|
|
gazzapooz
new user
Reg'd: Fri
Posts: 21
|
|
Hi there, I'm new here and I hope I've done this right...
I have been having problems with my USB ports. I have 4 x USB 1 and 2 X USB 2 ports on my system. One port works (printer). Whenever I plug anything else in to any of the others, whatever it is, is not recognized. I have uninstalled the USB stacks, clean re-installed Windows, searched for drivers, checked out other sites also, but nothing and no-one can help me.
Here's hoping that someone here will be able to shine some light on my problem.
One thought I have had is that my System Restore doesn't work and I was wondering if that had anything to do with it.. Just a thought..
Thanks in advance.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:56:57, on 29/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\1239881522\ee\AOLSoftware.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AOL 9.0 VR\waol.exe
C:\Program Files\AOL 9.0 VR\shellmon.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\GARYMC~1\LOCALS~1\Temp\Rar$EX00.656\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co.uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1239881522\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /StartUp
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1659004503-1532298954-725345543-1004\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1239875488084
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1239875587209
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 6705 bytes
|
|
bricat
HijackThis Helper
Reg'd: Wed
Posts: 31991
Loc: belfast
|
|
Welcome to the Webuser forum. 
I don't think HJT will show anything that would affect your usb, and i don't see anything there. just to make sure there is nothing hiding :-
Download Combofix from any of the links below, and save it to your desktop. For information regarding this download, please visit this webpage: http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Link 1
Link 2
**Note: It is important that it is saved directly to your desktop**
--------------------------------------------------------------------
1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
If you don't know how to disable some of your security programs have a look :- HERE
--------------------------------------------------------------------
Double click on ComboFix.exe & follow the prompts.
When finished, it will produce a report for you.
- Please post the C:\ComboFix.txt along with a new HijackThis log for further review.
Please keep me informed about any changes to your problems during the different steps of the fix
FOR OTHER USERS, DO NOT RUN COMBOFIX UNLESS YOU ARE ASKED TO DO SO BY A HJT HELPER
--------------------
IF I HAVE SAVED YOU MONEY, PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST MALWARE.
 
When the only tool you own is a hammer, every problem begins to look like a nail. 
|
gazzapooz
new user
Reg'd: Fri
Posts: 21
|
|
Thanks for your help Bricat, I have done what you asked and here are the results. I haven't tried anything else yet, I'll wait on your reply before proceding...
ComboFix 09-05-28.07 - Gary McPherson 29/05/2009 16:04.1 - NTFSx86
Running from: c:\documents and settings\Gary McPherson\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Gary McPherson\Application Data\inst.exe
c:\windows\system32\systeminfo3.dll
.
((((((((((((((((((((((((( Files Created from 2009-04-28 to 2009-05-29 )))))))))))))))))))))))))))))))
.
2009-05-27 14:30 . 2009-05-27 14:30 -------- d-----w c:\program files\ARWizard3
2009-05-19 08:53 . 2009-05-05 08:32 2051864 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll
2009-05-19 08:53 . 2009-05-05 08:31 424472 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\avgwdwsc.dll
2009-05-19 08:53 . 2009-05-05 08:31 177432 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\avgmail.dll
2009-05-19 08:53 . 2009-05-05 08:31 3288344 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\setup.exe
