Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Not sure what's wrong, but I think I've got something...

Started by freespirit_90210 , Nov 07 2006 10:56 PM

  • Please log in to reply

#31
Wizard
Posted 21 November 2006 - 03:16 AM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Has Zone Alarm been installed and does it appear to be workinf correctly?


If you will,scan fresh with ComboFix and post that log.
  • 0

Advertisements

#32
freespirit_90210
Posted 30 November 2006 - 01:49 AM

freespirit_90210

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Sorry it took me a little while to reply...was out of town for T'giving.

ZoneAlarm is working great. :whistling:

Here's the Combo Fix log:

Sarah Leedy - Wed 11/29/2006 23:43:25.44 Service Pack 4
ComboFix 06.11.9 - Running from: "C:\Documents and Settings\Sarah Leedy\Desktop"

((((((((((((((((((((((((((((((( Files Created from 2006-10-29 to 2006-11-29 ))))))))))))))))))))))))))))))))))


2006-11-28 22:18 24,528 --a------ C:\WINNT\system32\drivers\kbdclass.sys
2006-11-28 22:18 13,744 --a------ C:\WINNT\system32\drivers\kbdhid.sys
2006-11-04 14:14 1,245,696 --a------ C:\WINNT\system32\msxml4.dll


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-11-20 06:52 -------- d-------- C:\Program Files\Zone Labs
2006-11-20 06:06 -------- d-------- C:\Documents and Settings\Sarah Leedy\Application Data\U3
2006-11-06 18:45 -------- d-------- C:\Program Files\SpywareBlaster
2006-11-06 07:45 -------- d-------- C:\Program Files\Ad-Aware SE Plus
2006-11-05 05:13 -------- d-------- C:\Program Files\Winamp
2006-11-04 15:35 -------- d-a------ C:\Program Files\Common Files
2006-11-04 15:12 -------- d-------- C:\Program Files\Shockwave.com
2006-11-04 15:12 -------- d-------- C:\Program Files\ReadMagic
2006-11-04 15:10 -------- d-------- C:\Program Files\Common Files\Ahead
2006-11-04 14:32 -------- d-------- C:\Program Files\Citrix
2006-11-04 14:30 -------- d-------- C:\Documents and Settings\Sarah Leedy\Application Data\Aim
2006-11-04 14:23 -------- d-------- C:\Program Files\Common Files\Adobe
2006-10-23 23:52 -------- d-------- C:\Program Files\eMule
2006-10-14 00:39 -------- d-a------ C:\Program Files\ewido anti-spyware 4.0
2006-10-09 19:19 -------- d-a------ C:\Program Files\Common Files\Microsoft Shared
2006-10-04 22:13 -------- d-------- C:\Documents and Settings\Sarah Leedy\Application Data\Adobe
2006-09-14 13:38 16896 --a------ C:\WINNT\system32\kill.exe
2006-09-13 08:43 114688 --a------ C:\WINNT\system32\fport.exe
2006-09-12 03:48 1713536 --------- C:\WINNT\system32\NTKRNLPA.EXE
2006-09-12 03:48 1690880 --------- C:\WINNT\system32\NTOSKRNL.EXE
2006-09-05 20:58 1110528 --a------ C:\WINNT\system32\msxml3.dll
2006-08-31 21:49 64784 --------- C:\WINNT\system32\NWAPI32.DLL
2006-08-31 21:49 140048 --------- C:\WINNT\system32\NWPROVAU.DLL


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="ctfmon.exe"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Synchronization Manager"="mobsync.exe /logon"
"DadApp"="C:\\Program Files\\Dell\\AccessDirect\\dadapp.exe"
"IgfxTray"="C:\\WINNT\\system32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINNT\\system32\\hkcmd.exe"
"BCMSMMSG"="BCMSMMSG.exe"
"SigmaTel StacMon"="C:\\Program Files\\SigmaTel\\SigmaTel AC97 Audio Drivers\\stacmon.exe"
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"BJCFD"="C:\\Program Files\\BellSouth\\Client Foundation\\CFD.exe"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\j2re1.4.2_05\\bin\\jusched.exe"
"tgcmd"="\"C:\\Program Files\\Support.com\\BellSouth\\hcenter.exe\" /starthidden /tgcmdwrapper"
"Acrobat Assistant 7.0"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Distillr\\Acrotray.exe\""
@=""
"RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"
"type32"="\"C:\\Program Files\\Microsoft IntelliType Pro\\type32.exe\""
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"THGuard"="\"C:\\Program Files\\TrojanHunter 4.6\\THGuard.exe\""
"Zone Labs Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000003
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e4,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,f0,01,00,00,1f,00,00,00,80,00,00,00,76,00,\
00,00,01,00,00,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Symantec NetDriver Warning"="C:\\PROGRA~1\\SYMNET~1\\SNDWarn.exe"
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000095

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000095

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"Network.ConnectionTray"="{7007ACCF-3202-11D1-AAD2-00805FC1270E}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

Completion time: Wed 2006-11-29 23:45:50.18
C:\ComboFix.txt ... 06-11-29 23:45
C:\ComboFix2.txt ... 06-11-16 07:17
  • 0

#33
Wizard
Posted 30 November 2006 - 04:04 AM

Wizard

    Retired Staff

  • Retired Staff
  • 5,661 posts
Its been a crazy couple of weeks here as well.


How is the machine acting today?


So far everything looks OK.
  • 0

#34
freespirit_90210
Posted 23 January 2007 - 12:59 AM

freespirit_90210

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
I'm so sorry that i didn't reply to this sooner...I switched from Cable to Verizon DSL and I didn't have access for a couple of weeks!

Anyway, the machine was running great until I got this dumb Verison software on it...but anyway I wanted to thank you SO MUCH for your help with my messed up machine!!

How do i leave a comment and donation? I love Geeks To Go!!

Sarah
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP