Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Can Anyone help me with this?

Started by Bamsk8ter13 , Feb 19 2007 09:22 PM

  • Please log in to reply

#1
Bamsk8ter13
Posted 19 February 2007 - 09:22 PM

Bamsk8ter13

    Member

  • Member
  • PipPip
  • 64 posts
Ok, heres the story.
I have a dell laptop(Latitude D800) and it's giving us alot of trobble.
First off, I just deleted everthing on the HDD and reinstall windows.
The probblems we are having followes:
1) Radom restarts
2) we keep getting erros and have to restart IE(I had firefox, But we had the same prombles, and when I tryed to reinstall it the computer restarted before the download completed).
From what I remmber, thats it.
Heres the HijackThis Log:


Logfile of HijackThis v1.99.1
Scan saved at 9:16:36 PM, on 2/19/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator.CASE-DBEA3B27CB\Local Settings\Temporary Internet Files\Content.IE5\KTI7GTQ7\HijackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
  • 0

Advertisements

#2
didom
Posted 21 February 2007 - 10:38 AM

didom

    Member 1K

  • Member
  • PipPipPipPip
  • 1,919 posts
Download ComboScan to your Desktop.
  • Close all applications and windows.
  • Double-click on comboscan.exe to run it, and follow the prompts.
  • The scan may take a minute. When the scan is complete, a text file will open - ComboScan.txt
Extra Note: When running Comboscan, some firewalls may warn that sigcheck.exe is trying to access the internet - please ensure that you allow sigcheck.exe permission to do so. Also, it may happen that your Antivirus flags Comboscan as suspicious. Please allow the Comboscan to run and don't let your Antivirus delete it. (In this case, it may be better to temporary disable your Antivirus)

Post the Comboscan.txt from the Comboscan into your next reply.
  • 0

#3
Bamsk8ter13
Posted 22 February 2007 - 10:18 AM

Bamsk8ter13

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts
ComboScan v20070221.16 run by Owner on 2007-02-22 at 10:13:22
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Successfully created restore point.
Performed disk cleanup.


-- HijackThis (run as Owner.exe) ------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 10:14:44 AM, on 2/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wpabaln.exe
C:\Documents and Settings\Owner\Desktop\comboscan.exe
C:\Program Files\HijackThis\Owner.exe

O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE


-- File Associations ------------------------------------------------------------

.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ----------------------

3R Arp1394 (1394 ARP Client Protocol) - C:\WINDOWS\system32\drivers\arp1394.sys
3R BCM43XX (Dell Wireless WLAN Card Driver) - C:\WINDOWS\system32\drivers\BCMWL5.SYS
3R hidusb (Microsoft HID Class Driver) - C:\WINDOWS\system32\drivers\hidusb.sys
1R intelppm (Intel Processor Driver) - C:\WINDOWS\system32\drivers\intelppm.sys
3R mouhid (Mouse HID Driver) - C:\WINDOWS\system32\drivers\mouhid.sys
3R NIC1394 (1394 Net Driver) - C:\WINDOWS\system32\drivers\nic1394.sys
0R ohci1394 (Texas Instruments OHCI Compliant IEEE 1394 Host Controller) - C:\WINDOWS\system32\drivers\ohci1394.sys
3R usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - C:\WINDOWS\system32\drivers\usbehci.sys
3S USBSTOR (USB Mass Storage Driver) - C:\WINDOWS\system32\drivers\USBSTOR.SYS