2009-05-19 08:53 . 2009-05-05 08:31 312088 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\avglngx.dll
2009-05-19 08:53 . 2009-05-05 08:32 486168 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\avgrsx.exe
2009-05-19 08:52 . 2009-05-05 08:21 1437464 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.dll
2009-05-19 08:52 . 2009-05-05 08:21 755992 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\avginet.dll
2009-05-13 11:15 . 2009-05-13 11:15 -------- d-sh--w c:\documents and settings\Administrator\IETldCache
2009-05-13 08:19 . 2009-05-05 08:32 2302232 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\avguiadv.dll
2009-05-13 08:19 . 2009-05-05 08:32 3399960 ----a-w c:\documents and settings\All Users\Application Data\avg8\update\backup\avgui.exe
2009-05-10 18:30 . 2009-05-10 18:30 -------- d-sh--w c:\documents and settings\Gary McPherson\IECompatCache
2009-05-10 18:23 . 2009-05-10 18:23 -------- d-sh--w c:\documents and settings\Gary McPherson\PrivacIE
2009-05-10 18:21 . 2009-05-10 18:21 -------- d-sh--w c:\documents and settings\NetworkService\IETldCache
2009-05-10 18:20 . 2009-05-10 18:20 -------- d-sh--w c:\documents and settings\Gary McPherson\IETldCache
2009-05-10 18:18 . 2009-05-10 18:18 -------- d-----w c:\windows\ie8updates
2009-05-10 18:17 . 2009-04-25 05:30 102400 -c----w c:\windows\system32\dllcache\iecompat.dll
2009-05-10 18:15 . 2009-05-10 18:17 -------- dc-h--w c:\windows\ie8
2009-05-05 11:35 . 2009-05-05 11:35 -------- d-----w c:\documents and settings\Gary McPherson\Application Data\vlc
2009-05-05 11:31 . 2009-05-05 11:31 -------- d-----w c:\documents and settings\Gary McPherson\Application Data\dvdcss
2009-05-02 07:48 . 2009-05-02 07:51 -------- d-----w c:\documents and settings\Gary McPherson\Local Settings\Application Data\Nokia
2009-05-02 07:48 . 2009-05-02 07:48 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\Nokia
2009-05-02 07:46 . 2009-05-02 07:46 158936 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-05-02 07:46 . 2009-05-02 07:54 -------- d-----w c:\documents and settings\Gary McPherson\Application Data\Nokia
2009-05-02 07:44 . 2009-05-02 07:44 -------- d-----w c:\program files\MSXML 6.0
2009-05-02 07:43 . 2009-05-02 07:43 -------- d-----w c:\documents and settings\All Users\Application Data\NokiaMusic
2009-05-02 07:37 . 2009-05-02 07:43 -------- d-----w c:\windows\Globalization
2009-05-02 07:34 . 2009-05-02 07:38 -------- d-----w c:\windows\Downloaded Installations
2009-05-02 07:31 . 2009-05-02 07:31 -------- d-----w c:\program files\DIFX
2009-05-02 07:29 . 2009-05-04 09:58 -------- dc----w c:\windows\system32\DRVSTORE
2009-05-02 07:29 . 2008-02-01 14:17 90624 ----a-w c:\windows\system32\nmwcdcls.dll
2009-05-02 07:28 . 2009-05-04 09:58 -------- d-----w c:\program files\Nokia
2009-05-02 07:24 . 2009-05-02 07:24 -------- d-sh--w c:\windows\ftpcache
2009-04-30 15:07 . 2009-04-30 15:07 -------- d-----w c:\documents and settings\Gary McPherson\Application Data\EPSON
2009-04-29 19:20 . 2009-04-29 19:20 -------- d-----w c:\documents and settings\All Users\Application Data\ESET
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-29 14:47 . 2009-04-16 14:22 -------- d-----w c:\documents and settings\Gary McPherson\Application Data\uTorrent
2009-05-21 11:59 . 2009-05-21 12:03 1195520 ----a-w c:\windows\Internet Logs\xDBB.tmp
2009-05-20 19:34 . 2009-04-16 14:17 -------- d-----w c:\program files\XoftSpySE
2009-05-20 10:10 . 2009-04-16 18:31 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-05-16 12:16 . 2009-04-16 13:54 -------- d-----w c:\documents and settings\Gary McPherson\Application Data\U3
2009-05-10 09:25 . 2009-05-10 09:34 1699328 ----a-w c:\windows\Internet Logs\xDBA.tmp
2009-05-10 08:06 . 2009-04-19 09:42 3201043 ----a-w c:\windows\Internet Logs\tvDebug.Zip
2009-05-09 21:05 . 2009-05-10 08:06 1701376 ----a-w c:\windows\Internet Logs\xDB9.tmp
2009-05-08 17:30 . 2009-05-09 07:19 765440 ----a-w c:\windows\Internet Logs\xDB8.tmp
