Messages

1

Tech Clinic / Task manager failing to show up.

« on: January 02, 2007, 11:43:47 PM »

Uninstall list:

---------------start

Ad-aware 6 Personal
Adobe Acrobat 5.0
AI RoboForm (All Users)
AOL Instant Messenger
ArcSoft PhotoImpression 4
Backyard Basketball 2004
Block It!
Boobinator
Camera Driver
CEP - Color Enable Package
Click'N Design 3D
DFX for Windows Media Player
DiamondCS TDS-3
Disciples: Sacred Lands
DivX
DivX Converter
DivX Player
DivX Web Player
eGames GameButler
Game Book Player
HijackThis 1.99.1
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
IrfanView (remove only)
J2SE Runtime Environment 5.0 Update 6
Last.fm Player 1.1.4
Macromedia Flash Player 8
Macromedia Shockwave Player
McAfee SecurityCenter
Memware 2.1.005
Messenger Plus! Live
Microsoft .NET Framework 1.1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft User-Mode Driver Framework Feature Pack 1.0
Milton Bradley Classic Board Games
Mozilla Firefox (1.5.0.9)
MUSICMATCH® Jukebox
Nero - Burning Rom
NetBattle
Parker Brothers Classic Card Games
Puzzle Pirates
QuickTime
Q-Xpress Installer 1.1.5
RealPlayer Basic
RollerCoaster Tycoon 2
School Tycoon
Security Update for Windows XP (KB896423)
Shockwave
SimPE 0.44c (alpha)
Sims2Pack Clean Installer
Sony Picture Utility
Sony USB Driver
Starware 4.2.0.0
The Game Of Life
The Sims 2
The Sims 2 Family Fun Stuff
The Sims 2 Nightlife
The Sims 2 Open For Business
The Sims 2 Pets
The Sims 2 University
The WB Fall 2005 Screen Saver
TV Guide Crosswords
Update for Windows XP (KB898461)
Viewpoint Media Player
Winamp (remove only)
Window Washer
Windows Defender
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Service Pack 2
WinRAR archiver

---------------stop

 

I got TDS3 from Tucows, by searching on Google.
No, it couldn't update.

And yes, this is a legal version of XP. As you can see from the uninstall list, I updated today.

Thanks again. http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'\' />

2

Tech Clinic / Task manager failing to show up.

« on: January 01, 2007, 10:00:52 PM »

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'\' /> Task manager's working again!
 
 
 Here's my HijackThis log:
 
 ---------------start
 
 Logfile of HijackThis v1.99.1
 Scan saved at 9:55:47 PM, on 01/01/2007
 Platform: Windows XP  (WinNT 5.01.2600)
 MSIE: Internet Explorer v6.00 (6.00.2600.0000)
 
 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.exe
 C:\WINDOWS\system32\services.exe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.exe
 C:\WINDOWS\System32\svchost.exe
 C:\WINDOWS\system32\spoolsv.exe
 C:\WINDOWS\System32\cisvc.exe
 c:\program files\mcafee.com\agent\mcdetect.exe
 c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
 C:\Program Files\Real\RealPlayer\RealPlay.exe
 C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
 C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
 C:\WINDOWS\System32\wwSecure.exe
 C:\WINDOWS\System32\cidaemon.exe
 C:\Program Files\Mozilla Firefox\firefox.exe
 C:\Program Files\MSN Messenger\msnmsgr.exe
 C:\WINDOWS\System32\svchost.exe
 C:\WINDOWS\explorer.exe
 C:\WINDOWS\system32\NOTEPAD.EXE
 C:\Program Files\HijackThis\HijackThis.exe
 
