1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive [INACTIVE]generic win32 error

Discussion in 'Malware and Virus Removal Archive' started by axolotl, 2008/11/21.

  1. 2008/11/21
    axolotl

    axolotl Inactive Thread Starter

    Joined:
    2008/11/21
    Messages:
    1
    Likes Received:
    0
    Greetings! Am getting erratic error messages: Generic Host Process for Win32... needed to close.
    Then the internet connection terminates and can only be re-activated after rebooting the system.
    Have installed WindowsXP-KB894391-x86-ENU.exe and WindowsXP-KB921883-x86-ENU.exe
    Have run superantispyware, S&D, ccleaner, ComboFix, LOPSD... without any results.
    Have installed RSIT. Here is the HijackThis file:

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Rostam Seddiq at 2008-11-21 19:00:14
    Microsoft Windows XP Professional Service Pack 2
    System drive C: has 8 GB (38%) free of 20 GB
    Total RAM: 2046 MB (66% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:00:20, on 21.11.2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Citrix\ICA Client\ssonsvr.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\COMODO\Firewall\cfp.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    D:\Program Files\Launchy\Launchy.exe
    D:\Program Files\palmOne\HOTSYNC.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\COMODO\Firewall\cmdagent.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\SONY\VAIO Event Service\VESMgr.exe
    C:\Program Files\Mozilla Firefox 3 rc1\firefox.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Documents and Settings\Rostam Seddiq\Desktop\RSIT.exe
    C:\Documents and Settings\Rostam Seddiq\Desktop\HiJackThis\Rostam Seddiq.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe "
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: HotSync Manager.lnk = D:\Program Files\palmOne\HOTSYNC.EXE
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Launchy.lnk = D:\Program Files\Launchy\Launchy.exe
    O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1203199740439
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B3C116BA-6A78-4C94-86E3-7A34E80E6D5B}: NameServer = 213.191.74.11 213.191.92.82
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
    O23 - Service: Google Desktop Manager 5.7.801.1629 (GoogleDesktopManager-010108-205858) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\SONY\VAIO Event Service\VESMgr.exe

    --
    End of file - 6394 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\1-Click Maintenance.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-05 320920]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-05 34816]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
    JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-05 73728]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon "=C:\WINDOWS\system32\NvCpl.dll [2006-07-20 7340032]
    "avgnt "=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-17 266497]
    "COMODO Firewall Pro "=C:\Program Files\COMODO\Firewall\cfp.exe [2008-11-19 1796856]
    "Google Desktop Search "=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-02-19 29744]
    "COMODO Internet Security "=C:\Program Files\COMODO\Firewall\cfp.exe [2008-11-19 1796856]
    "SunJavaUpdateSched "=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-05 136600]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "MSMSGS "=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
    "ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup
    Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    Launchy.lnk - D:\Program Files\Launchy\Launchy.exe

    C:\Documents and Settings\Rostam Seddiq\Start Menu\Programs\Startup
    HotSync Manager.lnk - D:\Program Files\palmOne\HOTSYNC.EXE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
    C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
    C:\WINDOWS\system32\VESWinlogon.dll [2005-05-20 73728]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-04-10 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername "=0
    "legalnoticecaption "=
    "legalnoticetext "=
    "shutdownwithoutlogon "=1
    "undockwithoutlogon "=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDrives "=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun "=
    "NoDrives "=
    "NoDriveAutoRun "=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 "
    "%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 "
    "C:\Program Files\uTorrent\uTorrent.exe "= "C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent "

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 "
    "%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 "

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88ba5a0b-f6a8-11dc-8287-0013a929b46d}]
    shell\AutoRun\command - F:\AutoRun.exe


