Author Topic: Game cant access internet then crashes (Read 717 times)

mengskx · « **on:** July 10, 2007, 09:53:55 PM »

After installing my new hard drive ive had some difficulty accessing certain things. 1 being I cant access my Task Manager. 2 when I try to go to the server of my video game it doesnt then goes to a black screen and I then have to do a hard reboot. I can browse the internet, but is it something different to play on an online server?

guestolo · « **Reply #1 on:** July 10, 2007, 11:07:36 PM »

I can't tell from this side what's happening
but this part worries me

Quote

I cant access my Task Manager.

Can you post a hijackthis log and ensure it's clean please

mengskx · « **Reply #2 on:** July 12, 2007, 04:48:06 PM »

Logfile of HijackThis v1.99.1
Scan saved at 4:45:51 PM, on 7/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
C:\Program Files\Razer\razerhid.exe
C:\WINDOWS\stsystra.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Razer\razertra.exe
C:\Program Files\Razer\razerofa.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HJT\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
O2 - BHO: (no name) - {00000026-8735-428D-B81F-DD098223B25F} - (no file)
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: (no name) - {000006b1-19b5-414a-849f-2a3c64ae6939} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {06dfedaa-6196-11d5-bfc8-00508b4a487d} - (no file)
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {30000273-8230-4dd4-be4f-6889d1e74167} - (no file)
O2 - BHO: msdn_lib.msdn_hlp - {38847C4B-1AB1-4A47-9026-9A6CF7B43D31} - C:\WINDOWS\system32\msdn_lib.dll (file missing)
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: sa_ie_monitor.ie_monitor - {4F65D192-327B-41D6-B082-0D2A104D9B73} - C:\Program Files\SpyAway\sa_ie_monitor.dll (file missing)
O2 - BHO: (no name) - {53C330D6-A4AB-419B-B45D-FD4411C1FEF4} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {669695bc-a811-4a9d-8cdf-ba8c795f261e} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {b8875bfe-b021-11d4-bfa8-00508b8e9bd3} - (no file)
O2 - BHO: (no name) - {bb936323-19fa-4521-ba29-eca6a121bc78} - (no file)
O2 - BHO: (no name) - {ca1d1b05-9c66-11d5-a009-000103c1e50b} - (no file)
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"
O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\razerhid.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: dlcc_device - - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

guestolo · « **Reply #3 on:** July 12, 2007, 07:42:17 PM »

Do a "System scan only" with Hijackthis and put a check next to these entries:

O2 - BHO: (no name) - {00000026-8735-428D-B81F-DD098223B25F} - (no file)
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: (no name) - {000006b1-19b5-414a-849f-2a3c64ae6939} - (no file)

O2 - BHO: (no name) - {06dfedaa-6196-11d5-bfc8-00508b4a487d} - (no file)
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {30000273-8230-4dd4-be4f-6889d1e74167} - (no file)
O2 - BHO: msdn_lib.msdn_hlp - {38847C4B-1AB1-4A47-9026-9A6CF7B43D31} - C:\WINDOWS\system32\msdn_lib.dll (file missing)
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: sa_ie_monitor.ie_monitor - {4F65D192-327B-41D6-B082-0D2A104D9B73} - C:\Program Files\SpyAway\sa_ie_monitor.dll (file missing)
O2 - BHO: (no name) - {53C330D6-A4AB-419B-B45D-FD4411C1FEF4} - (no file)

O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {669695bc-a811-4a9d-8cdf-ba8c795f261e} - (no file)

O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {b8875bfe-b021-11d4-bfa8-00508b8e9bd3} - (no file)
O2 - BHO: (no name) - {bb936323-19fa-4521-ba29-eca6a121bc78} - (no file)
O2 - BHO: (no name) - {ca1d1b05-9c66-11d5-a009-000103c1e50b} - (no file)
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)

I would advise you to tick the next one also, it does not need to run on startup
Start it manually would be best
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe

After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis

Reboot the computer

Can you do the following, I would like to see back here the following
If you have an older version of Combofix, delete it
Then
Download this file - Combofix.exe and save it ONLY to your desktop
Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you.
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Come back here and post back all the following, even if it takes more than one reply to do so
1. Post the log from combofix
2. Post a fresh hijackthis log
3. Close Hijackthis, then reopen it
supply an uninstall list from Hijackthis
Open Hijackthis>>Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents

mengskx · « **Reply #4 on:** July 12, 2007, 10:06:27 PM »

"Justin Dreyer" - 2007-07-12 22:02:28 - ComboFix 07-07-13 - Service Pack 2

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\WINDOWS\180ax.exe
C:\WINDOWS\2020search.dll
C:\WINDOWS\2020search2.dll
C:\WINDOWS\764.exe
C:\WINDOWS\7search.dll
C:\WINDOWS\bi.dll
C:\WINDOWS\biprep.exe
C:\WINDOWS\bjam.dll
C:\WINDOWS\bokja.exe
C:\WINDOWS\cdsm32.dll
C:\WINDOWS\flt.dll
C:\WINDOWS\mspphe.dll
C:\WINDOWS\mssvr.exe
C:\WINDOWS\pbar.dll
C:\WINDOWS\saiemod.dll
C:\WINDOWS\salm.exe
C:\WINDOWS\satmat.exe
C:\WINDOWS\stcloader.exe
C:\WINDOWS\susp.exe
C:\WINDOWS\swin32.dll
C:\WINDOWS\system32\gtv_sd.bin
C:\WINDOWS\system32\msixu.dll
C:\WINDOWS\system32\sl.bin
C:\WINDOWS\system32\vxddsk.exe
C:\WINDOWS\system32\wer8274.dll
C:\WINDOWS\system32\wml.exe
C:\WINDOWS\temp\salm.exe
C:\WINDOWS\updatetc.exe
C:\WINDOWS\voiceip.dll
C:\WINDOWS\wml.exe

((((((((((((((((((((((((( Files Created from 2007-06-13 to 2007-07-13 )))))))))))))))))))))))))))))))