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

4S Alerter - C:\WINDOWS\system32\svchost.exe -k LocalService
3R ALG (Application Layer Gateway Service) - C:\WINDOWS\System32\alg.exe
3S AppMgmt (Application Management) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2R AudioSrv (Windows Audio) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3S BITS (Background Intelligent Transfer Service) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2S Browser (Computer Browser) - C:\WINDOWS\system32\svchost.exe -k netsvcs
3S CiSvc (Indexing Service) - C:\WINDOWS\system32\cisvc.exe
4S ClipSrv (ClipBook) - C:\WINDOWS\system32\clipsrv.exe
3S COMSysApp (COM+ System Application) - C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
2R CryptSvc (Cryptographic Services) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2R DcomLaunch (DCOM Server Process Launcher) - C:\WINDOWS\system32\svchost -k DcomLaunch
2R Dhcp (DHCP Client) - C:\WINDOWS\system32\svchost.exe -k netsvcs
3S dmadmin (Logical Disk Manager Administrative Service) - C:\WINDOWS\System32\dmadmin.exe /com
3S dmserver (Logical Disk Manager) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R Dnscache (DNS Client) - C:\WINDOWS\system32\svchost.exe -k NetworkService
2R ERSvc (Error Reporting Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R Eventlog (Event Log) - C:\WINDOWS\system32\services.exe
3R EventSystem (COM+ Event System) - C:\WINDOWS\system32\svchost.exe -k netsvcs
3R FastUserSwitchingCompatibility (Fast User Switching Compatibility) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R helpsvc (Help and Support) - C:\WINDOWS\System32\svchost.exe -k netsvcs
4S HidServ (Human Interface Device Access) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3S HTTPFilter (HTTP SSL) - C:\WINDOWS\System32\svchost.exe -k HTTPFilter
3S ImapiService (IMAPI CD-Burning COM Service) - C:\WINDOWS\system32\imapi.exe
2R lanmanserver (Server) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2R lanmanworkstation (Workstation) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2R LmHosts (TCP/IP NetBIOS Helper) - C:\WINDOWS\system32\svchost.exe -k LocalService
4S Messenger - C:\WINDOWS\system32\svchost.exe -k netsvcs
3S mnmsrvc (NetMeeting Remote Desktop Sharing) - C:\WINDOWS\system32\mnmsrvc.exe
3S MSDTC (Distributed Transaction Coordinator) - C:\WINDOWS\system32\msdtc.exe
3S MSIServer (Windows Installer) - C:\WINDOWS\system32\msiexec.exe /V
4S NetDDE (Network DDE) - C:\WINDOWS\system32\netdde.exe
4S NetDDEdsdm (Network DDE DSDM) - C:\WINDOWS\system32\netdde.exe
3S Netlogon (Net Logon) - C:\WINDOWS\system32\lsass.exe
3R Netman (Network Connections) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3R Nla (Network Location Awareness (NLA)) - C:\WINDOWS\system32\svchost.exe -k netsvcs
3S NtLmSsp (NT LM Security Support Provider) - C:\WINDOWS\system32\lsass.exe
3S NtmsSvc (Removable Storage) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2R PlugPlay (Plug and Play) - C:\WINDOWS\system32\services.exe
2R PolicyAgent (IPSEC Services) - C:\WINDOWS\system32\lsass.exe
2R ProtectedStorage (Protected Storage) - C:\WINDOWS\system32\lsass.exe
3S RasAuto (Remote Access Auto Connection Manager) - C:\WINDOWS\system32\svchost.exe -k netsvcs
3S RasMan (Remote Access Connection Manager) - C:\WINDOWS\system32\svchost.exe -k netsvcs
3S RDSessMgr (Remote Desktop Help Session Manager) - C:\WINDOWS\system32\sessmgr.exe
4S RemoteAccess (Routing and Remote Access) - C:\WINDOWS\system32\svchost.exe -k netsvcs
3S RpcLocator (Remote Procedure Call (RPC) Locator) - C:\WINDOWS\system32\locator.exe
2R RpcSs (Remote Procedure Call (RPC)) - C:\WINDOWS\system32\svchost -k rpcss
3S RSVP (QoS RSVP) - C:\WINDOWS\system32\rsvp.exe
2R SamSs (Security Accounts Manager) - C:\WINDOWS\system32\lsass.exe
3S SCardSvr (Smart Card) - C:\WINDOWS\System32\SCardSvr.exe
2R Schedule (Task Scheduler) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R seclogon (Secondary Logon) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R SENS (System Event Notification) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2R SharedAccess (Windows Firewall/Internet Connection Sharing (ICS)) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2R ShellHWDetection (Shell Hardware Detection) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R Spooler (Print Spooler) - C:\WINDOWS\system32\spoolsv.exe
2R srservice (System Restore Service) - C:\WINDOWS\system32\svchost.exe -k netsvcs
3R SSDPSRV (SSDP Discovery Service) - C:\WINDOWS\system32\svchost.exe -k LocalService
3S stisvc (Windows Image Acquisition (WIA)) - C:\WINDOWS\system32\svchost.exe -k imgsvc
3S SwPrv (MS Software Shadow Copy Provider) - C:\WINDOWS\system32\dllhost.exe /Processid:{02E73E60-8896-4536-BB37-118C5AFE35E2}
3S SysmonLog (Performance Logs and Alerts) - C:\WINDOWS\system32\smlogsvc.exe
3S TapiSrv (Telephony) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3R TermService (Terminal Services) - C:\WINDOWS\System32\svchost -k DComLaunch
2R Themes - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R TrkWks (Distributed Link Tracking Client) - C:\WINDOWS\system32\svchost.exe -k netsvcs
3S upnphost (Universal Plug and Play Device Host) - C:\WINDOWS\system32\svchost.exe -k LocalService
3S UPS (Uninterruptible Power Supply) - C:\WINDOWS\System32\ups.exe
3S VSS (Volume Shadow Copy) - C:\WINDOWS\System32\vssvc.exe
2R W32Time (Windows Time) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R WebClient - C:\WINDOWS\system32\svchost.exe -k LocalService
2R winmgmt (Windows Management Instrumentation) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2R wltrysvc (Dell Wireless WLAN Tray Service) - C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe
3S WmdmPmSN (Portable Media Serial Number Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3S WmiApSrv (WMI Performance Adapter) - C:\WINDOWS\system32\wbem\wmiapsrv.exe
2R wscsvc (Security Center) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R wuauserv (Automatic Updates) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2R WZCSVC (Wireless Zero Configuration) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3S xmlprov (Network Provisioning Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs


-- Files created between 2007-01-22 and 2007-02-22 ------------------------------

2007-02-22 10:14:38 0 d-------- C:\Program Files\HijackThis<HIJACK~1>
2007-02-22 10:13:26 0 d--hs---- C:\Recycled
2007-02-17 17:41:22 524288 --ah----- C:\Documents and Settings\Administrator.CASE-DBEA3B27CB\NTUSER.DAT
2007-02-17 17:40:50 0 d--hs---- C:\FOUND.002
2007-02-17 14:22:15 524288 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2007-02-17 14:21:50 0 d--hs---- C:\FOUND.001
2007-02-17 14:08:06 667648 --a------ C:\WINDOWS\system32\BCMLogon.dll
2007-02-17 14:08:05 424320 --a------ C:\WINDOWS\system32\drivers\BCMWL5.SYS
2007-02-17 14:08:05 0 d-------- C:\Program Files\Dell
2007-02-17 14:07:55 0 d-------- C:\Program Files\Common Files\InstallShield<INSTAL~1>
2007-02-17 14:07:40 33664 --a------ C:\WINDOWS\system32\drivers\BCMWLNPF.SYS
2007-02-17 14:07:40 253952 --a------ C:\WINDOWS\system32\bcmwlu00.exe
2007-02-17 14:07:40 1200128 --a------ C:\WINDOWS\system32\BCMWLTRY.EXE
2007-02-17 14:07:40 69632 --a------ C:\WINDOWS\system32\bcmwlpkt.dll
2007-02-17 14:07:36 18944 --a------ C:\WINDOWS\system32\WLTRYSVC.EXE
2007-02-17 14:07:36 44032 --a------ C:\WINDOWS\system32\wltrynt.dll
2007-02-17 14:07:36 1347584 --a------ C:\WINDOWS\system32\WLTRAY.EXE
2007-02-17 14:07:36 2129920 --a------ C:\WINDOWS\system32\WLBCGCBPRO731.DLL<WLBCGC~1.DLL>
2007-02-17 14:07:36 86016 --a------ C:\WINDOWS\system32\preflib.dll
2007-02-17 14:07:36 348160 --a------ C:\WINDOWS\system32\MSVCR71.DLL
2007-02-17 14:07:36 499712 --a------ C:\WINDOWS\system32\MSVCP71.DLL
2007-02-17 14:07:36 1060864 --a------ C:\WINDOWS\system32\MFC71.DLL
2007-02-17 14:07:36 757760 --a------ C:\WINDOWS\system32\bcm1xsup.dll
2007-02-17 14:07:36 89088 --a------ C:\WINDOWS\system32\ATL71.DLL
2007-02-17 14:07:36 0 d-------- C:\dell
2007-02-17 14:01:01 0 d-------- C:\WINDOWS\SoftwareDistribution<SOFTWA~1>
2007-02-17 14:01:00 0 d--hs---- C:\System Volume Information<SYSTEM~1>
2007-02-17 14:00:57 0 d-------- C:\WINDOWS\Prefetch
2007-02-17 14:00:52 524288 --ah----- C:\Documents and Settings\Owner\NTUSER.DAT
2007-02-17 14:00:50 262144 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2007-02-17 14:00:47 262144 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-02-17 14:00:26 0 d--hs---- C:\FOUND.000
2007-02-17 13:52:57 225280 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2007-02-17 13:51:24 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-02-17 13:49:50 0 d-------- C:\WINDOWS\Registration<REGIST~1>
2007-02-17 13:39:40 0 dr------- C:\Documents and Settings\All Users\Documents<DOCUME~1>
2007-02-17 11:46:43 0 d-------- C:\WINDOWS\system32\xircom
2007-02-17 11:46:43 0 d-------- C:\Program Files\microsoft frontpage<MICROS~1>
2007-02-17 11:46:25 0 -rahs---- C:\MSDOS.SYS
2007-02-17 11:46:25 0 -rahs---- C:\IO.SYS
2007-02-17 11:46:25 0 --a------ C:\CONFIG.SYS
2007-02-17 11:46:25 0 --a------ C:\AUTOEXEC.BAT
2007-02-17 11:46:00 112128 --a------ C:\WINDOWS\system32\mapi32.dll
2007-02-17 11:44:37 0 dr------- C:\WINDOWS\Offline Web Pages<OFFLIN~1>
2007-02-17 11:44:37 0 d---s---- C:\WINDOWS\Downloaded Program Files<DOWNLO~1>
2007-02-17 11:44:20 0 d--h----- C:\Program Files\WindowsUpdate<WINDOW~3>
2007-02-17 11:43:52 12288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2007-02-17 11:43:51 64512 --a------ C:\WINDOWS\system32\acctres.dll
2007-02-17 11:43:48 0 d---s---- C:\WINDOWS\Tasks
2007-02-17 11:43:48 16384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2007-02-17 11:43:39 0 d-------- C:\WINDOWS\system32\DirectX
2007-02-17 11:43:19 11264 --a------ C:\WINDOWS\system32\atrace.dll
2007-02-17 11:43:12 0 d-------- C:\Program Files\Common Files\MSSoap
2007-02-17 11:43:08 0 d-------- C:\WINDOWS\srchasst
2007-02-17 11:43:07 0 d-------- C:\WINDOWS\system32\Macromed
2007-02-17 11:43:04 120320 --a------ C:\WINDOWS\system32\wuweb.dll
2007-02-17 11:43:04 112640 --a------ C:\WINDOWS\system32\wucltui.dll
2007-02-17 11:43:04 6656 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-02-17 11:43:04 183296 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-02-17 11:43:04 1134592 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-02-17 11:43:03 36864 --a------ C:\WINDOWS\system32\wups.dll