    ======List of files/folders created in the last 3 months======

    2008-11-21 18:37:41 ----D---- C:\rsit
    2008-11-21 02:08:57 ----SHD---- C:\RECYCLER
    2008-11-20 23:23:15 ----A---- C:\ComboFix.txt
    2008-11-20 19:26:52 ----D---- C:\manifesting_2008nov20
    2008-11-19 23:29:18 ----A---- C:\Boot.bak
    2008-11-19 23:29:11 ----RASHD---- C:\cmdcons
    2008-11-19 23:26:52 ----A---- C:\WINDOWS\zip.exe
    2008-11-19 23:26:52 ----A---- C:\WINDOWS\VFIND.exe
    2008-11-19 23:26:52 ----A---- C:\WINDOWS\SWXCACLS.exe
    2008-11-19 23:26:52 ----A---- C:\WINDOWS\SWSC.exe
    2008-11-19 23:26:52 ----A---- C:\WINDOWS\SWREG.exe
    2008-11-19 23:26:52 ----A---- C:\WINDOWS\sed.exe
    2008-11-19 23:26:52 ----A---- C:\WINDOWS\NIRCMD.exe
    2008-11-19 23:26:52 ----A---- C:\WINDOWS\grep.exe
    2008-11-19 23:26:52 ----A---- C:\WINDOWS\fdsv.exe
    2008-11-19 23:26:39 ----D---- C:\WINDOWS\ERDNT
    2008-11-19 23:26:39 ----D---- C:\Qoobox
    2008-11-19 23:21:44 ----D---- C:\Documents and Settings\Rostam Seddiq\Application Data\Malwarebytes
    2008-11-19 23:21:36 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-11-19 23:21:35 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-11-19 23:19:07 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2008-11-19 23:19:02 ----D---- C:\Program Files\SUPERAntiSpyware
    2008-11-19 23:19:02 ----D---- C:\Documents and Settings\Rostam Seddiq\Application Data\SUPERAntiSpyware.com
    2008-11-19 23:18:39 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
    2008-11-19 21:02:24 ----A---- C:\lopR.txt
    2008-11-19 21:01:29 ----D---- C:\Lop SD
    2008-11-19 20:57:37 ----HDC---- C:\WINDOWS\$NtUninstallKB921883$
    2008-11-18 18:31:14 ----D---- C:\Program Files\PDF2TXT
    2008-11-18 18:23:15 ----D---- C:\Documents and Settings\Rostam Seddiq\Application Data\Sowedoo Software
    2008-11-18 14:52:57 ----D---- C:\Program Files\Intel
    2008-11-05 13:05:02 ----A---- C:\WINDOWS\system32\javaws.exe
    2008-11-05 13:05:02 ----A---- C:\WINDOWS\system32\javaw.exe
    2008-11-05 13:05:02 ----A---- C:\WINDOWS\system32\java.exe
    2008-11-05 13:05:02 ----A---- C:\WINDOWS\system32\deploytk.dll
    2008-10-23 22:44:56 ----D---- C:\Program Files\uTorrent
    2008-10-23 22:44:42 ----D---- C:\Documents and Settings\Rostam Seddiq\Application Data\uTorrent
    2008-10-23 09:47:46 ----D---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
    2008-10-20 18:11:59 ----D---- C:\Program Files\Aspell
    2008-09-17 11:06:02 ----A---- C:\WINDOWS\system32\VESWinlogon.dll
    2008-09-17 09:58:21 ----D---- C:\Program Files\SONY
    2008-09-17 09:51:58 ----D---- C:\Program Files\Common Files\Sony Shared
    2008-09-17 09:51:58 ----A---- C:\WINDOWS\system32\msvcr70.dll
    2008-09-15 11:36:08 ----D---- C:\Documents and Settings\Rostam Seddiq\Application Data\vlc

    ======List of files/folders modified in the last 3 months======

    2008-11-21 18:53:03 ----D---- C:\WINDOWS\Prefetch
    2008-11-21 18:37:31 ----D---- C:\WINDOWS\Temp
    2008-11-21 18:32:58 ----D---- C:\WINDOWS
    2008-11-21 18:24:33 ----D---- C:\Program Files\Mozilla Firefox 3 rc1
    2008-11-21 18:21:50 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-11-20 23:45:47 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-11-20 23:36:18 ----HD---- C:\WINDOWS\inf
    2008-11-20 23:36:17 ----D---- C:\WINDOWS\system32\CatRoot
    2008-11-20 23:23:20 ----D---- C:\WINDOWS\system32
    2008-11-20 23:20:54 ----A---- C:\WINDOWS\system.ini
    2008-11-20 23:19:36 ----D---- C:\WINDOWS\system32\drivers
    2008-11-20 23:19:34 ----D---- C:\WINDOWS\AppPatch
    2008-11-20 23:19:34 ----D---- C:\Program Files\Common Files
    2008-11-19 23:32:16 ----D---- C:\WINDOWS\system32\config
    2008-11-19 23:29:18 ----RASH---- C:\boot.ini
    2008-11-19 23:21:35 ----RD---- C:\Program Files
    2008-11-19 23:19:05 ----SHD---- C:\WINDOWS\Installer
    2008-11-19 23:07:39 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-11-19 23:07:21 ----D---- C:\WINDOWS\Debug
    2008-11-19 23:07:20 ----D---- C:\WINDOWS\Minidump
    2008-11-19 22:58:52 ----D---- C:\Program Files\Java
    2008-11-19 20:56:53 ----HD---- C:\WINDOWS\$hf_mig$
    2008-11-19 12:10:58 ----A---- C:\WINDOWS\system32\guard32.dll
    2008-11-18 19:12:09 ----A---- C:\WINDOWS\sfshell.tmp
    2008-11-18 18:46:51 ----HD---- C:\Program Files\InstallShield Installation Information
    2008-11-18 18:39:34 ----D---- C:\Documents and Settings\Rostam Seddiq\Application Data\OpenOffice.org2
    2008-11-18 18:28:08 ----D---- C:\Program Files\Mozilla Firefox
    2008-11-18 14:53:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2008-11-18 14:53:50 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2008-11-10 16:41:20 ----D---- C:\Program Files\Spybot - Search & Destroy
    2008-11-07 17:16:31 ----HD---- C:\fslrdr
    2008-10-30 22:57:45 ----SHD---- C:\System Volume Information
    2008-10-27 10:30:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2008-10-23 09:47:41 ----SD---- C:\WINDOWS\Downloaded Program Files
    2008-10-20 18:21:23 ----D---- C:\Documents and Settings\Rostam Seddiq\Application Data\Notepad++
    2008-09-17 09:51:47 ----D---- C:\Program Files\Common Files\InstallShield
    2008-09-10 15:39:18 ----A---- C:\WINDOWS\win.ini
    2008-09-03 15:46:29 ----SD---- C:\WINDOWS\Tasks