2007-07-12 22:02   51,200   --a------   C:\WINDOWS\nircmd.exe
2007-07-12 16:45   <DIR>   d--------   C:\Program Files\HJT
2007-07-12 16:43   <DIR>   d--------   C:\WINDOWS\system32\appmgmt
2007-07-12 15:39   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\APPLIC~1\Sonic
2007-07-12 15:39   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\APPLIC~1\Leadertech
2007-07-10 23:29   <DIR>   d--------   C:\Program Files\iPod
2007-07-10 23:28   <DIR>   d----c---   C:\WINDOWS\system32\DRVSTORE
2007-07-10 23:28   <DIR>   d--------   C:\Program Files\Common Files\Apple
2007-07-10 23:28   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
2007-07-10 22:09   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\APPLIC~1\Google
2007-07-07 16:30   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
2007-07-04 23:34   <DIR>   d---s----   C:\DOCUME~1\JUSTIN~1\UserData
2007-07-04 14:44   <DIR>   d--------   C:\Program Files\All mp3
2007-07-02 17:30   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\APPLIC~1\DivX
2007-07-02 17:29   <DIR>   d--------   C:\Program Files\Google
2007-07-02 17:28   129,784   ---------   C:\WINDOWS\system32\pxafs.dll
2007-07-02 17:28   <DIR>   d--------   C:\Program Files\DivX
2007-07-01 22:37   <DIR>   d--------   C:\Program Files\Soulseek
2007-06-30 22:03   967   --a------   C:\WINDOWS\ScUnin.pif
2007-06-30 22:03   70,656   --a------   C:\WINDOWS\ScUnin.exe
2007-06-30 22:03   32,845   --a------   C:\WINDOWS\scunin.dat
2007-06-30 22:03   <DIR>   d--------   C:\Program Files\Starcraft
2007-06-30 18:30   0   --a------   C:\DOCUME~1\JUSTIN~1\APPLIC~1\wklnhst.dat
2007-06-30 18:30   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\APPLIC~1\Template
2007-06-27 00:07   <DIR>   d--------   C:\Program Files\Zeratul
2007-06-26 22:23   <DIR>   d--------   C:\Program Files\LimeWire
2007-06-26 22:23   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\Shared
2007-06-26 22:23   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\Incomplete
2007-06-26 22:23   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\APPLIC~1\LimeWire
2007-06-25 13:51   <DIR>   d--------   C:\Program Files\Common Files\Wise Installation Wizard
2007-06-25 02:27   <DIR>   d--------   C:\Program Files\SpyAway
2007-06-25 02:18   9,216   --a------   C:\WINDOWS\system32\avgwlntf.dll
2007-06-25 02:18   110,592   --a------   C:\WINDOWS\system32\avgfwafu.dll
2007-06-25 01:58   <DIR>   d--------   C:\Program Files\MSXML 4.0
2007-06-25 01:52   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
2007-06-25 01:21   4   --a------   C:\WINDOWS\system32\stfv.bin
2007-06-25 01:18   20,224   --a------   C:\WINDOWS\vxddsk.exe
2007-06-25 01:04   118,784   --a------   C:\WINDOWS\system32\MSSTDFMT.DLL
2007-06-25 01:04   <DIR>   d--------   C:\Program Files\SpywareBlaster
2007-06-24 22:55   1,156   --a------   C:\WINDOWS\mozver.dat
2007-06-24 16:55   23,040   ---------   C:\WINDOWS\kb913800.exe
2007-06-24 16:45   82,944   --a------   C:\WINDOWS\system32\drivers\wdmaud.sys
2007-06-24 16:45   60,800   --a------   C:\WINDOWS\system32\drivers\sysaudio.sys
2007-06-24 16:45   6,400   --a------   C:\WINDOWS\system32\drivers\splitter.sys
2007-06-24 16:45   54,272   --a------   C:\WINDOWS\system32\drivers\swmidi.sys
2007-06-24 16:45   52,864   --a------   C:\WINDOWS\system32\drivers\DMusic.sys
2007-06-24 16:45   282,624   --a------   C:\WINDOWS\stsystra.exe
2007-06-24 16:45   2,944   --a------   C:\WINDOWS\system32\drivers\drmkaud.sys
2007-06-24 16:45   172,416   --a------   C:\WINDOWS\system32\drivers\kmixer.sys
2007-06-24 16:45   142,464   --a------   C:\WINDOWS\system32\drivers\aec.sys
2007-06-24 16:45   1,003,520   --a------   C:\WINDOWS\system32\stlang.dll
2007-06-24 16:45   <DIR>   d--------   C:\Program Files\Sigmatel
2007-06-24 16:44   60,288   --a------   C:\WINDOWS\system32\drivers\drmk.sys
2007-06-24 16:41   <DIR>   d--------   C:\WINDOWS\system32\PreInstall
2007-06-24 16:38   <DIR>   d--------   C:\Program Files\PokerStars
2007-06-24 14:48   <DIR>   d--------   C:\Program Files\DellSupport
2007-06-24 14:45   <DIR>   d--------   C:\WINDOWS\system32\SoftwareDistribution
2007-06-24 14:40   36,864   --a------   C:\WINDOWS\system32\e100bmsg.dll
2007-06-24 14:40   19,456   --a------   C:\WINDOWS\system32\IntelNic.dll
2007-06-24 14:40   126,976   --a------   C:\WINDOWS\system32\Prounstl.exe
2007-06-23 15:46   <DIR>   d--------   C:\drvrtmp
2007-06-21 23:43   <DIR>   d--------   C:\Program Files\iTunes
2007-06-21 23:43   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\APPLIC~1\Apple Computer
2007-06-21 23:42   <DIR>   d--------   C:\Program Files\QuickTime
2007-06-21 23:42   <DIR>   d--------   C:\Program Files\Apple Software Update
2007-06-21 23:42   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
2007-06-21 23:41   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\APPLIC~1\U3
2007-06-21 18:06   <DIR>   d--------   C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall
2007-06-21 18:04   13,225   --a------   C:\WINDOWS\system32\drivers\Razerlow.sys
2007-06-21 18:04   <DIR>   d--------   C:\Program Files\Razer
2007-06-21 18:00   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\APPLIC~1\Jasc Software Inc
2007-06-21 17:59   <DIR>   d--------   C:\Program Files\Jasc Software Inc
2007-06-21 17:59   <DIR>   d--------   C:\Program Files\Common Files\Jasc Software Inc
2007-06-21 17:58   <DIR>   d--------   C:\Program Files\Dl_cats
2007-06-21 17:58   <DIR>   d--------   C:\Program Files\Abbyy FineReader 6.0 Sprint
2007-06-21 17:57   87,040   --a------   C:\WINDOWS\system32\wiafbdrv.dll
2007-06-21 17:57   15,104   --a------   C:\WINDOWS\system32\drivers\usbscan.sys
2007-06-21 17:56   983,092   --a------   C:\WINDOWS\system32\dlccgf.dll
2007-06-21 17:56   86,016   --a------   C:\WINDOWS\system32\dlcccub.dll
2007-06-21 17:56   774,144   --a------   C:\WINDOWS\system32\dlcchbn3.dll
2007-06-21 17:56   73,728   --a------   C:\WINDOWS\system32\dlcccu.dll
2007-06-21 17:56   704,512   --a------   C:\WINDOWS\system32\dlcccomc.dll
2007-06-21 17:56   65,536   --a------   C:\WINDOWS\system32\dlcccfg.dll
2007-06-21 17:56   638,976   --a------   C:\WINDOWS\system32\dlccpmui.dll
2007-06-21 17:56   491,520   --a------   C:\WINDOWS\system32\dlcccoms.exe
2007-06-21 17:56   483,328   --a------   C:\WINDOWS\system32\dlcclmpm.dll
2007-06-21 17:56   430,080   --a------   C:\WINDOWS\system32\dlccutil.dll
2007-06-21 17:56   413,696   --a------   C:\WINDOWS\system32\dlcccomm.dll
2007-06-21 17:56   40,960   --a------   C:\WINDOWS\system32\dlccvs.dll
2007-06-21 17:56   372,736   --a------   C:\WINDOWS\system32\dlccih.exe
2007-06-21 17:56   368,640   --a------   C:\WINDOWS\system32\dlcccfg.exe
2007-06-21 17:56   36,864   --a------   C:\WINDOWS\system32\dlcccur.dll
2007-06-21 17:56   176,128   --a------   C:\WINDOWS\system32\dlccinsb.dll
2007-06-21 17:56   155,648   --a------   C:\WINDOWS\system32\dlccprox.dll
2007-06-21 17:56   155,648   --a------   C:\WINDOWS\system32\dlccins.dll
2007-06-21 17:56   131,072   --a------   C:\WINDOWS\system32\dlccjswr.dll
2007-06-21 17:56   114,688   --a------   C:\WINDOWS\system32\dlccpplc.dll
2007-06-21 17:56   106,496   --a------   C:\WINDOWS\system32\dlccinsr.dll
2007-06-21 17:56   1,183,744   --a------   C:\WINDOWS\system32\dlccserv.dll
2007-06-21 17:56   1,134,592   --a------   C:\WINDOWS\system32\dlccusb1.dll