2007-02-17 11:43:03 165888 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-02-17 11:43:03 111104 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-02-17 11:43:03 430592 --a------ C:\WINDOWS\system32\wuapi.dll
2007-02-17 11:43:03 18944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-02-17 11:43:03 382464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-02-17 11:43:03 7168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2007-02-17 11:43:03 8192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2007-02-17 11:42:59 0 d-------- C:\Program Files\Movie Maker<MOVIEM~1>
2007-02-17 11:42:55 45568 --a------ C:\WINDOWS\system32\safrslv.dll
2007-02-17 11:42:55 29696 --a------ C:\WINDOWS\system32\safrdm.dll
2007-02-17 11:42:55 43520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2007-02-17 11:42:55 43520 --a------ C:\WINDOWS\system32\racpldlg.dll
2007-02-17 11:42:52 22528 --a------ C:\WINDOWS\system32\fltMc.exe
2007-02-17 11:42:52 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2007-02-17 11:42:52 124800 --a------ C:\WINDOWS\system32\drivers\fltMgr.sys
2007-02-17 11:42:51 170496 --a------ C:\WINDOWS\system32\srsvc.dll
2007-02-17 11:42:51 239104 --a------ C:\WINDOWS\system32\srrstr.dll
2007-02-17 11:42:51 67584 --a------ C:\WINDOWS\system32\srclient.dll
2007-02-17 11:42:51 0 d-------- C:\WINDOWS\system32\Restore
2007-02-17 11:42:51 73472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-02-17 11:42:50 28672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-02-17 11:42:50 69632 --a------ C:\WINDOWS\system32\msconf.dll
2007-02-17 11:42:50 32768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2007-02-17 11:42:50 34560 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-02-17 11:42:50 32768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2007-02-17 11:42:50 81920 --a------ C:\WINDOWS\system32\ils.dll
2007-02-17 11:42:47 105984 --a------ C:\WINDOWS\system32\msoert2.dll
2007-02-17 11:42:47 252928 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-02-17 11:42:46 48128 --a------ C:\WINDOWS\system32\inetres.dll
2007-02-17 11:42:46 678400 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-02-17 11:42:44 190976 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-02-17 11:42:44 12288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-02-17 11:42:44 274944 --a------ C:\WINDOWS\system32\mstask.dll
2007-02-17 11:42:44 65536 --a------ C:\WINDOWS\system32\icwphbk.dll
2007-02-17 11:42:44 73728 --a------ C:\WINDOWS\system32\icwdial.dll
2007-02-17 11:42:43 81920 --a------ C:\WINDOWS\system32\isign32.dll
2007-02-17 11:42:43 274432 --a------ C:\WINDOWS\system32\inetcfg.dll
2007-02-17 11:42:22 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat<EMPTYR~1.DAT>
2007-02-17 11:41:22 0 d-------- C:\Program Files\Online Services<ONLINE~1>
2007-02-17 11:41:14 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-02-17 11:41:10 5632 --a------ C:\WINDOWS\system32\write.exe
2007-02-17 11:41:10 0 d-------- C:\Program Files\MSN Gaming Zone<MSNGAM~1>
2007-02-17 11:41:02 138752 --a------ C:\WINDOWS\system32\sndvol32.exe
2007-02-17 11:41:02 44544 --a------ C:\WINDOWS\system32\hticons.dll
2007-02-17 11:41:02 73216 --a------ C:\WINDOWS\system32\avwav.dll
2007-02-17 11:41:02 227840 --a------ C:\WINDOWS\system32\avtapi.dll
2007-02-17 11:41:02 16384 --a------ C:\WINDOWS\system32\avmeter.dll
2007-02-17 11:41:01 35328 --a------ C:\WINDOWS\system32\winchat.exe
2007-02-17 11:40:56 605696 --a------ C:\WINDOWS\system32\getuname.dll
2007-02-17 11:40:56 80384 --a------ C:\WINDOWS\system32\charmap.exe
2007-02-17 11:40:55 119808 --a------ C:\WINDOWS\system32\winmine.exe
2007-02-17 11:40:55 56832 --a------ C:\WINDOWS\system32\sol.exe
2007-02-17 11:40:55 126976 --a------ C:\WINDOWS\system32\mshearts.exe
2007-02-17 11:40:55 114688 --a------ C:\WINDOWS\system32\calc.exe
2007-02-17 11:40:54 1161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-02-17 11:40:54 16896 --a------ C:\WINDOWS\system32\tsshutdn.exe
2007-02-17 11:40:54 16384 --a------ C:\WINDOWS\system32\tskill.exe
2007-02-17 11:40:54 14848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2007-02-17 11:40:54 14848 --a------ C:\WINDOWS\system32\tscon.exe
2007-02-17 11:40:54 14848 --a------ C:\WINDOWS\system32\shadow.exe
2007-02-17 11:40:54 15872 --a------ C:\WINDOWS\system32\rwinsta.exe
2007-02-17 11:40:54 9728 --a------ C:\WINDOWS\system32\reset.exe