2009-05-08 07:45 . 2009-05-08 07:46 1694208 ----a-w c:\windows\Internet Logs\xDB7.tmp
2009-05-05 08:32 . 2009-04-16 11:11 11952 ----a-w c:\windows\system32\avgrsstx.dll
2009-05-05 08:32 . 2009-04-16 11:11 325896 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-05-05 08:32 . 2009-04-16 11:11 27784 ----a-w c:\windows\system32\drivers\avgmfx86.sys
2009-05-05 08:31 . 2009-04-16 11:11 108552 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-05-04 14:13 . 2009-04-16 14:55 -------- d-----w c:\program files\WhereIsIt
2009-05-04 10:15 . 2009-05-04 10:16 1654784 ----a-w c:\windows\Internet Logs\xDB6.tmp
2009-05-02 09:11 . 2009-04-16 10:13 64952 ----a-w c:\documents and settings\Gary McPherson\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-02 09:04 . 2009-04-16 14:39 -------- d-----w c:\program files\FLAC
2009-04-30 15:37 . 2009-04-27 13:05 560 ---ha-w c:\windows\Fonts\SWFont9.fnt
2009-04-30 15:37 . 2009-04-27 13:05 560 ----a-w c:\program files\Global.sw
2009-04-30 12:23 . 2009-04-16 11:11 -------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-04-29 19:34 . 2009-04-16 11:31 -------- d-----w c:\documents and settings\All Users\Application Data\AOL
2009-04-29 19:26 . 2009-04-16 11:35 -------- d-----w c:\documents and settings\Gary McPherson\Application Data\AOL
2009-04-27 14:40 . 2009-04-25 14:37 55640 ----a-w c:\windows\system32\drivers\avgntflt.sys
2009-04-27 13:05 . 2009-04-27 13:05 -------- d-----w c:\program files\SoftwrapLicense
2009-04-26 14:52 . 2009-04-26 14:52 1559552 ----a-w c:\windows\Internet Logs\xDB5.tmp
2009-04-25 14:34 . 2009-04-25 14:35 1545216 ----a-w c:\windows\Internet Logs\xDB4.tmp
2009-04-25 12:00 . 2009-04-25 12:00 -------- d-----w c:\program files\OpenWith.org Desktop Tool
2009-04-25 11:53 . 2009-04-25 11:54 1539072 ----a-w c:\windows\Internet Logs\xDB3.tmp
2009-04-25 11:44 . 2009-04-25 11:44 -------- d-----w c:\program files\Error Repair Professional
2009-04-24 18:45 . 2009-04-24 18:45 -------- d-----w c:\documents and settings\Gary McPherson\Application Data\Foxit
2009-04-24 18:45 . 2009-04-24 18:45 -------- d-----w c:\program files\Foxit Software
2009-04-24 15:55 . 2009-04-24 15:54 11148 ----a-w c:\documents and settings\All Users\Application Data\DVDXStudio\CloneDVD4\MainApp.dll
2009-04-24 15:54 . 2009-04-16 14:25 -------- d-----w c:\documents and settings\Gary McPherson\Application Data\Vso
2009-04-24 15:54 . 2009-04-24 15:54 -------- d-----w c:\program files\CloneDVD
2009-04-24 15:54 . 2009-04-24 15:54 -------- d-----w c:\documents and settings\All Users\Application Data\DVDXStudio
2009-04-24 07:32 . 2009-04-24 07:30 -------- d-----w c:\program files\Mp3tag
2009-04-24 07:32 . 2009-04-24 07:30 -------- d-----w c:\documents and settings\Gary McPherson\Application Data\Mp3tag
2009-04-23 16:32 . 2009-04-16 14:23 -------- d-----w c:\program files\Unlocker
2009-04-23 09:40 . 2009-04-16 18:07 -------- d-----w c:\program files\Microsoft Works
2009-04-20 20:09 . 2009-04-20 20:13 246784 ----a-w c:\windows\Internet Logs\xDB2.tmp
2009-04-20 20:08 . 2009-04-16 13:33 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-20 20:04 . 2009-04-16 13:32 -------- d-----w c:\program files\Common Files\InstallShield
2009-04-20 20:02 . 2009-04-20 20:02 -------- d-----w c:\documents and settings\All Users\Application Data\UDL
2009-04-20 20:00 . 2009-04-20 19:53 -------- d-----w c:\program files\epson
2009-04-20 19:57 . 2009-04-20 19:57 -------- d-----w c:\documents and settings\Gary McPherson\Application Data\InstallShield
2009-04-20 19:55 . 2009-04-20 19:55 -------- d-----w c:\documents and settings\All Users\Application Data\EPSON
2009-04-19 20:47 . 2009-04-19 19:59 -------- d-----w c:\documents and settings\Gary McPherson\Application Data\DivX
2009-04-19 19:57 . 2009-04-19 19:56 -------- d-----w c:\program files\DivX
2009-04-19 19:57 . 2009-04-19 19:56 -------- d-----w c:\program files\Common Files\DivX Shared