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-25 18:50:13   --------   d-----w   C:\Program Files\DIGStream
2007-06-25 06:18:24   801   ----a-w   C:\WINDOWS\system32\drivers\system_stable_header_small.gif
2007-06-25 06:18:24   567   ----a-w   C:\WINDOWS\system32\drivers\users_rating.gif
2007-06-25 06:18:24   291   ----a-w   C:\WINDOWS\system32\drivers\v.gif
2007-06-25 06:18:24   283   ----a-w   C:\WINDOWS\system32\drivers\x.gif
2007-06-25 06:18:24   1,636   ----a-w   C:\WINDOWS\system32\drivers\system_stable_header.gif
2007-06-25 06:18:23   6,533   ----a-w   C:\WINDOWS\system32\drivers\system_stable_box_small.jpg
2007-06-25 06:18:23   579   ----a-w   C:\WINDOWS\system32\drivers\spy_away_header_small.gif
2007-06-25 06:18:23   15,075   ----a-w   C:\WINDOWS\system32\drivers\system_stable_box.jpg
2007-06-25 06:18:23   1,139   ----a-w   C:\WINDOWS\system32\drivers\spy_away_header.gif
2007-06-25 06:18:22   5,097   ----a-w   C:\WINDOWS\system32\drivers\spy_away_box_small.jpg
2007-06-25 06:18:22   14,484   ----a-w   C:\WINDOWS\system32\drivers\protect.gif
2007-06-25 06:18:22   13,618   ----a-w   C:\WINDOWS\system32\drivers\spy_away_box.jpg
2007-06-25 06:18:21   841   ----a-w   C:\WINDOWS\system32\drivers\perfect_cleaner_header_small.gif
2007-06-25 06:18:21   4,557   ----a-w   C:\WINDOWS\system32\drivers\perfect_cleaner_box_small.jpg
2007-06-25 06:18:21   10,260   ----a-w   C:\WINDOWS\system32\drivers\perfect_cleaner_box.jpg
2007-06-25 06:18:21   1,804   ----a-w   C:\WINDOWS\system32\drivers\perfect_cleaner_header.gif
2007-06-25 06:18:20   811   ----a-w   C:\WINDOWS\system32\drivers\download_btn.gif
2007-06-25 06:18:20   746   ----a-w   C:\WINDOWS\system32\drivers\buy_btn.gif
2007-06-25 06:18:20   737   ----a-w   C:\WINDOWS\system32\drivers\logo_bg.gif
2007-06-25 06:18:20   580   ----a-w   C:\WINDOWS\system32\drivers\features.gif
2007-06-25 06:18:20   3,099   ----a-w   C:\WINDOWS\system32\drivers\logo.gif
2007-06-25 06:18:19   50,169   ----a-w   C:\WINDOWS\system32\drivers\pt.htm
2007-06-25 06:18:19   427   ----a-w   C:\WINDOWS\system32\drivers\4_stars.gif
2007-06-25 06:18:19   365   ----a-w   C:\WINDOWS\system32\drivers\5_stars.gif
2007-06-25 06:18:18   945   ----a-w   C:\WINDOWS\system32\drivers\s_detect.htm
2007-06-25 06:18:18   6,575   ----a-w   C:\WINDOWS\system32\drivers\remove_spyware_button.gif
2007-06-25 06:18:18   6,373   ----a-w   C:\WINDOWS\system32\drivers\secuity_center_logo.gif
2007-06-25 06:18:17   64   ----a-w   C:\WINDOWS\system32\drivers\close_icon.gif
2007-06-25 06:18:17   4,825   ----a-w   C:\WINDOWS\system32\drivers\detect.htm
2007-06-25 06:18:17   360   ----a-w   C:\WINDOWS\system32\drivers\header_bg.gif
2007-06-25 06:18:17   2,186   ----a-w   C:\WINDOWS\system32\drivers\alert_icon.gif
2007-06-25 06:18:17   1,014   ----a-w   C:\WINDOWS\system32\drivers\icon_warning.gif
2007-06-21 21:33:15   --------   d-----w   C:\Program Files\Messenger
2007-06-20 03:05:44   7,531   ----a-w   C:\WINDOWS\system32\drivers\1028_Dell_DIM_DM051.mrk
2007-05-31 06:45:07   524,288   ----a-w   C:\WINDOWS\system32\DivXsm.exe
2007-05-31 06:44:55   823,296   ----a-w   C:\WINDOWS\system32\divx_xx07.dll
2007-05-31 06:44:54   823,296   ----a-w   C:\WINDOWS\system32\divx_xx0c.dll
2007-05-31 06:44:54   802,816   ----a-w   C:\WINDOWS\system32\divx_xx11.dll
2007-05-31 06:44:54   740,442   ----a-w   C:\WINDOWS\system32\DivX.dll
2007-05-16 15:12:02   683,520   ----a-w   C:\WINDOWS\system32\inetcomm.dll
2007-04-25 14:21:15   144,896   ----a-w   C:\WINDOWS\system32\schannel.dll
2007-04-23 00:15:29   3,596,288   ----a-w   C:\WINDOWS\system32\qt-dx331.dll
2007-04-23 00:15:18   200,704   ----a-w   C:\WINDOWS\system32\ssldivx.dll
2007-04-23 00:15:18   1,044,480   ----a-w   C:\WINDOWS\system32\libdivx.dll
2007-04-23 00:02:34   73,728   ----a-w   C:\WINDOWS\system32\dpl100.dll
2007-04-23 00:02:34   196,608   ----a-w   C:\WINDOWS\system32\dtu100.dll
2007-04-23 00:02:33   53,248   ----a-w   C:\WINDOWS\system32\dpuGUI10.dll
2007-04-23 00:02:31   593,920   ----a-w   C:\WINDOWS\system32\dpuGUI11.dll
2007-04-23 00:02:31   57,344   ----a-w   C:\WINDOWS\system32\dpv11.dll
2007-04-23 00:02:31   344,064   ----a-w   C:\WINDOWS\system32\dpus11.dll
2007-04-23 00:02:31   294,912   ----a-w   C:\WINDOWS\system32\dpu11.dll
2007-04-23 00:02:31   294,912   ----a-w   C:\WINDOWS\system32\dpu10.dll
2007-04-23 00:01:47   12,288   ----a-w   C:\WINDOWS\system32\DivXWMPExtType.dll
2007-04-23 00:01:46   124,472   ----a-w   C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
2007-04-18 16:12:23   2,854,400   ----a-w   C:\WINDOWS\system32\msi.dll
2007-04-17 03:47:36   33,624   ----a-w   C:\WINDOWS\system32\wups.dll
2007-04-17 03:45:54   1,710,936   ----a-w   C:\WINDOWS\system32\wuaueng.dll
2007-04-17 03:45:48   549,720   ----a-w   C:\WINDOWS\system32\wuapi.dll
2007-04-17 03:45:42   325,976   ----a-w   C:\WINDOWS\system32\wucltui.dll
2007-04-17 03:45:36   203,096   ----a-w   C:\WINDOWS\system32\wuweb.dll
2007-04-17 03:45:28   92,504   ----a-w   C:\WINDOWS\system32\cdm.dll
2007-04-17 03:45:20   53,080   ----a-w   C:\WINDOWS\system32\wuauclt.exe
2007-04-17 03:45:20   43,352   ----a-w   C:\WINDOWS\system32\wups2.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-01-12 20:38   63128   --a------   C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2005-11-10 13:22   184423   --a------   C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 21:05]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 03:12]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 16:50]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 16:50]
"dlccmon.exe"="C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe" [2005-10-21 10:40]
"razer"="C:\Program Files\Razer\razerhid.exe" [2005-05-17 18:21]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
"SigmatelSysTrayApp"="stsystra.exe" [2006-02-10 11:17 C:\WINDOWS\stsystra.exe]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-06-25 02:18]
"MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [2005-07-12 19:05]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-07-02 17:29]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-06-28 09:14]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 11:09]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{827D3881-317C-442A-B4ED-F576CBA700BB}"="C:\WINDOWS\SYSTEM32\GWSEH.dll" [2004-09-23 07:21]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll --a------ 2007-06-25 02:18 9216 C:\WINDOWS\system32\avgwlntf.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
AutoRun\command- F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
AutoRun\command- E:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e3c7ff4a-207a-11dc-b42b-00038a000015}]
AutoRun\command- F:\LaunchU3.exe -a

