results from the Ewido scan.
-
done this one but didnt follow the path that you advised?
Sophos Anti-Virus
Version 4.11.0 [Win32/Intel]
Virus data version 4.11, November 2006
Includes detection for 194933 viruses, trojans and worms
Copyright (c) 1989-2006 Sophos Plc, www.sophos.com
System time 06:50:45, System date 19 November 2006
Command line qualifiers are: -di -nc -nb --stop-scan
IDE directory is: C:\SDFix\IDE
Using IDE file rkrust-e.ide
Using IDE file kelvi-cg.ide
Using IDE file dwnl-fum.ide
Using IDE file ds061013.ide
Using IDE file zlob-ut.ide
Using IDE file arbin-a.ide
Using IDE file nebule-j.ide
Using IDE file looked-t.ide
Using IDE file agob-ahp.ide
Using IDE file mytob-jg.ide
Using IDE file mytob-jh.ide
Using IDE file nebule-k.ide
Using IDE file bront-by.ide
Using IDE file psyme-dh.ide
Using IDE file looke-ai.ide
Using IDE file looke-aj.ide
Using IDE file ruindl-x.ide
Using IDE file virut-a.ide
Using IDE file vanebo-c.ide
Using IDE file delf-ede.ide
Using IDE file xorpix-x.ide
Using IDE file strati-b.ide
Using IDE file redplu-b.ide
Using IDE file vb-crj.ide
Using IDE file looke-ak.ide
Using IDE file adcli-di.ide
Using IDE file mdrp-blo.ide
Using IDE file spammi-h.ide
Using IDE file rbot-fpf.ide
Using IDE file clagg-ag.ide
Using IDE file bagle-qq.ide
Using IDE file strat-aw.ide
Using IDE file ds060911.ide
Using IDE file lineag-e.ide
Using IDE file haxdo-di.ide
Using IDE file strat-ay.ide
Using IDE file bronto-m.ide
Using IDE file bankd-bk.ide
Using IDE file ds061020.ide
Using IDE file dloadrwz.ide
Using IDE file tileb-ho.ide
Using IDE file looke-al.ide
Using IDE file strat-bc.ide
Using IDE file bagle-qr.ide
Using IDE file sufia-a.ide
Using IDE file sappit-b.ide
Using IDE file sdbo-csd.ide
Using IDE file spamth-j.ide
Using IDE file rbot-fsm.ide
Using IDE file kookoo-a.ide
Using IDE file qqdra-at.ide
Using IDE file tileb-ga.ide
Using IDE file backdr-d.ide
Using IDE file sp-bcz.ide
Using IDE file spydld-h.ide
Using IDE file ds061024.ide
Using IDE file dadob-il.ide
Using IDE file sdbo-csv.ide
Using IDE file foundu-a.ide
Using IDE file clagg-ae.ide
Using IDE file looke-am.ide
Using IDE file candun-b.ide
Using IDE file bank-dix.ide
Using IDE file torpi-bl.ide
Using IDE file strat-by.ide
Using IDE file spamth-k.ide
Using IDE file rbot-ewd.ide
Using IDE file dnsbus-n.ide
Using IDE file looke-ap.ide
Using IDE file strat-bg.ide
Using IDE file strat-ca.ide
Using IDE file strat-bk.ide
Using IDE file fili-b.ide
Using IDE file banl-ayr.ide
Using IDE file strat-ap.ide
Using IDE file conhoo-w.ide
Using IDE file feebs-bh.ide
Using IDE file tileb-hs.ide
Using IDE file hacde-gz.ide
Using IDE file mobler-c.ide
Using IDE file bankd-bh.ide
Using IDE file dref-k.ide
Using IDE file rbot-fut.ide
Using IDE file rbot-fum.ide
Using IDE file spake-a.ide
Using IDE file banc-aun.ide
Using IDE file rbot-ful.ide
Using IDE file bdoo-abp.ide
Using IDE file ircflo-r.ide
Using IDE file gfail-a.ide
Using IDE file star-bda.ide
Using IDE file limpne-a.ide
Using IDE file dloa-anz.ide
Using IDE file rbot-fsk.ide
Using IDE file gold-eh.ide
Using IDE file grayb-ec.ide
Using IDE file line-adq.ide
Using IDE file strati-g.ide
Using IDE file bank-dpq.ide
Using IDE file banc-avs.ide
Using IDE file looke-aq.ide
Using IDE file conhoo-x.ide
Using IDE file zlobns-x.ide
Using IDE file look-as.ide
Using IDE file click-do.ide
Using IDE file qdial-af.ide
Using IDE file qqro-aat.ide
Using IDE file line-ads.ide
Using IDE file nubys-a.ide
Using IDE file dref-n.ide
Using IDE file strd-gen.ide
Using IDE file stratzip.ide
Using IDE file clerix-b.ide
Using IDE file rjump-g.ide
Using IDE file clagg-ai.ide
Using IDE file lowzo-dp.ide
Using IDE file dwnl-fvc.ide
Using IDE file zlobat.ide
Using IDE file tibs-pd.ide
Using IDE file mytob-jj.ide
Using IDE file bagledbq.ide
Using IDE file backte-f.ide
Using IDE file vanebo-f.ide
Using IDE file etyb-a.ide
Using IDE file line-aed.ide
Using IDE file medbot-b.ide
Using IDE file nordex-a.ide
Using IDE file strat-bo.ide
Using IDE file dref-o.ide
Using IDE file legmi-yy.ide
Using IDE file rbot-fuo.ide
Using IDE file tileb-fy.ide
Using IDE file bckd-pnp.ide
Using IDE file agnt-dgy.ide
Using IDE file tibs-pf.ide
Using IDE file stex-a.ide
Using IDE file bancb-oj.ide
Using IDE file rbot-fus.ide
Using IDE file looke-ar.ide
Using IDE file line-aeh.ide
Using IDE file pitcom-c.ide
Using IDE file levona-b.ide
Using IDE file dloa-apl.ide
Using IDE file ds061113.ide
Using IDE file dropp-ma.ide
Using IDE file pardon-a.ide
Using IDE file sniffe-m.ide
Using IDE file tileb-hx.ide
Using IDE file delspy-e.ide
Using IDE file banc-api.ide
Using IDE file psyme-dd.ide
Using IDE file clagg-aj.ide
Using IDE file ldpin-op.ide
Using IDE file proxy-eu.ide
Using IDE file winspy-l.ide
Using IDE file ds061115.ide
Using IDE file mona-b.ide
Using IDE file banl-aqv.ide
Using IDE file ds061116.ide
Using IDE file line-aeg.ide
Using IDE file qqpa-akl.ide
Using IDE file pardon-b.ide
Using IDE file ntroo-av.ide
Using IDE file batkil-a.ide
Using IDE file zlob-nw.ide
Using IDE file tileb-hn.ide
Using IDE file backdr-c.ide
Using IDE file dwnl-fvg.ide
Using IDE file silly-e.ide
Using IDE file rbot-fvz.ide
Using IDE file rungbu-c.ide
Using IDE file looke-av.ide
Using IDE file rbot-fwl.ide
Using IDE file nebul-m.ide
Using IDE file rbot-fwm.ide
Quick Scanning
dont know if this is ok let me know but computer keeps still closing down ?
-
Logfile of HijackThis v1.99.1
Scan saved at 07:35:23, on 19/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\ProcessGuard\dcsuserprot.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\Voyager 105 ADSL Modem\d@@@@ent.exe
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\ProcessGuard\pgaccount.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Dawn\My Documents\foolyou.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.madasafish.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [D@@@@ENTEXE] C:\Program Files\Voyager 105 ADSL Modem\d@@@@ent.exe
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtim e.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [!1_pgaccount] "C:\Program Files\ProcessGuard\pgaccount.exe"
O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1157778854921
O17 - HKLM\System\CCS\Services\Tcpip\..\{371F7D60-1D13-4B02-8299-637F67DD6C33}: NameServer = 80.189.94.2 80.189.92.2
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: DiamondCS ProcessGuard Service v3.410 (DCSPGSRV) - DiamondCS - C:\Program Files\ProcessGuard\dcsuserprot.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
-
Log is clean, not sure about the sophos scan never seen one before. Did it find something?
It may be time for you to take your computer to a local shop for a possible reformat.
Did you run SDFix? I need to see the log please.