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-11 75072]
    R1 cmdGuard;COMODO Firewall Pro Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2008-11-19 99216]
    R1 cmdHlp;COMODO Firewall Pro Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2008-11-19 31504]
    R1 DMICall;Sony DMI Call service; C:\WINDOWS\system32\DRIVERS\DMICall.sys [2000-12-05 3952]
    R1 FSLX;FSLX; \??\C:\WINDOWS\system32\drivers\fslx.sys []
    R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-03 36096]
    R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
    R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2008-04-16 21248]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-07-20 12544]
    R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2004-08-03 14080]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-08-12 137728]
    R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
    R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-07-20 998656]
    R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-07-20 202112]
    R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2006-07-20 36352]
    R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
    R3 Mvc25U870_VID_1262&PID_25FD;Sony Visual Communication Camera VGP-VCC2; C:\WINDOWS\System32\Drivers\Mvc25U870.sys [2006-07-20 55680]
    R3 NETw3x32;Intel(R) PRO/Wireless 3945ABG Adaptertreiber für Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw3x32.sys [2006-07-26 1707776]
    R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-07-20 3605664]
    R3 SNC;Sony Notebook Control Device; C:\WINDOWS\System32\DRIVERS\SonyNC.sys [2001-08-17 20752]
    R3 SPI;Sony Programmable I/O Control Device; C:\WINDOWS\System32\DRIVERS\SonyPI.sys [2001-08-17 37040]
    R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-07-20 1076472]
    R3 ti21sony;ti21sony; C:\WINDOWS\system32\drivers\ti21sony.sys [2006-07-20 217472]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
    R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
    R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
    R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
    R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-07-20 721280]
    R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-07-20 241408]
    S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
    S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
    S3 PalmUSBD;PalmUSBD; C:\WINDOWS\system32\drivers\PalmUSBD.sys [2002-10-08 16509]
    S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirScheduler;AntiVir PersonalEdition Classic Planer; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-24 68865]
    R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-24 151297]
    R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\Firewall\cmdagent.exe [2008-11-19 618232]
    R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-05 152984]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-07-20 143426]
    R2 VAIO Event Service;VAIO Event Service; C:\Program Files\SONY\VAIO Event Service\VESMgr.exe [2005-05-20 153600]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2003-02-20 32768]
    S3 GoogleDesktopManager-010108-205858;Google Desktop Manager 5.7.801.1629; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-02-19 29744]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

    -----------------EOF-----------------

    Thanks a million.
     
    axolotl,
    #1
  2. 2008/12/01
    suebaby41

    suebaby41 Inactive

    Joined:
    2008/07/19
    Messages:
    30
    Likes Received:
    0
    Welcome to the Windows BBS Forums.

    Please read Welcome to the Removing Spyware & Viruses section of the WindowsBBS Help and Support Forum.

    Since it has been a few days since you scanned your computer with HijackThis, please post a new HijackThis Log. If you have not already done so, please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop.
    1. Double click on RSIT.exe to run RSIT.
    2. Click Continue at the disclaimer screen.
    3. After it has finished, two logs will open. Please post the contents of both. log.txt will be maximized and info.txt will be minimized.
    Thank you for your patience.

    If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped.

    While we are working on your HijackThis log, please:
    1. Reply to this thread; do not start another!
    2. Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so.
    3. Do not run any other tool until instructed to do so!
    4. Let me know if any of the links do not work or if any of the tools do not work.
    5. Tell me about problems or symptoms that occur during the fix.
    6. Do not run any other programs or open any other windows while doing a fix.
    7. Ask any questions that you have regarding the fix(es), the infection(s), the performance of your computer, etc.
    Thanks.
     
    suebaby41,
    #2


  3. to hide this advert.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...