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{Y479C6D0-OTRW-U5GH-S1EE-E02310B4E666}
C:\WINDOWS\system32\tmrsrv32.exe

Contents of the 'Scheduled Tasks' folder
2007-07-10 17:11:02 C:\WINDOWS\tasks\AppleSoftwareUpdate.job

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-12 22:04:32
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-07-12 22:04:59
C:\ComboFix-quarantined-files.txt ... 2007-07-12 22:04

   --- E O F ---

mengskx · « **Reply #5 on:** July 12, 2007, 10:07:32 PM »

Logfile of HijackThis v1.99.1
Scan saved at 10:06:58 PM, on 7/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
C:\Program Files\Razer\razerhid.exe
C:\WINDOWS\stsystra.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Razer\razertra.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Razer\razerofa.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\HJT\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"
O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\razerhid.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: dlcc_device - - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

mengskx · « **Reply #6 on:** July 12, 2007, 10:09:02 PM »

ABBYY FineReader 6.0 Sprint
Adobe Reader 7.0.8
America Online (Choose which version to remove)
AOL Coach Version 1.0(Build:20040229.1 en)
AOLIcon
Apple Mobile Device Support
Apple Software Update
ATI Control Panel
ATI Display Driver
AVG 7.5
Conexant D850 56K V.9x DFVc Modem
Dell CinePlayer
Dell Driver Reset Tool
Dell Photo AIO Printer 924
DellSupport
Digital Content Portal
Digital Line Detect
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
Documentation & Support Launcher
EducateU
ESPNMotion
Games, Music, & Photos Launcher
GemMaster Mystic
Get High Speed Internet!
Google Desktop
Google Earth
Google Toolbar for Firefox
High Definition Audio Driver Package - KB835221
HijackThis 1.99.1
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB888795)
Hotfix for Windows XP (KB891593)
Hotfix for Windows XP (KB895961)
Hotfix for Windows XP (KB899337)
Hotfix for Windows XP (KB899510)
Hotfix for Windows XP (KB902841)
Intel® PRO Network Connections Drivers
Intel® PROSet for Wired Connections
Internet Service Offers Launcher
iTunes
J2SE Runtime Environment 5.0 Update 6
Jasc Paint Shop Photo Album 5
Jasc Paint Shop Pro Studio, Dell Editon
Learn2 Player (Uninstall Only)
LimeWire 4.12.14
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Works
Modem Helper
Mozilla Firefox (2.0.0.4)
MSN
MSXML 4.0 SP2 (KB927978)
NetWaiting
NetZeroInstallers
Otto
PokerStars
QuickTime
Razer
RealPlayer Basic
Roxio DLA
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Sonic Activation Module
Sonic Encoders
Sonic Update Manager
SoulSeek Client 156c
SpywareBlaster v3.5.1
Starcraft
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update Rollup 2 for Windows XP Media Center Edition 2005
Viewpoint Media Player
WebCyberCoach 3.2 Dell
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890927
Windows XP Media Center Edition 2005 KB908246
Yahoo! Music Jukebox

guestolo · « **Reply #7 on:** July 14, 2007, 06:57:53 PM »

Sorry for the delay, can you do the following
Close your browser windows
Access your add/remove programs and remove your version of Java, it is outdated and malware can use it to infect your system

Uninstall
J2SE Runtime Environment 5.0 Update 6

Reboot the computer
back in Windows
Download the latest version of Java(tm) SE Runtime Environment 6 Update 2.
Select the Offline Download
Click on the [color=\"#4169E1\"]Windows XP/Vista/2000/2003 Offline[/color] * filesize: 13.90 MB and save it too desktop
Run the Installer on desktop and let it successfully install
Afterwards:

Open notepad and copy/paste the text in the quotebox below into it:
Don't include the word 'quote' please

Quote

File::
C:\WINDOWS\system32\tmrsrv32.exe
C:\WINDOWS\system32\drivers\system_stable_header_small.gif
C:\WINDOWS\system32\drivers\users_rating.gif
C:\WINDOWS\system32\drivers\v.gif
C:\WINDOWS\system32\drivers\x.gif
C:\WINDOWS\system32\drivers\system_stable_header.gif
C:\WINDOWS\system32\drivers\system_stable_box_small.jpg
C:\WINDOWS\system32\drivers\spy_away_header_small.gif
C:\WINDOWS\system32\drivers\system_stable_box.jpg
C:\WINDOWS\system32\drivers\spy_away_header.gif
C:\WINDOWS\system32\drivers\spy_away_box_small.jpg
C:\WINDOWS\system32\drivers\protect.gif
C:\WINDOWS\system32\drivers\spy_away_box.jpg
C:\WINDOWS\system32\drivers\perfect_cleaner_header_small.gif
C:\WINDOWS\system32\drivers\perfect_cleaner_box_small.jpg
C:\WINDOWS\system32\drivers\perfect_cleaner_box.jpg
C:\WINDOWS\system32\drivers\perfect_cleaner_header.gif
C:\WINDOWS\system32\drivers\download_btn.gif
C:\WINDOWS\system32\drivers\buy_btn.gif
C:\WINDOWS\system32\drivers\logo_bg.gif
C:\WINDOWS\system32\drivers\features.gif
C:\WINDOWS\system32\drivers\logo.gif
C:\WINDOWS\system32\drivers\pt.htm
C:\WINDOWS\system32\drivers\4_stars.gif
C:\WINDOWS\system32\drivers\5_stars.gif
C:\WINDOWS\system32\drivers\s_detect.htm
C:\WINDOWS\system32\drivers\remove_spyware_button.gif
C:\WINDOWS\system32\drivers\secuity_center_logo.gif
C:\WINDOWS\system32\drivers\close_icon.gif
C:\WINDOWS\system32\drivers\detect.htm
C:\WINDOWS\system32\drivers\header_bg.gif
C:\WINDOWS\system32\drivers\alert_icon.gif
C:\WINDOWS\system32\drivers\icon_warning.gif
C:\WINDOWS\vxddsk.exe
C:\WINDOWS\system32\stfv.bin

Folder::
C:\Program Files\SpyAway

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{Y479C6D0-OTRW-U5GH-S1EE-E02310B4E666}]

Save this as ComboFix-Do.txt to your desktop

Then drag the ComboFix-Do.txt into ComboFix.exe as you see in the screenshot below.

This will start ComboFix again. After reboot, (in case it asks to reboot)
A log should open,
Can you post this log
Additionally post a fresh hijackthis log and let me know how things are running

mengskx · « **Reply #8 on:** July 16, 2007, 01:38:20 PM »

"Justin Dreyer" - 2007-07-16 13:33:31 - ComboFix 07-07-13 - Service Pack 2
Command switches used :: C:\Documents and Settings\Justin Dreyer\Desktop\ComboFix-Do.txt.txt