 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com/
 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=wKX1ILE...nfVOF74tRr3yi6Z
 R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
 R3 - URLSearchHook: (no name) -  - (no file)
 O1 - Hosts: 64.91.255.87 www.dcsresearch.com
 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
 O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
 O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: IeHelper Class - {A491D208-B353-490F-B81A-A8A3DC97042D} - "C:\WINDOWS\System32\smiehlp.dll (file missing)
 O2 - BHO: Starware - {CA356D79-679B-4b4c-8E49-5AF97014F4C1} - C:\Program Files\Starware\bin\Starware.dll
 O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
 O3 - Toolbar: Starware - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - C:\Program Files\Starware\bin\Starware.dll
 O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
 O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
 O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
 O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
 O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
 O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
 O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
 O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
 O4 - HKCU\..\Run: [Washer] C:\Program Files\Washer\washer.exe /0
 O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
 O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
 O4 - Startup: Cyber-shot Viewer Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
 O4 - Startup: PowerReg Scheduler V3.exe
 O4 - Global Startup: Block It!.lnk = C:\Program Files\Block It!\blockit.exe
 O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZJfox000
 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
 O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
 O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
 O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
 O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Hurley\Start Menu\Programs\IMVU\Run IMVU.lnk
 O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
 O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1167525339136
 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
 O17 - HKLM\System\CCS\Services\Tcpip\..\{41399FEB-49D1-47F1-9099-8B1D7F4E22D7}: NameServer = 204.50.251.17 207.107.254.120
 O17 - HKLM\System\CS1\Services\Tcpip\..\{41399FEB-49D1-47F1-9099-8B1D7F4E22D7}: NameServer = 204.50.251.17 207.107.254.120
 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
 O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
 O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
 O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
 O23 - Service: Washer AutoComplete (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\System32\wwSecure.exe
 
 ---------------stop
 
 
 And here's the Combofix log:
 
 ---------------start
 
 ComboFix 06.11.27 - Running from: "C:\Documents and Settings\Hurley\Desktop"
 
 (((((((((((((((((((((((((((((((   Files Created from 2006-12-01 to 2007-01-01  ))))))))))))))))))))))))))))))))))
 
 
 2007-01-01    21:52    <DIR>    d--------    C:\bintheredunthat
 2007-01-01    21:48    <DIR>    d--------    C:\bfu
 2007-01-01    17:09    <DIR>    d--------    C:\Program Files\HijackThis
 2007-01-01    17:04    6    --a------    C:\WINDOWS\dcstds3.dll
 2007-01-01    17:01    <DIR>    d--------    C:\Program Files\TDS3
 2006-12-30    19:56    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
 2006-12-30    19:39    127,208    --a------    C:\WINDOWS\system32\mucltui.dll
 2006-12-29    16:25    <DIR>    d--------    C:\Documents and Settings\Hurley\Application Data\Sony Corporation
 2006-12-29    16:23    6,097    --a------    C:\WINDOWS\system32\drivers\sonyhcb.sys
 2006-12-29    16:23    53,248    --a------    C:\WINDOWS\system32\SONYHCY.DLL
 2006-12-29    16:23    38,739    --a------    C:\WINDOWS\system32\drivers\sonyhcc.sys
 2006-12-29    16:23    3,654    --a------    C:\WINDOWS\system32\drivers\Sonyhcp.dll
 2006-12-29    16:23    299,923    --a------    C:\WINDOWS\system32\drivers\sonyhcs.sys
 2006-12-29    16:23    102,220    --a------    C:\WINDOWS\system32\drivers\sonypvs1.sys
 2006-12-29    16:23    <DIR>    d--------    C:\Program Files\Sony
 2006-12-29    16:23    <DIR>    d--------    C:\Drivers
 2006-12-29    16:20    8,192    --a------    C:\WINDOWS\system32\tsbyuv.dll
 2006-12-29    16:20    49,664    --a------    C:\WINDOWS\system32\vfwwdm32.dll
 2006-12-29    16:20    45,568    --a------    C:\WINDOWS\system32\iyuv_32.dll
 2006-12-29    16:20    36,864    -ra------    C:\WINDOWS\system32\mr310exv.dll
 2006-12-29    16:20    28,672    -ra------    C:\WINDOWS\system32\mr310exd.dll
 2006-12-29    16:20    129,875    -ra------    C:\WINDOWS\system32\drivers\mr97310c.sys
 2006-12-29    16:12    <DIR>    d--------    C:\Documents and Settings\Hurley\Application Data\ArcSoft
 2006-12-29    16:11    212,480    --a------    C:\WINDOWS\PCDLIB32.DLL
 2006-12-29    16:11    163,840    --a------    C:\WINDOWS\system32\PhotoImpression Screen Saver.scr
 2006-12-29    16:09    <DIR>    d--------    C:\Program Files\ArcSoft
 2006-12-29    16:05    73,728    --a------    C:\WINDOWS\system32\mr310ipc.dll
 2006-12-29    16:05    352,256    --a------    C:\WINDOWS\system32\ijl15.dll
 2006-12-29    16:05    102,400    --a------    C:\WINDOWS\system32\mr310ifc.dll
 2006-12-29    16:05    <DIR>    d--------    C:\Program Files\MARS
 2006-12-12    00:48    <DIR>    d--------    C:\Program Files\Neopet Hacking
 2006-12-08    21:48    92,208    --a------    C:\WINDOWS\system32\WING.DLL
 2006-12-08    21:48    188,960    --a------    C:\WINDOWS\system32\WINGDE.DLL
 2006-12-08    21:48    12,800    --a------    C:\WINDOWS\system32\wing32.dll
 2006-12-08    20:41    <DIR>    d--------    C:\Program Files\Cat Daddy Games
 2006-12-07    20:33    <DIR>    d--------    C:\Documents and Settings\Hurley\Application Data\FunWebProducts
 2006-12-07    20:31    <DIR>    d--------    C:\Program Files\MyWebSearch
 2006-12-02    01:09    <DIR>    d--------    C:\WINDOWS\LogFiles
 2006-12-01    14:36    <DIR>    d--------    C:\Program Files\IPSWin
 
