.txt 2008-05-19 18:30:29 Pre-Run: 279,903,870,976 bytes free Post-Run: 280,056,901,632 bytes free 234 --- E O F --- 2008-05-18 19:42:34 |
|
|
|
|
05-20-2008, 12:44 AM
|
#9 (permalink) | |
|
Diamond Member
 
Join Date: Jan 2008
Location: Melbourne, Australia
Age: 15
Posts: 8,361
|
Quote:
__________________
Cohen |
|
|
|
|
|
05-20-2008, 01:23 AM
|
#10 (permalink) |
|
Silver Member
Join Date: Nov 2007
Posts: 159
|
I'm confused. Before this problem I had two account show up. One is called Frank(computer admisistrator) and the other is called Guest(guest account is on). Yesterday when I asked for help, someone suggested I make a new account and see if that we make the computer work properly but it made no difference. So now I have a third account called Problem Correction(computer admisistrator). So, in other words, I think I have already provided what you have asked for above. By the way, should I just delete that new account since it did not do any good. Thanks again.
|
|
|
|
 |
| Bookmarks |
| Thread Tools | Search this Thread |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Annoying problem with desktop Icon's... | palefountain | General Computer Chat | 1 | 01-10-2008 09:11 PM |
| changing the size of desktop icons only | karjaneth | General Software | 3 | 05-31-2006 09:05 PM |
| Desktop Icons | jquinlan | Operating Systems | 4 | 09-23-2005 01:38 AM |
| Spinning icons on desktop?????? | R_ACE1 | General Software | 5 | 06-15-2005 06:24 AM |
| Custom desktop icons... | saiya00 | Desktop Computers | 2 | 02-16-2005 07:48 AM |
Linear Mode