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\Program Files\SpyAway
C:\Program Files\SpyAway\config.dat
C:\Program Files\SpyAway\spy.dat
C:\Program Files\SpyAway\uninstall.log
C:\WINDOWS\system32\drivers\4_stars.gif
C:\WINDOWS\system32\drivers\5_stars.gif
C:\WINDOWS\system32\drivers\alert_icon.gif
C:\WINDOWS\system32\drivers\buy_btn.gif
C:\WINDOWS\system32\drivers\close_icon.gif
C:\WINDOWS\system32\drivers\detect.htm
C:\WINDOWS\system32\drivers\download_btn.gif
C:\WINDOWS\system32\drivers\features.gif
C:\WINDOWS\system32\drivers\header_bg.gif
C:\WINDOWS\system32\drivers\icon_warning.gif
C:\WINDOWS\system32\drivers\logo.gif
C:\WINDOWS\system32\drivers\logo_bg.gif
C:\WINDOWS\system32\drivers\perfect_cleaner_box.jpg
C:\WINDOWS\system32\drivers\perfect_cleaner_box_small.jpg
C:\WINDOWS\system32\drivers\perfect_cleaner_header.gif
C:\WINDOWS\system32\drivers\perfect_cleaner_header_small.gif
C:\WINDOWS\system32\drivers\protect.gif
C:\WINDOWS\system32\drivers\pt.htm
C:\WINDOWS\system32\drivers\remove_spyware_button.gif
C:\WINDOWS\system32\drivers\s_detect.htm
C:\WINDOWS\system32\drivers\secuity_center_logo.gif
C:\WINDOWS\system32\drivers\spy_away_box.jpg
C:\WINDOWS\system32\drivers\spy_away_box_small.jpg
C:\WINDOWS\system32\drivers\spy_away_header.gif
C:\WINDOWS\system32\drivers\spy_away_header_small.gif
C:\WINDOWS\system32\drivers\system_stable_box.jpg
C:\WINDOWS\system32\drivers\system_stable_box_small.jpg
C:\WINDOWS\system32\drivers\system_stable_header.gif
C:\WINDOWS\system32\drivers\system_stable_header_small.gif
C:\WINDOWS\system32\drivers\users_rating.gif
C:\WINDOWS\system32\drivers\v.gif
C:\WINDOWS\system32\drivers\x.gif
C:\WINDOWS\system32\stfv.bin
C:\WINDOWS\vxddsk.exe

((((((((((((((((((((((((( Files Created from 2007-06-16 to 2007-07-16 )))))))))))))))))))))))))))))))