2007-02-17 11:40:54 33792 --a------ C:\WINDOWS\system32\regini.exe
2007-02-17 11:40:54 4096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2007-02-17 11:40:54 22016 --a------ C:\WINDOWS\system32\qwinsta.exe
2007-02-17 11:40:54 16896 --a------ C:\WINDOWS\system32\qappsrv.exe
2007-02-17 11:40:54 55296 --a------ C:\WINDOWS\system32\freecell.exe
2007-02-17 11:40:53 20992 --a------ C:\WINDOWS\system32\msg.exe
2007-02-17 11:40:53 15360 --a------ C:\WINDOWS\system32\logoff.exe
2007-02-17 11:40:53 15872 --a------ C:\WINDOWS\system32\cdmodem.dll
2007-02-17 11:40:52 54272 --a------ C:\WINDOWS\system32\stclient.dll
2007-02-17 11:40:52 25088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2007-02-17 11:40:52 4096 --a------ C:\WINDOWS\system32\mtxex.dll
2007-02-17 11:40:52 20480 --a------ C:\WINDOWS\system32\mtxdm.dll
2007-02-17 11:40:52 5120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2007-02-17 11:40:52 147456 --a------ C:\WINDOWS\system32\comsnap.dll
2007-02-17 11:40:52 82432 --a------ C:\WINDOWS\system32\comrepl.dll
2007-02-17 11:40:52 25600 --a------ C:\WINDOWS\system32\comaddin.dll
2007-02-17 11:40:36 183808 --a------ C:\WINDOWS\system32\accwiz.exe
2007-02-17 11:40:35 131584 --a------ C:\WINDOWS\system32\sndrec32.exe
2007-02-17 11:40:35 343040 --a------ C:\WINDOWS\system32\mspaint.exe
2007-02-17 11:40:35 123392 --a------ C:\WINDOWS\system32\mplay32.exe
2007-02-17 11:40:35 345088 --a------ C:\WINDOWS\system32\hypertrm.dll
2007-02-17 11:40:35 0 d-------- C:\Program Files\Windows NT<WINDOW~1>
2007-02-17 11:40:34 93696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-02-17 11:40:34 538624 --a------ C:\WINDOWS\system32\spider.exe
2007-02-17 11:40:34 21896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-02-17 11:40:34 12040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-02-17 11:40:34 139400 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-02-17 11:40:34 102912 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-02-17 11:40:33 44544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-02-17 11:40:33 295424 --a------ C:\WINDOWS\system32\termsrv.dll
2007-02-17 11:40:33 140800 --a------ C:\WINDOWS\system32\sessmgr.exe
2007-02-17 11:40:33 60416 --a------ C:\WINDOWS\system32\remotepg.dll
2007-02-17 11:40:33 67072 --a------ C:\WINDOWS\system32\rdshost.exe
2007-02-17 11:40:33 13824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-02-17 11:40:33 147968 --a------ C:\WINDOWS\system32\rdchost.dll
2007-02-17 11:40:33 655360 --a------ C:\WINDOWS\system32\mstscax.dll
2007-02-17 11:40:33 407552 --a------ C:\WINDOWS\system32\mstsc.exe
2007-02-17 11:40:32 87176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-02-17 11:40:32 19968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-02-17 11:40:32 62464 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-02-17 11:40:32 20480 --a------ C:\WINDOWS\system32\qprocess.exe
2007-02-17 11:40:32 90112 --a------ C:\WINDOWS\system32\mtxoci.dll
2007-02-17 11:40:32 161280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2007-02-17 11:40:32 425472 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-02-17 11:40:32 0 d-------- C:\WINDOWS\system32\MsDtc
2007-02-17 11:40:32 11264 --a------ C:\WINDOWS\system32\icaapi.dll
2007-02-17 11:40:32 38912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-02-17 11:40:31 11776 --a------ C:\WINDOWS\system32\xolehlp.dll
2007-02-17 11:40:31 949248 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-02-17 11:40:31 58880 --a------ C:\WINDOWS\system32\msdtclog.dll
2007-02-17 11:40:31 6144 --a------ C:\WINDOWS\system32\msdtc.exe
2007-02-17 11:40:30 0 d-------- C:\WINDOWS\system32\Com
2007-02-17 11:40:30 62464 --a------ C:\WINDOWS\system32\colbact.dll
2007-02-17 11:40:30 110080 --a------ C:\WINDOWS\system32\clbcatex.dll
2007-02-17 11:40:30 628224 --a------ C:\WINDOWS\system32\catsrvut.dll
2007-02-17 11:40:30 85504 --a------ C:\WINDOWS\system32\catsrvps.dll
2007-02-17 11:40:30 229888 --a------ C:\WINDOWS\system32\catsrv.dll
2007-02-17 11:40:29 540160 --a------ C:\WINDOWS\system32\comuid.dll
2007-02-17 11:40:29 1251840 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-02-17 11:40:29 501248 --a------ C:\WINDOWS\system32\clbcatq.dll
2007-02-17 11:40:23 56320 --a------ C:\WINDOWS\system32\servdeps.dll