2009-04-19 19:23 . 2009-04-19 19:09 -------- d-----w c:\documents and settings\Gary McPherson\Application Data\Media Player Classic
2009-04-19 19:18 . 2009-04-19 19:13 -------- d-----w c:\program files\K-Lite Codec Pack
2009-04-19 13:43 . 2009-04-19 13:44 1426944 ----a-w c:\windows\Internet Logs\xDB1.tmp
2009-04-17 09:46 . 2009-04-16 14:16 -------- d-----w c:\program files\RegCleaner
2009-04-17 08:13 . 2009-04-16 11:31 -------- d-----w c:\program files\Common Files\aol
2009-04-16 18:36 . 2009-04-16 18:31 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-04-16 18:08 . 2009-04-16 18:08 -------- d-----w c:\program files\Common Files\L&H
2009-04-16 18:07 . 2009-04-16 18:07 -------- d-----w c:\program files\Microsoft ActiveSync
2009-04-16 18:06 . 2009-04-16 18:06 -------- d-----w c:\program files\Microsoft.NET
2009-04-16 17:31 . 2009-04-16 17:31 -------- d-----w c:\program files\AskBarDis
2009-04-16 17:31 . 2009-04-16 17:31 4212 ---ha-w c:\windows\system32\zllictbl.dat
2009-04-16 17:30 . 2009-04-16 17:30 -------- d-----w c:\program files\Zone Labs
2009-04-16 17:18 . 2009-04-16 17:16 -------- d-----w c:\program files\CDBurnerXP
2009-04-16 17:16 . 2009-04-16 17:16 -------- d-----w c:\documents and settings\Gary McPherson\Application Data\Canneverbe_Limited
2009-04-16 16:23 . 2009-04-16 16:23 -------- d-----w c:\program files\Microsoft
2009-04-16 16:23 . 2009-04-16 16:23 -------- d-----w c:\program files\Windows Live
2009-04-16 16:23 . 2009-04-16 16:23 -------- d-----w c:\program files\Windows Live SkyDrive
2009-04-16 16:17 . 2009-04-16 16:17 -------- d-----w c:\program files\Common Files\Windows Live
2009-04-16 16:16 . 2009-04-16 16:16 -------- d-----w c:\program files\Microsoft Silverlight
2009-04-16 16:11 . 2009-04-16 16:11 -------- d-----w c:\program files\MSBuild
2009-04-16 16:11 . 2009-04-16 16:11 -------- d-----w c:\program files\Reference Assemblies
2009-04-16 16:06 . 2009-04-16 16:06 -------- d-----w c:\program files\Windows Media Connect 2
2009-04-16 15:21 . 2009-04-16 15:21 -------- d-----w c:\program files\MSXML 4.0
2009-04-16 14:47 . 2009-04-16 14:47 -------- d-----w c:\program files\Opera
2009-04-16 14:45 . 2009-04-16 14:45 -------- d-----w c:\documents and settings\Gary McPherson\Application Data\Xilisoft Corporation
2009-04-16 14:45 . 2009-04-16 14:43 -------- d-----w c:\program files\Xilisoft
2009-04-16 14:40 . 2009-04-16 14:40 -------- d-----w c:\program files\VideoLAN
2009-04-16 14:37 . 2009-04-16 14:37 -------- d-----w c:\documents and settings\All Users\Application Data\TEMP
2009-04-16 14:37 . 2009-04-16 14:37 -------- d-----w c:\program files\Easy CD-DA Extractor 11
2009-04-16 14:36 . 2009-04-16 14:36 -------- d-----w c:\documents and settings\Gary McPherson\Application Data\Corel
2009-04-16 14:34 . 2009-04-16 14:34 952 --sha-w c:\windows\system32\KGyGaAvL.sys
2009-04-16 14:33 . 2009-04-16 14:33 -------- d-----w c:\documents and settings\All Users\Application Data\InstallShield
2009-04-16 14:33 . 2009-04-16 14:33 -------- d-----w c:\program files\Common Files\Corel
2009-04-16 14:33 . 2009-04-16 14:32 -------- d-----w c:\program files\Corel
2009-04-16 14:25 . 2009-04-16 14:25 47360 ----a-w c:\windows\system32\drivers\pcouffin.sys
2009-04-16 14:25 . 2009-04-16 14:25 47360 ----a-w c:\documents and settings\Gary McPherson\Application Data\pcouffin.sys
2009-04-16 14:25 . 2009-04-16 14:25 47360 ----a-w c:\documents and settings\Gary McPherson\Application Data\pcouffin.sys
2009-04-16 14:25 . 2009-04-16 14:24 -------- d-----w c:\program files\VSO
2009-04-16 14:22 . 2009-04-16 14:22 -------- d-----w c:\program files\uTorrent
2009-04-16 14:21 . 2009-04-16 14:21 -------- d-----w c:\program files\7-Zip
2009-04-16 14:14 . 2009-04-16 14:10 -------- d-----w c:\documents and settings\Gary McPherson\Application Data\IObit
2009-04-16 14:14 . 2009-04-16 14:10 -------- d-----w c:\program files\IObit
2009-04-16 14:08 . 2009-04-16 14:07 -------- d-----w c:\program files\Yahoo!