2007-07-12 22:02   51,200   --a------   C:\WINDOWS\nircmd.exe
2007-07-12 16:45   <DIR>   d--------   C:\Program Files\HJT
2007-07-12 16:43   <DIR>   d--------   C:\WINDOWS\system32\appmgmt
2007-07-12 15:39   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\APPLIC~1\Sonic
2007-07-12 15:39   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\APPLIC~1\Leadertech
2007-07-10 23:29   <DIR>   d--------   C:\Program Files\iPod
2007-07-10 23:28   <DIR>   d----c---   C:\WINDOWS\system32\DRVSTORE
2007-07-10 23:28   <DIR>   d--------   C:\Program Files\Common Files\Apple
2007-07-10 23:28   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
2007-07-10 22:09   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\APPLIC~1\Google
2007-07-07 16:30   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
2007-07-04 23:34   <DIR>   d---s----   C:\DOCUME~1\JUSTIN~1\UserData
2007-07-04 14:44   <DIR>   d--------   C:\Program Files\All mp3
2007-07-02 17:30   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\APPLIC~1\DivX
2007-07-02 17:29   <DIR>   d--------   C:\Program Files\Google
2007-07-02 17:28   129,784   ---------   C:\WINDOWS\system32\pxafs.dll
2007-07-02 17:28   <DIR>   d--------   C:\Program Files\DivX
2007-07-01 22:37   <DIR>   d--------   C:\Program Files\Soulseek
2007-06-30 22:03   967   --a------   C:\WINDOWS\ScUnin.pif
2007-06-30 22:03   70,656   --a------   C:\WINDOWS\ScUnin.exe
2007-06-30 22:03   32,845   --a------   C:\WINDOWS\scunin.dat
2007-06-30 22:03   <DIR>   d--------   C:\Program Files\Starcraft
2007-06-30 18:30   0   --a------   C:\DOCUME~1\JUSTIN~1\APPLIC~1\wklnhst.dat
2007-06-30 18:30   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\APPLIC~1\Template
2007-06-27 00:07   <DIR>   d--------   C:\Program Files\Zeratul
2007-06-26 22:23   <DIR>   d--------   C:\Program Files\LimeWire
2007-06-26 22:23   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\Shared
2007-06-26 22:23   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\Incomplete
2007-06-26 22:23   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\APPLIC~1\LimeWire
2007-06-25 13:51   <DIR>   d--------   C:\Program Files\Common Files\Wise Installation Wizard
2007-06-25 02:18   9,216   --a------   C:\WINDOWS\system32\avgwlntf.dll
2007-06-25 02:18   110,592   --a------   C:\WINDOWS\system32\avgfwafu.dll
2007-06-25 01:58   <DIR>   d--------   C:\Program Files\MSXML 4.0
2007-06-25 01:52   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
2007-06-25 01:04   118,784   --a------   C:\WINDOWS\system32\MSSTDFMT.DLL
2007-06-25 01:04   <DIR>   d--------   C:\Program Files\SpywareBlaster
2007-06-24 22:55   1,156   --a------   C:\WINDOWS\mozver.dat
2007-06-24 16:55   23,040   ---------   C:\WINDOWS\kb913800.exe
2007-06-24 16:45   82,944   --a------   C:\WINDOWS\system32\drivers\wdmaud.sys
2007-06-24 16:45   60,800   --a------   C:\WINDOWS\system32\drivers\sysaudio.sys
2007-06-24 16:45   6,400   --a------   C:\WINDOWS\system32\drivers\splitter.sys
2007-06-24 16:45   54,272   --a------   C:\WINDOWS\system32\drivers\swmidi.sys
2007-06-24 16:45   52,864   --a------   C:\WINDOWS\system32\drivers\DMusic.sys
2007-06-24 16:45   282,624   --a------   C:\WINDOWS\stsystra.exe
2007-06-24 16:45   2,944   --a------   C:\WINDOWS\system32\drivers\drmkaud.sys
2007-06-24 16:45   172,416   --a------   C:\WINDOWS\system32\drivers\kmixer.sys
2007-06-24 16:45   142,464   --a------   C:\WINDOWS\system32\drivers\aec.sys
2007-06-24 16:45   1,003,520   --a------   C:\WINDOWS\system32\stlang.dll
2007-06-24 16:45   <DIR>   d--------   C:\Program Files\Sigmatel
2007-06-24 16:44   60,288   --a------   C:\WINDOWS\system32\drivers\drmk.sys
2007-06-24 16:41   <DIR>   d--------   C:\WINDOWS\system32\PreInstall