2007-02-17 11:40:23 17408 --a------ C:\WINDOWS\system32\mmfutil.dll
2007-02-17 11:40:23 58880 --a------ C:\WINDOWS\system32\licwmi.dll
2007-02-17 11:40:23 185344 --a------ C:\WINDOWS\system32\cmprops.dll
2007-02-17 11:40:20 40840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-02-17 11:40:20 196864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-02-17 11:36:55 3072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-02-17 11:36:10 57472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-02-17 11:35:40 6400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2007-02-17 11:35:30 42368 --a------ C:\WINDOWS\system32\drivers\AGP440.SYS
2007-02-17 11:35:23 5504 --a------ C:\WINDOWS\system32\drivers\intelide.sys
2007-02-17 11:35:14 74240 --a------ C:\WINDOWS\system32\usbui.dll
2007-02-17 11:35:03 9344 --a------ C:\WINDOWS\system32\drivers\compbatt.sys
2007-02-17 11:35:02 14080 --a------ C:\WINDOWS\system32\drivers\battc.sys
2007-02-17 11:35:01 14080 --a------ C:\WINDOWS\system32\drivers\CmBatt.sys
2007-02-17 11:33:56 0 d--hs---- C:\WINDOWS\Installer<INSTAL~1>
2007-02-17 11:33:55 0 d-------- C:\Program Files\Common Files\ODBC
2007-02-17 11:33:51 0 dr------- C:\Program Files<PROGRA~1>
2007-02-17 11:33:51 0 d-------- C:\Program Files\Common Files\SpeechEngines<SPEECH~1>
2007-02-17 11:33:48 6144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2007-02-17 11:33:48 6144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2007-02-17 11:33:48 5632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2007-02-17 11:33:47 5632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2007-02-17 11:33:47 5632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2007-02-17 11:33:45 8192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2007-02-17 11:33:45 6656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2007-02-17 11:33:45 6144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2007-02-17 11:33:45 5632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2007-02-17 11:33:45 5632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2007-02-17 11:33:45 5632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2007-02-17 11:33:45 6144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2007-02-17 11:33:43 6144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2007-02-17 11:33:43 6144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2007-02-17 11:33:43 5632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2007-02-17 11:33:43 5632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2007-02-17 11:33:43 6144 -ra------ C:\WINDOWS\system32\kbdest.dll
2007-02-17 11:33:41 6656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2007-02-17 11:33:41 6656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2007-02-17 11:33:41 6656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2007-02-17 11:33:41 5632 -ra------ C:\WINDOWS\system32\kbdro.dll
2007-02-17 11:33:41 5632 -ra------ C:\WINDOWS\system32\kbdpl1.dll
2007-02-17 11:33:41 6656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2007-02-17 11:33:41 5632 -ra------ C:\WINDOWS\system32\kbdhu1.dll
2007-02-17 11:33:41 6656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2007-02-17 11:33:41 6656 -ra------ C:\WINDOWS\system32\kbdcz2.dll
2007-02-17 11:33:41 6656 -ra------ C:\WINDOWS\system32\kbdcz1.dll
2007-02-17 11:33:41 7168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2007-02-17 11:33:41 6656 -ra------ C:\WINDOWS\system32\kbdcr.dll
2007-02-17 11:33:41 6656 -ra------ C:\WINDOWS\system32\KBDAL.DLL
2007-02-17 11:33:21 13312 --a------ C:\WINDOWS\system32\irclass.dll
2007-02-17 11:33:20 24661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-02-17 11:33:20 103424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2007-02-17 11:33:20 85020 --a------ C:\WINDOWS\system32\dgsetup.dll
2007-02-17 11:33:20 176157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2007-02-17 11:33:20 9008 --a------ C:\WINDOWS\system\VER.DLL
2007-02-17 11:33:20 19200 --a------ C:\WINDOWS\system\TAPI.DLL
2007-02-17 11:33:19 5120 --a------ C:\WINDOWS\system\SHELL.DLL
2007-02-17 11:32:58 24064 --a------ C:\WINDOWS\system\OLESVR.DLL
2007-02-17 11:32:58 82944 --a------ C:\WINDOWS\system\OLECLI.DLL
2007-02-17 11:32:58 126912 --a------ C:\WINDOWS\system\MSVIDEO.DLL