2009-04-16 14:07 . 2009-04-16 14:07 -------- d-----w c:\program files\CCleaner
2009-04-16 14:07 . 2009-04-16 14:07 -------- d-----w c:\documents and settings\Gary McPherson\Application Data\Yahoo!
2009-04-16 13:46 . 2009-04-16 13:46 -------- d-----w c:\program files\Gigabyte
2009-04-16 13:45 . 2009-04-16 13:45 -------- d-----w c:\program files\Avance Sound Manager
2009-04-16 13:45 . 2009-04-16 13:45 -------- d-----w c:\program files\AvRack
2009-04-16 13:37 . 2009-04-16 13:37 -------- d-----w c:\program files\directx
2009-04-16 13:37 . 2009-04-16 13:37 -------- d-----w c:\documents and settings\Gary McPherson\Application Data\FotoWire
2009-04-15 20:24 . 2009-04-15 20:24 1044480 ----a-w c:\program files\mozilla firefox\plugins\libdivx.dll
2009-04-15 20:24 . 2009-04-15 20:24 200704 ----a-w c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-04-15 20:24 . 2009-04-15 20:24 1044480 ----a-w c:\program files\opera\program\plugins\libdivx.dll
2009-04-15 20:24 . 2009-04-15 20:24 200704 ----a-w c:\program files\opera\program\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-10-16 17:22 333192 ----a-w c:\program files\AskBarDis\bar\bin\askBar.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-04-30 2329936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HostManager"="c:\program files\Common Files\AOL\1239881522\ee\AOLSoftware.exe" [2006-11-14 50736]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-15 981384]
"SmartDefrag"="c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" [2009-02-13 1986896]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-05 1947928]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-05-05 08:32 11952 ----a-w c:\windows\system32\avgrsstx.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Common Files\\aol\\acs\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\aol\\acs\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\aol\\1239881522\\ee\\aolsoftware.exe"=
"c:\\Program Files\\AOL 9.0 VR\\waol.exe"=
"c:\\Program Files\\Common Files\\aol\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\aol\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\aol\\System Information\\sinf.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-05-05 325896]
S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-05-05 108552]
S2 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [2008-10-16 464264]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-05-05 908568]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-05-05 298776]
--- Other Services/Drivers In Memory ---
*Deregistered* - AFD
*Deregistered* - ALG
*Deregistered* - AOL ACS
*Deregistered* - ASKService
*Deregistered* - AudioSrv
*Deregistered* - audstub
*Deregistered* - avg8emc
*Deregistered* - avg8wd
*Deregistered* - AvgLdx86
*Deregistered* - AvgMfx86
*Deregistered* - AvgTdiX
*Deregistered* - Beep
*Deregistered* - Cdfs
*Deregistered* - CryptSvc
*Deregistered* - DcomLaunch
*Deregistered* - Dhcp
*Deregistered* - dmserver
*Deregistered* - EventSystem
*Deregistered* - Fips
*Deregistered* - FltMgr
*Deregistered* - Ftdisk
*Deregistered* - Gpc
*Deregistered* - HTTP
*Deregistered* - HTTPFilter
*Deregistered* - IpNat
*Deregistered* - IPSec
*Deregistered* - KSecDD
*Deregistered* - lanmanworkstation
*Deregistered* - LmHosts
*Deregistered* - mnmdd
*Deregistered* - MountMgr
*Deregistered* - MRxSmb
*Deregistered* - Msfs
*Deregistered* - mssmbios
*Deregistered* - Mup
*Deregistered* - NDIS
*Deregistered* - NdisTapi
*Deregistered* - Ndisuio
*Deregistered* - NdisWan
*Deregistered* - NDProxy
*Deregistered* - NetBIOS
*Deregistered* - NetBT
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - NMSAccessU
*Deregistered* - Npfs