2007-06-24 16:38   <DIR>   d--------   C:\Program Files\PokerStars
2007-06-24 14:48   <DIR>   d--------   C:\Program Files\DellSupport
2007-06-24 14:45   <DIR>   d--------   C:\WINDOWS\system32\SoftwareDistribution
2007-06-24 14:40   36,864   --a------   C:\WINDOWS\system32\e100bmsg.dll
2007-06-24 14:40   19,456   --a------   C:\WINDOWS\system32\IntelNic.dll
2007-06-24 14:40   126,976   --a------   C:\WINDOWS\system32\Prounstl.exe
2007-06-23 15:46   <DIR>   d--------   C:\drvrtmp
2007-06-21 23:43   <DIR>   d--------   C:\Program Files\iTunes
2007-06-21 23:43   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\APPLIC~1\Apple Computer
2007-06-21 23:42   <DIR>   d--------   C:\Program Files\QuickTime
2007-06-21 23:42   <DIR>   d--------   C:\Program Files\Apple Software Update
2007-06-21 23:42   <DIR>   d--------   C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
2007-06-21 23:41   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\APPLIC~1\U3
2007-06-21 18:06   <DIR>   d--------   C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall
2007-06-21 18:04   13,225   --a------   C:\WINDOWS\system32\drivers\Razerlow.sys
2007-06-21 18:04   <DIR>   d--------   C:\Program Files\Razer
2007-06-21 18:00   <DIR>   d--------   C:\DOCUME~1\JUSTIN~1\APPLIC~1\Jasc Software Inc
2007-06-21 17:59   <DIR>   d--------   C:\Program Files\Jasc Software Inc
2007-06-21 17:59   <DIR>   d--------   C:\Program Files\Common Files\Jasc Software Inc
2007-06-21 17:58   <DIR>   d--------   C:\Program Files\Dl_cats
2007-06-21 17:58   <DIR>   d--------   C:\Program Files\Abbyy FineReader 6.0 Sprint
2007-06-21 17:57   87,040   --a------   C:\WINDOWS\system32\wiafbdrv.dll
2007-06-21 17:57   15,104   --a------   C:\WINDOWS\system32\drivers\usbscan.sys
2007-06-21 17:56   983,092   --a------   C:\WINDOWS\system32\dlccgf.dll
2007-06-21 17:56   86,016   --a------   C:\WINDOWS\system32\dlcccub.dll
2007-06-21 17:56   774,144   --a------   C:\WINDOWS\system32\dlcchbn3.dll
2007-06-21 17:56   73,728   --a------   C:\WINDOWS\system32\dlcccu.dll
2007-06-21 17:56   704,512   --a------   C:\WINDOWS\system32\dlcccomc.dll
2007-06-21 17:56   65,536   --a------   C:\WINDOWS\system32\dlcccfg.dll
2007-06-21 17:56   638,976   --a------   C:\WINDOWS\system32\dlccpmui.dll
2007-06-21 17:56   491,520   --a------   C:\WINDOWS\system32\dlcccoms.exe
2007-06-21 17:56   483,328   --a------   C:\WINDOWS\system32\dlcclmpm.dll
2007-06-21 17:56   430,080   --a------   C:\WINDOWS\system32\dlccutil.dll
2007-06-21 17:56   413,696   --a------   C:\WINDOWS\system32\dlcccomm.dll
2007-06-21 17:56   40,960   --a------   C:\WINDOWS\system32\dlccvs.dll
2007-06-21 17:56   372,736   --a------   C:\WINDOWS\system32\dlccih.exe
2007-06-21 17:56   368,640   --a------   C:\WINDOWS\system32\dlcccfg.exe
2007-06-21 17:56   36,864   --a------   C:\WINDOWS\system32\dlcccur.dll
2007-06-21 17:56   176,128   --a------   C:\WINDOWS\system32\dlccinsb.dll
2007-06-21 17:56   155,648   --a------   C:\WINDOWS\system32\dlccprox.dll
2007-06-21 17:56   155,648   --a------   C:\WINDOWS\system32\dlccins.dll
2007-06-21 17:56   131,072   --a------   C:\WINDOWS\system32\dlccjswr.dll
2007-06-21 17:56   114,688   --a------   C:\WINDOWS\system32\dlccpplc.dll
2007-06-21 17:56   106,496   --a------   C:\WINDOWS\system32\dlccinsr.dll
2007-06-21 17:56   1,183,744   --a------   C:\WINDOWS\system32\dlccserv.dll
2007-06-21 17:56   1,134,592   --a------   C:\WINDOWS\system32\dlccusb1.dll
2007-06-21 17:56   <DIR>   d--------   C:\Program Files\Dell Photo AIO Printer 924
2007-06-21 17:55   25,856   --a------   C:\WINDOWS\system32\drivers\usbprint.sys
2007-06-21 17:54   <DIR>   d--------   C:\Temp\{9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15}