2007-02-17 11:32:57 9936 --a------ C:\WINDOWS\system\LZEXPAND.DLL
2007-02-17 11:32:48 15360 --a------ C:\WINDOWS\TASKMAN.EXE
2007-02-17 11:32:48 32816 --a------ C:\WINDOWS\system\COMMDLG.DLL
2007-02-17 11:32:48 109456 --a------ C:\WINDOWS\system\AVIFILE.DLL
2007-02-17 11:32:48 69584 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-02-17 11:32:47 11264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-02-17 11:32:47 8704 --a------ C:\WINDOWS\system32\batt.dll
2007-02-17 11:32:47 68768 --a------ C:\WINDOWS\system\MMSYSTEM.DLL
2007-02-17 11:32:47 69120 --a------ C:\WINDOWS\NOTEPAD.EXE
2007-02-17 11:32:46 74752 --a------ C:\WINDOWS\system32\storprop.dll
2007-02-17 11:32:24 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-02-17 11:32:24 0 d-------- C:\WINDOWS\system32\CatRoot
2007-02-17 11:31:50 0 d-------- C:\Documents and Settings<DOCUME~1>
2007-02-17 10:26:03 0 d-------- C:\WINDOWS
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\WinSxS
2007-02-17 10:26:03 0 dr------- C:\WINDOWS\Web
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\twain_32
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\wins
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\wbem
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\usmt
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\spool
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\ShellExt
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\Setup
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\ras
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\oobe
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\npp
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\mui
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\inetsrv
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\IME
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\icsxml
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\ias
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\export
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\drivers
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-02-17 10:26:03 0 dr-hs---- C:\WINDOWS\system32\dllcache
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\dhcp
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\config
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\3076
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\2052
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\1054
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\1042
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\1041
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\1037
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\1033
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\1031
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\1028
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system32\1025
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\system
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\security
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\Resources<RESOUR~1>
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\repair
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\Provisioning<PROVIS~1>
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\PeerNet
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\pchealth
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\mui
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\msapps
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\msagent
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\Media
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\java
2007-02-17 10:26:03 0 d--h----- C:\WINDOWS\inf
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\ime
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\Help
2007-02-17 10:26:03 0 dr--s---- C:\WINDOWS\Fonts
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\Driver Cache<DRIVER~1>
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\Debug
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\Cursors
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\Connection Wizard<CONNEC~1>
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\Config
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\AppPatch
2007-02-17 10:26:03 0 d-------- C:\WINDOWS\addins