*Deregistered* - Ntfs
*Deregistered* - Null
*Deregistered* - PartMgr
*Deregistered* - ParVdm
*Deregistered* - pcouffin
*Deregistered* - PptpMiniport
*Deregistered* - ProtectedStorage
*Deregistered* - PSched
*Deregistered* - RasAcd
*Deregistered* - Rasl2tp
*Deregistered* - RasMan
*Deregistered* - RasPppoe
*Deregistered* - Raspti
*Deregistered* - Rdbss
*Deregistered* - RDPCDD
*Deregistered* - RpcSs
*Deregistered* - SamSs
*Deregistered* - Schedule
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - Spooler
*Deregistered* - sr
*Deregistered* - srescan
*Deregistered* - srservice
*Deregistered* - SSDPSRV
*Deregistered* - swenum
*Deregistered* - TapiSrv
*Deregistered* - Tcpip
*Deregistered* - TermDD
*Deregistered* - Themes
*Deregistered* - Update
*Deregistered* - VgaSave
*Deregistered* - VolSnap
*Deregistered* - vsdatant
*Deregistered* - vsmon
*Deregistered* - Wanarp
*Deregistered* - wanatw
*Deregistered* - winmgmt
*Deregistered* - wscsvc
*Deregistered* - wuauserv
*Deregistered* - WZCSVC
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-05-03 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2009-04-16 17:15]
2009-05-29 c:\windows\Tasks\XoftSpySE 2.job
- c:\program files\XoftSpySE\XoftSpy.exe [2007-07-13 13:02]
2009-05-05 c:\windows\Tasks\XoftSpySE.job
- c:\program files\XoftSpySE\XoftSpy.exe [2007-07-13 13:02]
.
- - - - ORPHANS REMOVED - - - -
SafeBoot-procexp90.Sys
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk
uInternet Settings,ProxyOverride = localhost
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Gary McPherson\Application Data\Mozilla\Firefox\Profiles\g7gfcvpe.default\
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-29 16:06
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-05-29 16:08
ComboFix-quarantined-files.txt 2009-05-29 15:08
Pre-Run: 23,905,632,256 bytes free
Post-Run: 23,894,323,200 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
340 --- E O F --- 2009-05-13 09:30
New hijack this log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:09:41, on 29/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\1239881522\ee\AOLSoftware.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\WINDOWS\System32\svchost.exe
C:\DOCUME~1\GARYMC~1\LOCALS~1\Temp\Rar$EX00.094\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1239881522\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /StartUp
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKUS\S-1-5-21-1659004503-1532298954-725345543-1004\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?')
O4 - HKUS\S-1-5-21-1659004503-1532298954-725345543-1004\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-1659004503-1532298954-725345543-1004\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1239875488084
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1239875587209
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 6676 bytes
|
bricat
HijackThis Helper
Reg'd: Wed
Posts: 31991
Loc: belfast
|
|
if your usb ports still aren't working try running sfc \scannow
to see if any system files are missing.
put your XP disc in the drive.
click on START\RUN and type CMD into the address bar and click OK.
At the DOS PROMPT type SFC /SCANNOW. note the space between SFC and /SCANNOW. hit enter.
if you don't have an xp disc or can't borrow a disc there is a way to do it without the
disc, but i have to warn you that it means editing the REGISTRY,
if you decide to try this method i suggest you do a backup of your registry first,
and save it to your desktop, where it will be easy to find should you need it later. SEE HERE
--------------------
IF I HAVE SAVED YOU MONEY, PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST MALWARE.