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-25 18:50:13   --------   d-----w   C:\Program Files\DIGStream
2007-06-21 21:33:15   --------   d-----w   C:\Program Files\Messenger
2007-06-20 03:05:44   7,531   ----a-w   C:\WINDOWS\system32\drivers\1028_Dell_DIM_DM051.mrk
2007-05-31 06:45:07   524,288   ----a-w   C:\WINDOWS\system32\DivXsm.exe
2007-05-31 06:44:55   823,296   ----a-w   C:\WINDOWS\system32\divx_xx07.dll
2007-05-31 06:44:54   823,296   ----a-w   C:\WINDOWS\system32\divx_xx0c.dll
2007-05-31 06:44:54   802,816   ----a-w   C:\WINDOWS\system32\divx_xx11.dll
2007-05-31 06:44:54   740,442   ----a-w   C:\WINDOWS\system32\DivX.dll
2007-05-16 15:12:02   683,520   ----a-w   C:\WINDOWS\system32\inetcomm.dll
2007-04-25 14:21:15   144,896   ----a-w   C:\WINDOWS\system32\schannel.dll
2007-04-23 00:15:29   3,596,288   ----a-w   C:\WINDOWS\system32\qt-dx331.dll
2007-04-23 00:15:18   200,704   ----a-w   C:\WINDOWS\system32\ssldivx.dll
2007-04-23 00:15:18   1,044,480   ----a-w   C:\WINDOWS\system32\libdivx.dll
2007-04-23 00:02:34   73,728   ----a-w   C:\WINDOWS\system32\dpl100.dll
2007-04-23 00:02:34   196,608   ----a-w   C:\WINDOWS\system32\dtu100.dll
2007-04-23 00:02:33   53,248   ----a-w   C:\WINDOWS\system32\dpuGUI10.dll
2007-04-23 00:02:31   593,920   ----a-w   C:\WINDOWS\system32\dpuGUI11.dll
2007-04-23 00:02:31   57,344   ----a-w   C:\WINDOWS\system32\dpv11.dll
2007-04-23 00:02:31   344,064   ----a-w   C:\WINDOWS\system32\dpus11.dll
2007-04-23 00:02:31   294,912   ----a-w   C:\WINDOWS\system32\dpu11.dll
2007-04-23 00:02:31   294,912   ----a-w   C:\WINDOWS\system32\dpu10.dll
2007-04-23 00:01:47   12,288   ----a-w   C:\WINDOWS\system32\DivXWMPExtType.dll
2007-04-23 00:01:46   124,472   ----a-w   C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
2007-04-18 16:12:23   2,854,400   ----a-w   C:\WINDOWS\system32\msi.dll
2007-04-17 03:47:36   33,624   ----a-w   C:\WINDOWS\system32\wups.dll
2007-04-17 03:45:54   1,710,936   ----a-w   C:\WINDOWS\system32\wuaueng.dll
2007-04-17 03:45:48   549,720   ----a-w   C:\WINDOWS\system32\wuapi.dll
2007-04-17 03:45:42   325,976   ----a-w   C:\WINDOWS\system32\wucltui.dll
2007-04-17 03:45:36   203,096   ----a-w   C:\WINDOWS\system32\wuweb.dll
2007-04-17 03:45:28   92,504   ----a-w   C:\WINDOWS\system32\cdm.dll
2007-04-17 03:45:20   53,080   ----a-w   C:\WINDOWS\system32\wuauclt.exe
2007-04-17 03:45:20   43,352   ----a-w   C:\WINDOWS\system32\wups2.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-01-12 20:38   63128   --a------   C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-07-12 04:00   501136   --a------   C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 21:05]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 03:12]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 16:50]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 16:50]
"dlccmon.exe"="C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe" [2005-10-21 10:40]
"razer"="C:\Program Files\Razer\razerhid.exe" [2005-05-17 18:21]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
"SigmatelSysTrayApp"="stsystra.exe" [2006-02-10 11:17 C:\WINDOWS\stsystra.exe]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-06-25 02:18]
"MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [2005-07-12 19:05]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-07-02 17:29]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-06-28 09:14]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 11:09]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{827D3881-317C-442A-B4ED-F576CBA700BB}"="C:\WINDOWS\SYSTEM32\GWSEH.dll" [2004-09-23 07:21]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll --a------ 2007-06-25 02:18 9216 C:\WINDOWS\system32\avgwlntf.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
AutoRun\command- F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
AutoRun\command- E:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e3c7ff4a-207a-11dc-b42b-00038a000015}]
AutoRun\command- F:\LaunchU3.exe -a

Contents of the 'Scheduled Tasks' folder
2007-07-10 17:11:02 C:\WINDOWS\tasks\AppleSoftwareUpdate.job

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-16 13:36:31
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-07-16 13:37:04
C:\ComboFix-quarantined-files.txt ... 2007-07-16 13:36
C:\ComboFix2.txt ... 2007-07-12 22:04

   --- E O F ---

mengskx · « **Reply #9 on:** July 16, 2007, 01:42:24 PM »

I can access my Task Manager now

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'

\' />

Logfile of HijackThis v1.99.1
Scan saved at 1:41:17 PM, on 7/16/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
C:\Program Files\Razer\razerhid.exe
C:\WINDOWS\stsystra.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Razer\razertra.exe
C:\Program Files\Razer\razerofa.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dlcccoms.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HJT\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"
O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\razerhid.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: avgwlntf - C:\WINDOWS\SYSTEM32\avgwlntf.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: dlcc_device - - C:\WINDOWS\system32\dlcccoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

guestolo · « **Reply #10 on:** July 17, 2007, 12:09:50 AM »

Logs look good, how's everything else running?

mengskx · « **Reply #11 on:** July 18, 2007, 03:10:36 PM »

Everything except my game will still not access the online network. I wonder if there is a default setting preventing me from doing so. When I got my new hard drive there default settings prevented pretty much everything, I had to change a few things in bios.

guestolo · « **Reply #12 on:** July 18, 2007, 06:51:13 PM »

What game are we talking about?

Also, could it be that AVG firewall is interfering?
Can you temporarily deactivate the Firewall
Open the AVG Control Center program -> right-click on the "AVG Firewall" component -> choose "Deactivate".
Now the AVG Firewall service is switched off.

See if the game can connect
If not

Reboot into safe mode with Networking and see if you can connect

Don't forget to activate the firewall after trying the above steps

mengskx · « **Reply #13 on:** July 19, 2007, 01:57:59 AM »

The game is Starcraft. I tried right clicking on the AVG and quitting control center then trying to get online with the game but didnt work. I ran it in safe mode and I was able to play online.

guestolo · « **Reply #14 on:** July 19, 2007, 08:22:48 AM »

You have AVG 7 installed, that's ok
Is it just the Anti-Virus software installed?
Do you have the free version?

Did you try AVG with Firewall at one time but remove it?

mengskx · « **Reply #15 on:** July 19, 2007, 09:50:55 PM »

I tried uninstalling AVG and now my game works. I will have to try to figure out a way to not block that with one of the firewall/anti-virus programs.

guestolo · « **Reply #16 on:** July 20, 2007, 11:41:03 PM »

Did you pay for AVG and Firewall?

mengskx · « **Reply #17 on:** July 21, 2007, 08:19:23 PM »

No, that was the free trial version.

guestolo · « **Reply #18 on:** July 22, 2007, 11:56:11 AM »

As you stated, it was a trial version, not sure how long you had it installed
That may have been a problem

You can still use the free version of AVG Anti-Virus
The download to the installer is located at this link
http://www.download.com/3000-2239_4-10703202.html

As far as new software firewall
I have some free ones at this link
http://www.thetechguide.com/forum/index.php?showtopic=15894
You will only want to use one

News:

Author Topic: Game cant access internet then crashes (Read 717 times)