-- Find3M Report ----------------------------------------------------------------

2007-02-21 13:37:40 0 d-------- C:\Documents and Settings\Owner\Application Data\Macromedia<MACROM~1>
2007-02-17 14:01:20 0 d-------- C:\Documents and Settings\Owner\Application Data\Identities<IDENTI~1>
2007-02-17 13:39:42 62 --ahs---- C:\Documents and Settings\Owner\Application Data\desktop.ini
2007-02-17 13:39:04 0 d---s---- C:\Documents and Settings\Owner\Application Data\Microsoft<MICROS~1>


-- Registry Dump ----------------------------------------------------------------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Broadcom Wireless Manager UI"="C:\\WINDOWS\\system32\\WLTRAY.exe"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0



-- End of ComboScan: finished at 2007-02-22 at 10:15:02 -------------------------
  • 0

#4
didom
Posted 22 February 2007 - 12:37 PM

didom

    Member 1K

  • Member
  • PipPipPipPip
  • 1,919 posts
Please go HERE to run Panda's ActiveScan
  • Once you are on the Panda site click the Scan your PC button
  • A new window will open...click the Check Now button
  • Enter your Country
  • Enter your State/Province
  • Enter your e-mail address and click send
  • Select either Home User or Company
  • Click the big Scan Now button
  • If it wants to install an ActiveX component allow it
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • When download is complete, click on My Computer to start the scan
  • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report
Start HijackThis, perform a new scan and save the log file.

Use the Add Reply button to post your new logs back here along with details of any problems you encountered performing the above steps and I will review it when it comes in.
  • 0

#5
Bamsk8ter13
Posted 22 February 2007 - 01:58 PM

Bamsk8ter13

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts
Incident Status Location

Spyware:Cookie/Atlas DMT Not disinfected C:\FOUND.001\FILE0036.CHK
Spyware:Cookie/Doubleclick Not disinfected C:\FOUND.001\FILE0045.CHK
Spyware:Cookie/QuestionMarket Not disinfected C:\FOUND.001\FILE0060.CHK
Spyware:Cookie/Hitslink Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Owner\Cookies\owner@statcounter[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Owner\Cookies\owner@fastclick[2].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Owner\Cookies\owner@apmebf[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Owner\Cookies\owner@advertising[2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Owner\Cookies\owner@casalemedia[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Owner\Cookies\owner@adrevolver[1].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Owner\Cookies\owner@zedo[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Owner\Cookies\owner@adrevolver[2].txt
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Owner\Cookies\owner@2o7[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Owner\Cookies\owner@doubleclick[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@questionmarket[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator.CASE-DBEA3B27CB\Cookies\administrator@atdmt[2].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Administrator.CASE-DBEA3B27CB\Cookies\administrator@zedo[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Administrator.CASE-DBEA3B27CB\Cookies\administrator@doubleclick[2].txt
Spyware:Cookie/360i Not disinfected C:\Documents and Settings\Administrator.CASE-DBEA3B27CB\Cookies\[email protected][1].txt
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Administrator.CASE-DBEA3B27CB\Cookies\administrator@2o7[2].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Administrator.CASE-DBEA3B27CB\Cookies\administrator@questionmarket[2].txt







_______________________HIJACK THIS LOG!__________________



Logfile of HijackThis v1.99.1
Scan saved at 1:56:01 PM, on 2/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wpabaln.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
  • 0

#6
didom
Posted 22 February 2007 - 03:35 PM

didom

    Member 1K

  • Member
  • PipPipPipPip
  • 1,919 posts
Cookies are nothing to be worried about. They get installed on your computer everytime you visit any webpage. Now some of those are good cookies that get installed for ease of use for next time you visit the same page, but some cookies are spyware used for tracking users surfing habits.

Most of those cookies are third party cookies that can be blocked:

In Firefox go to Tools > Options > Privacy > Cookies

Click the small triangle next to cookies to expand that tab and put a check next to "for the originating website only". This will prevent third party cookies from being installed on your computer.

In IE go to Tools > Internet Options > Privacy and click on Advanced in the Privacy tab

Now put a check next to "Override automatic cookie handling"

Set first party cookies to Accept and third party cookies to Block

Also put a check to "Always allow session cookies" OK your way out.

This won't prevent all bad cookies from being installed, but will reduce the amount.

Also there is another program you can use.

Spywareblaster Prevents the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software. Blocks spyware/tracking cookies in Internet Explorer and Mozilla/Firefox. Restricts the actions of potentially unwanted sites in Internet Explorer.

--------------------

Well, all logs looks clean to me. So I think your problems aren't related to spyware. Maybe you can post your random reboot problem in the hardware section

What exactly are those error in IE?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP