Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Very Slow Laptop And Cookie Problems


  • This topic is locked This topic is locked
3 replies to this topic

#1 brybryn

brybryn

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:48 AM

Posted 15 October 2007 - 01:28 PM

All of a suddden i cant seem to logon to any of my usual websites, i keep getting error messages stating that my cookies need cleaning>
I am running 2gig of ram yet all of a sudden my computor is slowwing down, i am running comodo firewall but am not sure if its doing more bad than good?
any advise would be gratefulll




, i am runn
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:20:26, on 16/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\ThreatFire\TFService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\sm56hlpr.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ThreatFire\TFUD.exe
C:\Documents and Settings\bryn\Desktop\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.co.uk/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://127.0.0.1:4664/first_usage&s=ic...gIIZ3-UoRxvxz-o
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O3 - Toolbar: (no name) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 7441 bytes



can someone please tell me if theres a problem

Edited by brybryn, 15 October 2007 - 01:39 PM.


BC AdBot (Login to Remove)

 


m

#2 brybryn

brybryn
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:48 AM

Posted 15 October 2007 - 01:57 PM

this is my combo fix report....sorry if this is bumping my topic...i didnt know where else to put it.


ComboFix 07-10-12.4 - bryn 2007-10-16 19:49:06.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.759 [GMT 1:00]
Running from: C:\Documents and Settings\bryn\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\bryn\My Documents\internet.lnk
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2007-09-16 to 2007-10-16 )))))))))))))))))))))))))))))))
.

2007-10-16 19:48 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-15 23:24 <DIR> d-------- C:\WINDOWS\pss
2007-10-14 17:07 <DIR> d-------- C:\Program Files\LimeWire
2007-10-13 22:47 6,058,496 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-10-13 22:47 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2007-10-13 22:47 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-10-13 22:47 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-10-13 22:47 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-10-13 22:47 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2007-10-13 22:47 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-10-13 22:47 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-10-13 04:48 <DIR> d-------- C:\Documents and Settings\bryn\Application Data\FastProxySwitch
2007-10-13 04:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FastProxySwitch
2007-10-13 04:23 <DIR> d-------- C:\Program Files\FastProxySwitch
2007-10-04 19:01 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-10-03 04:26 <DIR> d--h----- C:\WINDOWS\PIF
2007-09-29 03:48 <DIR> d-------- C:\Documents and Settings\bryn\Contacts
2007-09-29 03:47 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2007-09-29 03:47 <DIR> d-------- C:\Program Files\MSN Messenger
2007-09-28 03:48 <DIR> d-------- C:\Program Files\Go For Glory
2007-09-24 02:02 <DIR> d-------- C:\Program Files\Nucleus Kernel Hotmail MSN Password Recovery
2007-09-24 01:57 <DIR> d-------- C:\Program Files\MSN and Google Talk Password Recovery
2007-09-24 01:57 <DIR> d-------- C:\Documents and Settings\bryn\Application Data\DrekSoftware
2007-09-24 01:38 <DIR> d-------- C:\Program Files\Software Illusions
2007-09-21 22:24 <DIR> d-------- C:\Program Files\DivX
2007-09-21 02:49 <DIR> d-------- C:\Documents and Settings\bryn\Application Data\Dev-Cpp
2007-09-21 00:23 <DIR> d-------- C:\Program Files\Opera
2007-09-20 23:29 <DIR> d-------- C:\Documents and Settings\BETA\Application Data\Grisoft
2007-09-20 23:29 <DIR> d-------- C:\Documents and Settings\BETA\Application Data\Comodo
2007-09-20 23:28 <DIR> d-------- C:\Documents and Settings\BETA\WINDOWS
2007-09-20 23:28 <DIR> d-------- C:\Documents and Settings\BETA\Application Data\SampleView
2007-09-20 18:23 <DIR> d-------- C:\Program Files\Kanytu Autobuyer
2007-09-20 18:23 118,784 --a------ C:\WINDOWS\system32\MSSTDFMN.DLL
2007-09-19 02:28 <DIR> d-------- C:\WINDOWS\Sun
2007-09-19 02:28 <DIR> d-------- C:\WINDOWS\.jagex_cache_32
2007-09-19 00:52 <DIR> d-------- C:\Program Files\FrostWire
2007-09-19 00:52 <DIR> d-------- C:\Documents and Settings\bryn\Application Data\FrostWire
2007-09-19 00:49 <DIR> d-------- C:\Program Files\AskSBar
2007-09-18 13:31 <DIR> d-------- C:\Documents and Settings\bryn\Application Data\CyberLink
2007-09-18 13:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2007-09-17 16:38 38,016 --a------ C:\WINDOWS\system32\drivers\bthmodem.sys
2007-09-17 16:38 38,016 --a--c--- C:\WINDOWS\system32\dllcache\bthmodem.sys
2007-09-17 16:28 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2007-09-16 00:55 2,484 --a------ C:\WINDOWS\bthservsdp.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-16 18:53 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-10-15 01:27 --------- d-----w C:\Program Files\PokerStars
2007-10-14 16:08 --------- d-----w C:\Documents and Settings\bryn\Application Data\LimeWire
2007-09-14 23:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee.com Personal Firewall
2007-09-14 21:40 --------- d-----w C:\Program Files\MSXML 4.0
2007-09-14 20:13 --------- d-----w C:\Documents and Settings\bryn\Application Data\McAfee.com Personal Firewall
2007-09-14 19:06 --------- d-----w C:\Documents and Settings\LocalService\Application Data\McAfee.com Personal Firewall
2007-09-14 17:15 --------- d-----w C:\Documents and Settings\bryn\Application Data\MSNInstaller
2007-09-14 16:31 57,344 ----a-w C:\WINDOWS\system32\COMMTB32.DLL
2007-09-14 16:31 169,984 ----a-w C:\WINDOWS\system32\P2D.DLL
2007-09-14 16:31 161,552 ----a-w C:\WINDOWS\system32\ASYCPICT.DLL
2007-09-14 16:30 --------- d-----w C:\Documents and Settings\bryn\Application Data\SampleView
2007-09-14 16:28 --------- d-----w C:\Program Files\Neocodex Check V3
2007-09-14 12:27 --------- d-----w C:\Program Files\Google
2007-09-14 03:03 --------- d-----w C:\Documents and Settings\bryn\Application Data\Talkback
2007-09-14 01:04 --------- d-----w C:\Documents and Settings\bryn\Application Data\Comodo
2007-09-14 01:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Comodo
2007-09-14 00:56 --------- d-----w C:\Program Files\ThreatFire
2007-09-14 00:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Tools
2007-09-14 00:55 --------- d-----w C:\Program Files\Comodo
2007-09-14 00:54 --------- d-----w C:\Program Files\Avira
2007-09-14 00:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2007-09-14 00:53 --------- d-----w C:\Documents and Settings\bryn\Application Data\Grisoft
2007-09-14 00:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft
2007-09-14 00:24 --------- d-----w C:\Program Files\BigFix
2007-09-14 00:00 --------- d-----w C:\Program Files\McAfee
2007-09-14 00:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee.com
2007-09-14 00:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2007-09-13 23:58 --------- d-----w C:\Program Files\gtw_logo
2007-09-13 23:58 --------- d-----w C:\Program Files\Broadcom
2007-09-13 23:56 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-09-13 06:23 38,720 ----a-w C:\WINDOWS\system32\drivers\TfSysMon.sys
2007-09-13 06:22 52,032 ----a-w C:\WINDOWS\system32\drivers\TfFsMon.sys
2007-09-13 06:22 34,624 ----a-w C:\WINDOWS\system32\drivers\TfNetMon.sys
2007-09-13 06:22 12,608 ----a-w C:\WINDOWS\system32\drivers\TfKbMon.sys
2007-09-11 23:14 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-08-21 06:15 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-13 17:54 413,696 ----a-w C:\WINDOWS\system32\vbscript.dll
2007-08-13 17:54 156,160 ----a-w C:\WINDOWS\system32\msls31.dll
2007-08-13 17:45 78,336 ----a-w C:\WINDOWS\system32\ieencode.dll
2007-08-13 17:44 40,960 ----a-w C:\WINDOWS\system32\licmgr10.dll
2007-08-13 17:42 17,408 ----a-w C:\WINDOWS\system32\corpol.dll
2007-08-13 17:39 71,680 ----a-w C:\WINDOWS\system32\admparse.dll
2007-08-13 17:39 55,296 ----a-w C:\WINDOWS\system32\iesetup.dll
2007-08-13 17:36 36,352 ----a-w C:\WINDOWS\system32\imgutil.dll
2007-08-13 17:32 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
2007-08-13 17:01 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
2007-07-30 18:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-07-30 18:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-07-30 18:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-07-30 18:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-07-30 18:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-07-30 18:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-07-30 18:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-07-30 18:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-07-26 23:06 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-07-26 23:06 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-05 02:47]
"Recguard"="%WINDIR%\SMINST\RECGUARD.EXE" []
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-10-12 12:30]
"SigmatelSysTrayApp"="stsystra.exe" [2005-12-27 03:20 C:\WINDOWS\stsystra.exe]
"SMSERIAL"="sm56hlpr.exe" [2006-01-11 03:22 C:\WINDOWS\sm56hlpr.exe]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-02-27 01:42]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-02-27 01:42]
"Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [2005-11-11 14:40]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-10-13 04:46]
"ThreatFire"="C:\Program Files\ThreatFire\TFTray.exe" [2007-09-13 07:22]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 20:00 C:\WINDOWS\system32\bthprops.cpl]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-05 02:47]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 03:01]
"MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [2005-08-12 16:16]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-02-27 01:42]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2007-09-14 01:54]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 20:00]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24]
"msnmsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Power2GoExpress"=NA

R0 TfFsMon;TfFsMon;C:\WINDOWS\system32\drivers\TfFsMon.sys
R0 TfSysMon;TfSysMon;C:\WINDOWS\system32\drivers\TfSysMon.sys
R2 ThreatFire;ThreatFire;C:\Program Files\ThreatFire\TFService.exe service
R3 TfNetMon;TfNetMon;\??\C:\WINDOWS\system32\drivers\TfNetMon.sys

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-16 19:53:22
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-10-16 19:54:36
.
--- E O F ---

#3 amateur

amateur

    Malware Fighter


  • Malware Response Team
  • 2,775 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:48 AM

Posted 31 October 2007 - 12:23 PM

Hello and welcome to BC. :thumbsup:

Sorry for the delayed response. If you haven't received help elsewhere yet and still need help, please post a fresh HijackThis and I'll be happy to help you.

#4 amateur

amateur

    Malware Fighter


  • Malware Response Team
  • 2,775 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:48 AM

Posted 05 November 2007 - 02:05 PM

Due to lack of response, this thread will now be closed. If you need this topic reopened, please PM me with the address of the thread.and we will reopen it for you. This applies only to the original topic starter. Everyone else please begin a New Topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users