 
 ((((((((((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))))
 
 
 2007-01-01 21:38    --------    d--------    C:\Program Files\Mozilla Firefox
 2007-01-01 03:57    --------    d--------    C:\Documents and Settings\Hurley\Application Data\Shareaza
 2006-12-31 16:12    --------    d--------    C:\Documents and Settings\Hurley\Application Data\Starware
 2006-12-29 16:23    --------    d--h-----    C:\Program Files\InstallShield Installation Information
 2006-12-29 16:22    --------    d--------    C:\Program Files\Common Files\InstallShield
 2006-12-25 13:11    --------    d--------    C:\Program Files\EA GAMES
 2006-12-22 22:47    --------    d--------    C:\Program Files\Charmed
 2006-12-09 02:30    --------    d--------    C:\Program Files\MSN Messenger
 2006-12-09 02:30    --------    d--------    C:\Program Files\Messenger Plus! Live
 2006-12-08 21:48    --------    d--------    C:\Program Files\Hasbro Interactive
 2006-12-08 18:47    --------    d--------    C:\Documents and Settings\Hurley\Application Data\IMVU
 2006-12-08 15:52    --------    d--------    C:\Program Files\IMVU
 2006-12-07 23:25    --------    d--------    C:\Program Files\Internet Explorer
 2006-12-07 20:31    360448    --a------    C:\Program Files\Uninstall My Web Search.dll
 2006-12-07 20:31    --------    d-a------    C:\Program Files\FunWebProducts
 2006-12-06 14:00    --------    d--------    C:\Program Files\Click'N Design 3D
 2006-12-03 17:05    --------    d--------    C:\Program Files\Visual Boy Advance
 2006-11-25 15:45    --------    d--------    C:\Program Files\Common Files\EasyInfo
 2006-11-25 15:45    --------    d--------    C:\Program Files\Common Files
 2006-11-21 16:27    --------    d--------    C:\Program Files\MessengerPlus! 3
 2006-11-18 23:42    --------    d--------    C:\Program Files\ArtMoney
 2006-11-10 23:34    --------    d--------    C:\Program Files\Common Files\Microsoft Shared
 2006-11-03 22:23    --------    d--------    C:\Program Files\Sims2Pack Clean Installer
 2006-11-03 22:00    --------    d---s----    C:\Documents and Settings\Hurley\Application Data\Microsoft
 2006-11-03 22:00    --------    d--------    C:\Program Files\SimPE
 2006-10-28 08:25    0    --a------    C:\WINDOWS\system32\taskkill.exe
 2006-10-28 08:25    0    --a------    C:\WINDOWS\b.exe
 2006-10-23 16:35    1573208    --a------    C:\WINDOWS\system32\Charmed-WB.scr
 