When the only tool you own is a hammer, every problem begins to look like a nail.
|
gazzapooz
new user
Reg'd: Fri
Posts: 21
|
|
I have a XP Disc.
I've done exactly what you said but the ports still don't work.
I continue to get the 'Not Recognized' error message.
|
bricat
HijackThis Helper
Reg'd: Wed
Posts: 31991
Loc: belfast
|
|
right click MY COMPUTER. select PROPERTIES.
click on HARDWARE then DEVICE MANAGER.
scroll down to universal serial bus, click on the plus sign to expand it, are there any exclamation marks beside the drivers ?
--------------------
IF I HAVE SAVED YOU MONEY, PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST MALWARE.
When the only tool you own is a hammer, every problem begins to look like a nail.
|
gazzapooz
new user
Reg'd: Fri
Posts: 21
|
|
No exclamation marks next to any of the entries..
|
bricat
HijackThis Helper
Reg'd: Wed
Posts: 31991
Loc: belfast
|
|
unplug the printer from the usb port, then try something in one of the other ports, in case the printer is causing the problem.
if that doesn't sort it, i'm lost. it's not really my area. you could also try posting in the general pc forum, some of the techies there might have a better idea.
we just need to remove combofix.
Click START then RUN
Now type Combofix /u in the runbox and click OK
The above procedure will:
- Delete the following:[list]
- ComboFix and its associated files and folders.
- VundoFix backups, if present
- The C:\Deckard folder, if present
- The C:_OtMoveIt folder, if present
Reset the clock settings.
Hide file extensions, if required.
Hide System/Hidden files, if required.
Reset System Restore.[/list]
Then :-
Download and scan with CCleaner - CCleaner installs the Yahoo Toolbar as an option which IS checkmarked by default during the installation.
IF you do NOT want it, REMOVE the checkmark when provided with the option OR download the toolbar-free or Slim versions instead of the Standard Build.
- Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"
Then select "Cookies"
Move any cookies you wish to retain, e.g. login cookies, in the left-hand window to the right-hand window by highlighting them and clicking the right arrow in the centre.
- Then select the items you wish to clean up.
In the Windows Tab:
• Clean all entries in the "Internet Explorer" section.
• Clean all the entries in the "Windows Explorer" section.
• Clean all entries in the "Advanced" section.
• Clean any others that you choose.
Leave the system section at default.
In the Applications Tab:
• Clean all entries in the Mozilla Firefox Section.
• Clean all in the Opera section if you use it.
• Clean Sun Java in the Internet Section.
• Clean any others that you choose.
- Click the "Run Cleaner" button.
- A pop up box will appear advising this process will permanently delete files from your system.
- Click "OK" and it will scan and clean your system.
- Click "exit" when done.
then DEFRAG your C:\ drive.
to help speed up your system.
--------------------
IF I HAVE SAVED YOU MONEY, PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST MALWARE.
When the only tool you own is a hammer, every problem begins to look like a nail.
|
gazzapooz
new user
Reg'd: Fri
Posts: 21
|
|
Thanks for that.
I've got CCleaner and I run it regularly.
An interesting development, I unplugged the printer and plugged it into another of the ports, the system went into reboot.
The system restarted. When it did, I tried plugging my mobile phone into the same port the printer was in and I still got the same 'Not recognized' error message..
I don't know if that makes any difference to what we've done previous.
I'd like to thank you for your help on this wee problem..
|
bricat
HijackThis Helper
Reg'd: Wed
Posts: 31991
Loc: belfast
|
|
your best bet would be posting in the general pc forum or the hardware forum, i haven't a clue what would cause that. there's definitely a fault somewhere.
sorry i couldn't be more help.
--------------------
IF I HAVE SAVED YOU MONEY, PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST MALWARE.
When the only tool you own is a hammer, every problem begins to look like a nail.
|
gazzapooz
new user
Reg'd: Fri
Posts: 21
|
|
Problem solved...
I bought a 4 port USB PCI card and it works..
Thanks for all your help
Gary
|
bricat
HijackThis Helper
Reg'd: Wed
Posts: 31991
Loc: belfast
|
|
Glad you're sorted 
--------------------
IF I HAVE SAVED YOU MONEY, PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST MALWARE.
When the only tool you own is a hammer, every problem begins to look like a nail.
|
Previous
Index
Next
Threaded
Edit
Reply
Quote