-
could not run the sdfix like you said what i did was the only thing it would let me do, because when i asked you to look at instructions it wasnt asking me the same as you said there was different scans to choose and the path you said would not work! I think you are probably right i will have to take it to be reformatted thank you for your help i will let you know what the outcome thanks again ***********
-
07:19:51 19/11/2006
http://update.emsisoft.com/checkupda...-us&beta=false
; Searching for a-squared updates on 11/19/2006 8:19:42 PM
; -----------------------------------------------------
; Response from http://updates1.emsisoft.com: OK
[General]
valid=1
status=1
expire=4294967296
expiredate=1/1/3000 
news=
newslink=
base=
num=20
[1]
URL=http://updates1.emsisoft.com/updates/3DA024785935AAC0E4610F711B97C207.dat
path=cabinet.dll
name=Engine Component
size=65536
md5=3DA024785935AAC0E4610F711B97C207
desc=Unpacking component for CAB files 1.0.601.0
[2]
URL=http://updates1.emsisoft.com/updates/A5FE51B8CE661A935A165803C65A4BF1.dat
path=unrar.dll
name=Engine Component
size=160768
md5=A5FE51B8CE661A935A165803C65A4BF1
desc=Unpacking component for RAR files 3.50.0.214
[3]
URL=http://updates1.emsisoft.com/updates/07AF8CA9832335F3D7B3CD29C862B9B7.dat
path=a2kernel.dll
name=Scan Engine
size=165888
md5=07AF8CA9832335F3D7B3CD29C862B9B7
desc=Scan Engine Kernel Component 1.8.0.339
[4]
URL=http://updates1.emsisoft.com/updates/8560E60F82E53239A97B9E9E475A9343.dat
path=a2cmd_readme.txt
name=a-squared Command Line Scanner Readme
size=3845
md5=8560E60F82E53239A97B9E9E475A9343
desc=Readme and help file for the command line scanner
[5]
URL=http://updates1.emsisoft.com/updates/90CC39A4AE66B95EBD9E3F88ABC0C6B2.dat
path=a2update.dll
name=Updater module
size=243200
md5=90CC39A4AE66B95EBD9E3F88ABC0C6B2
desc=Updater module - 2.0.0.191
[6]
URL=http://updates1.emsisoft.com/updates/FA11C7265E970F87AD134F440FBD765D.dat
path=engine.dll
name=Scan Engine
size=243712
md5=FA11C7265E970F87AD134F440FBD765D
desc=Scan Engine Component - 1.0.0.750
[7]
URL=http://updates1.emsisoft.com/updates/B6CAA679C5132FCB07BD5393563FB1C0.dat
path=a2cmd.exe
name=a-squared Command Line Scanner
size=223744
md5=B6CAA679C5132FCB07BD5393563FB1C0
desc=Console application using command line parameters to scan - 2.1.0.27
[8]
URL=http://updates1.emsisoft.com/updates/B4F06FEF23D5E440D0185BDB7E88729D.dat
path=Signatures\20061107.sig
name=Signature update
size=9091575
md5=B4F06FEF23D5E440D0185BDB7E88729D
desc=454086 Signatures: 325868 Trojans, 41158 Dialers, 70009 Worms and 17050 Spywares
[9]
URL=http://updates1.emsisoft.com/updates/8D9061D71C6F9A425DBF924ADD911A6A.dat
path=Signatures\20061107.trc
name=Traces signature update
size=827742
md5=8D9061D71C6F9A425DBF924ADD911A6A
desc=92918 Spyware Traces
[10]
URL=http://updates1.emsisoft.com/updates/262945A7D67A5A88C7A5F19AFAD3FA6A.dat
path=Signatures\20061108.sig
name=Signature update
size=12855
md5=262945A7D67A5A88C7A5F19AFAD3FA6A
desc=523 Signatures: 439 Trojans, 2 Dialers, 0 Worms and 82 Spywares
[11]
URL=http://updates1.emsisoft.com/updates/9D119D837AD14C8DA9CD0C27C7EA6AB6.dat
path=Signatures\20061109.sig
name=Signature update
size=9105
md5=9D119D837AD14C8DA9CD0C27C7EA6AB6
desc=380 Signatures: 333 Trojans, 1 Dialers, 21 Worms and 25 Spywares
[12]
URL=http://updates1.emsisoft.com/updates/C205BB0DAAEB3C453EC722F6C62CF5FE.dat
path=Signatures\20061110.sig
name=Signature update
size=12656
md5=C205BB0DAAEB3C453EC722F6C62CF5FE
desc=510 Signatures: 425 Trojans, 0 Dialers, 0 Worms and 85 Spywares
[13]
URL=http://updates1.emsisoft.com/updates/35261279A39930B54F4D6EF7CF079D85.dat
path=heur_dialer.dat
name=Engine Component
size=1428
md5=35261279A39930B54F4D6EF7CF079D85
desc=Dialer Heuristic Scan Engine Component
[14]
URL=http://updates1.emsisoft.com/updates/3D359FF158F210722BE0F6706C0F7BE0.dat
path=Signatures\20061112.sig
name=Signature update
size=10459
md5=3D359FF158F210722BE0F6706C0F7BE0
desc=429 Signatures: 343 Trojans, 2 Dialers, 58 Worms and 26 Spywares
[15]
URL=http://updates1.emsisoft.com/updates/2EDABFFBD7A4DE07E84F15A0F42BE1FC.dat
path=Signatures\20061112.trc
name=Traces signature update
size=5430
md5=2EDABFFBD7A4DE07E84F15A0F42BE1FC
desc=666 Spyware Traces
[16]
URL=http://updates1.emsisoft.com/updates/DD7ED7A6664E7358ADF3180010109035.dat
path=Signatures\20061113.sig
name=Signature update
size=11469
md5=DD7ED7A6664E7358ADF3180010109035
desc=482 Signatures: 428 Trojans, 5 Dialers, 34 Worms and 15 Spywares
[17]
URL=http://updates1.emsisoft.com/updates/854EA721E507C9029DD18FFA97A95176.dat
path=Signatures\20061115.sig
name=Signature update
size=15924
md5=854EA721E507C9029DD18FFA97A95176
desc=677 Signatures: 607 Trojans, 0 Dialers, 1 Worms and 69 Spywares
[18]
URL=http://updates1.emsisoft.com/updates/AE94741B5DF5630315C60F2514AF5FDD.dat
path=Signatures\20061115.trc
name=Traces signature update
size=5941
md5=AE94741B5DF5630315C60F2514AF5FDD
desc=590 Spyware Traces
[19]
URL=http://updates1.emsisoft.com/updates/31665154F751D26C5B4A0086DF07DD0F.dat
path=Signatures\20061116.sig
name=Signature update
size=8658
md5=31665154F751D26C5B4A0086DF07DD0F
desc=361 Signatures: 343 Trojans, 0 Dialers, 12 Worms and 6 Spywares
[20]
URL=http://updates1.emsisoft.com/updates/FD1F98413B0F518E9ACEB7F82C9E3744.dat
path=Signatures\20061117.sig
name=Signature update
size=12220
md5=FD1F98413B0F518E9ACEB7F82C9E3744
desc=481 Signatures: 406 Trojans, 1 Dialers, 0 Worms and 74 Spywares
is this what you meant still having problems!
-
No those are update signatures for a-squared.
You should take it to a local shop as you appear to have major problems that just can't be fixed without somebody digging around inside your computer running tests to see what is wrong.
Good luck.
-
SDFix: Version 1.44
-------------------
29/11/2006 - 21:28:06.71
Microsoft Windows XP [Version 5.1.2600]
Running from C:\SDFix
Stage One - Safe Mode
Service Check...
Service Name:
------------
FilePath:
--------
Starting Registry Repairs...
Restoring Default Hosts File...
Stage One Complete
Rebooting...
Stage Two - Normal Mode
Checking For Malware:
--------------------
Backing Up and Removing any Files Found...
Final Check:
Services:
---------
Authorized Applications Export:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res. dll,-22019
C:\Program Files\Grisoft\AVG Free\avginet.exe REG_SZ C:\Program Files\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe
C:\Program Files\Grisoft\AVG Free\avgemc.exe REG_SZ C:\Program Files\Grisoft\AVG Free\avgemc.exe:*:Enabled:avgemc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe REG_SZ C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0
C:\Program Files\MSN Messenger\msncall.exe REG_SZ C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\AuthorizedApplications\List
%windir%\system32\sessmgr.exe REG_SZ %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res. dll,-22019
C:\Program Files\MSN Messenger\msnmsgr.exe REG_SZ C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0
C:\Program Files\MSN Messenger\msncall.exe REG_SZ C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
Files:
------
Checking For Hidden Files:
C:\IO.SYS
C:\MSDOS.SYS
C:\pagefile.sys
Backups folder: - C:\SDFix\backups\backups.zip
FINISHED!
-
I have had the computer formatted was still having problems with the computer shutting down but managed to do the SDFix scan. i will send you a hijack scan aswell. thanks
-
f HijackThis v1.99.1
Scan saved at 21:50:26, on 29/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\notepad.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\Voyager 105 ADSL Modem\d@@@@ent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.madasafish.com/
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtim e.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [D@@@@ENTEXE] C:\Program Files\Voyager 105 ADSL Modem\d@@@@ent.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Lotus QuickStart.lnk = C:\lotus\wordpro\ltsstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{69D3C3FC-0C7C-4394-9458-8908EE51F299}: NameServer = 80.189.92.2 80.189.94.2
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
-
Hi,
That is a clean log, glad you got things sorted out.