 
 ((((((((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))
 
 *Note* empty entries are not shown
 
 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
 "Washer"="C:\\Program Files\\Washer\\washer.exe /0"
 "AIM"="C:\\Program Files\\AIM\\aim.exe -cnetwait.odl"
 "Window Washer"="C:\\Program Files\\Webroot\\Washer\\wwDisp.exe"
 "msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
 
 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
 "MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe"
 "MCUpdateExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcupdate.exe"
 "WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe"
 "RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"
 "NeroCheck"="C:\\WINDOWS\\System32\\\\NeroCheck.exe"
 "mmtask"="C:\\Program Files\\MUSICMATCH\\MUSICMATCH Jukebox\\mmtask.exe"
 "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
 "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
 
 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
 "DeskHtmlVersion"=dword:00000110
 "DeskHtmlMinorVersion"=dword:00000005
 "Settings"=dword:00000001
 "GeneralFlags"=dword:00000001
 
 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
 "Source"="About:Home"
 "SubscribedURL"="About:Home"
 "FriendlyName"="My Current Home Page"
 "Flags"=dword:00000002
 "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,e2,03,00,00,00,\
   00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
 "CurrentState"=hex:04,00,00,40
 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
   ff,ff,04,00,00,00
 "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
   00,00,01,00,00,00
 
 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
 "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
 
 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
 "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
 
 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
 "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
 "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
 
 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
 "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
 
 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
 "NoDriveTypeAutoRun"=dword:00000091
 
 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
 
 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
 "dontdisplaylastusername"=dword:00000000
 "legalnoticecaption"=""
 "legalnoticetext"=""
 "shutdownwithoutlogon"=dword:00000001
 "undockwithoutlogon"=dword:00000001
 
 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
 "NoDriveTypeAutoRun"=dword:00000091
 
 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
 "NoDriveTypeAutoRun"=dword:00000091
 
 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
 "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
 "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
 "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
 "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
 
 [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]    
 "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
 
 Completion time: 07-01-01 21:54:14.85
 C:\ComboFix.txt ... 07-01-01 21:54
 
 ---------------stop
 
 
 Thank you for helping me fix it. http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'\' />
 Is there anything else I need to do?

3

Tech Clinic / Task manager failing to show up.

« on: January 01, 2007, 09:41:04 PM »

When I click Combofix's icon, the screen just pops up and goes away. It doesn't give me any prompts.

4

Tech Clinic / Task manager failing to show up.

« on: January 01, 2007, 08:43:29 PM »

Hello.
I was wondering if anybody could help me with this problem? http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/sad.gif\' class=\'bbc_emoticon\' alt=\'\' />
I've already scanned with TDS3 and it only found a few 'positive identification' files.

Here is my HijackThis log:
 
---------------------start
 
 Logfile of HijackThis v1.99.1
 Scan saved at 6:47:23 PM, on 01/01/2007
 Platform: Windows XP  (WinNT 5.01.2600)
 MSIE: Internet Explorer v6.00 (6.00.2600.0000)
 
 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.exe
 C:\WINDOWS\system32\services.exe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.exe
 C:\WINDOWS\System32\svchost.exe
 C:\WINDOWS\system32\spoolsv.exe
 C:\WINDOWS\Explorer.EXE
 C:\WINDOWS\System32\cisvc.exe
 c:\program files\mcafee.com\agent\mcdetect.exe
 c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
 C:\Program Files\Real\RealPlayer\RealPlay.exe
 C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
 C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\svchost.exe
 C:\WINDOWS\System32\wwSecure.exe
 C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
 C:\WINDOWS\System32\cidaemon.exe
 C:\Program Files\HijackThis\HijackThis.exe
 
 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com/
 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=wKX1ILE...nfVOF74tRr3yi6Z
 R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
 R3 - URLSearchHook: (no name) -  - (no file)
 O1 - Hosts: 64.91.255.87 www.dcsresearch.com
 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
 O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
 O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: IeHelper Class - {A491D208-B353-490F-B81A-A8A3DC97042D} - "C:\WINDOWS\System32\smiehlp.dll (file missing)
 O2 - BHO: Starware - {CA356D79-679B-4b4c-8E49-5AF97014F4C1} - C:\Program Files\Starware\bin\Starware.dll
 O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
 O3 - Toolbar: Starware - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - C:\Program Files\Starware\bin\Starware.dll
 O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
 O4 - HKLM\..\Run: [MCAgentExe]c:\PROGRA~1\mcafee.com\agent\mcagent.exe
 O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
 O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
 O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
 O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
 O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
 O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
 O4 - HKCU\..\Run: [Washer] C:\Program Files\Washer\washer.exe /0
 O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
 O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
 O4 - Startup: Cyber-shot Viewer Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
 O4 - Startup: PowerReg Scheduler V3.exe
 O4 - Global Startup: Block It!.lnk = C:\Program Files\Block It!\blockit.exe
 O4 - Global Startup: svchost.exe
 O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZJfox000
 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
 O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
 O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
 O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
 O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Hurley\Start Menu\Programs\IMVU\Run IMVU.lnk
 O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
 O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1167525339136
 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
 O17 - HKLM\System\CCS\Services\Tcpip\..\{41399FEB-49D1-47F1-9099-8B1D7F4E22D7}: NameServer = 204.50.251.17 207.107.254.120
 O17 - HKLM\System\CS1\Services\Tcpip\..\{41399FEB-49D1-47F1-9099-8B1D7F4E22D7}: NameServer = 204.50.251.17 207.107.254.120
 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
 O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
 O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
 O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
 O23 - Service: Washer AutoComplete (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\System32\wwSecure.exe
 
---------------------stop
 
 and here is my scandump.txt:
 
---------------------start
 
 Scan Control Dumped @ 18:30:43 01-01-07
 Suspicious Filename: Dual extensions
 File: c:\documents and settings\hurley\local settings\application data\shareaza\incomplete\7xpucrofsodwbjvo645dj42i6ckkb2zx shareaza_2.2.1.0.exe
 
 Suspicious Filename: Dual extensions
   File: c:\documents and settings\hurley\my documents\firefox setup 1.0.7.exe
 
 Suspicious Filename: Dual extensions
   File: c:\documents and settings\hurley\my documents\firefox setup 1.5.0.6.exe
 
 Suspicious Filename: Dual extensions
   File: c:\documents and settings\hurley\my documents\lastfmwindows-1.1.4.exe
 
 Suspicious Filename: Dual extensions
   File: c:\documents and settings\hurley\my documents\qxpresssetup_1.1.5.exe
 
 Suspicious Filename: Dual extensions
   File: c:\documents and settings\hurley\my documents\shareaza_2.1.0.0.exe
 
 Suspicious Filename: Dual extensions
   File: c:\documents and settings\hurley\my documents\spng2.2.397.exe
 
 Positive identification <Adv> (in archive): Possible keylogger
   File: setup.exe (In c:\documents and settings\hurley\my documents\downloads\shared\(ebook) mathemagic (magic tricks) pdf.zip)
 
 Positive identification <Adv> (in archive): Possible keylogger
   File: setup.exe (In c:\program files\outlook\p.zip)
 
 Positive identification <Adv>: Possible keylogger
   File: c:\program files\outlook\v.tmp
 
 Positive identification <Adv>: Possible keylogger
   File: c:\program files\softnyx\gunbound\npkcusb.sys
 
 Positive identification <Adv>: Possible keylogger
   File: c:\program files\tds3\xdynamic\tds.unpk\v.tmp
 
---------------------stop
 
 My task manager is still not showing up, even after deleting all the positive identification files found in TDS3.

Can somebody please help me?