#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2010
    Location
    Edmonton, Canada
    Posts
    8
    Rep Power
    0

    I'm having problems sharing my media with WPM 11 so i ran Combo-fix and Hijackthis


    I'm having problems sharing my media with WPM 11 so i ran Combo-fix and Hijackthis but i have no clue how to read it

    i have windows xp SP3 home
    and i was told to run those by a friend and to find a forum where some one knows how to read them

    can anyone help me out?
  2. #2
  3. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2010
    Location
    Edmonton, Canada
    Posts
    8
    Rep Power
    0
    this is what came up when i ran Combo-Fix



    PHP Code:
    ComboFix 10-04-15.02 Luke 04/16/2010   0:24.1.1 x86
    Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1983.1292 
    [GMT -6:00]
    Running fromh:\documents and settings\Luke\Desktop\Combo-Fix.exe
    AV
    AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    .

    (((((((((((((((((((((((((((((((((((((((   
    Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    h:\windows\Downloaded Program Files\ODCTOOLS

    .
    (((((((((((((((((((((((((   
    Files Created from 2010-03-16 to 2010-04-16  )))))))))))))))))))))))))))))))
    .

    2010-04-15 09:10 2010-04-15 18:43    --------    d-----w-    h:\documents and settings\Luke\Local Settings\Application Data\ApplicationHistory
    2010
    -04-15 06:24 2010-04-15 06:51    --------    d-----w-    h:\documents and settings\All Users\Application Data\RegCure
    2010
    -04-15 02:27 2010-04-15 02:27    --------    d-----w-    h:\windows\system32\URTTEMP
    2010
    -04-15 00:45 2010-04-15 08:14    54    ----a-w-    h:\windows\system32\rp_stats.dat
    2010
    -04-15 00:45 2010-04-15 08:14    39    ----a-w-    h:\windows\system32\rp_rules.dat
    2010
    -04-10 12:13 2010-04-09 21:45    15880    ----a-w-    h:\windows\system32\lsdelete.exe
    2010
    -04-09 21:47 2009-12-02 13:19    64288    ----a-w-    h:\windows\system32\drivers\Lbd.sys
    2010
    -04-09 21:45 2010-04-09 21:45    862040    ----a-w-    h:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\threatwork.exe
    2010
    -04-09 21:45 2010-04-09 21:45    15880    ----a-w-    h:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lsdelete.exe
    2010
    -04-09 21:45 2010-04-09 21:45    206944    ----a-w-    h:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavamessage.dll
    2010
    -04-09 21:45 2010-04-09 21:45    390288    ----a-w-    h:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavalicense.dll
    2010
    -04-09 21:45 2010-04-09 21:45    537576    ----a-w-    h:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\aawapi.dll
    2010
    -04-09 21:45 2010-04-09 21:45    389784    ----a-w-    h:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\UpdateManager.dll
    2010
    -04-09 21:45 2010-04-09 21:45    163728    ----a-w-    h:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\ShellExt.dll
    2010
    -04-09 21:44 2010-04-09 21:44    6296864    ----a-w-    h:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Resources.dll
    2010
    -04-09 21:44 2010-04-09 21:44    327000    ----a-w-    h:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\RPAPI.dll
    2010
    -04-09 21:44 2010-04-09 21:44    87496    ----a-w-    h:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\PrivacyClean.dll
    2010
    -04-09 21:43 2010-04-09 21:43    933120    ----a-w-    h:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\CEAPI.dll
    2010
    -04-09 21:43 2010-04-09 21:43    3803208    ----a-w-    h:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AutoLaunch.exe
    2010
    -04-09 21:43 2010-04-09 21:43    816784    ----a-w-    h:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
    2010
    -04-09 21:43 2010-04-09 21:43    823928    ----a-w-    h:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
    2010
    -04-09 21:43 2010-04-09 21:43    1643272    ----a-w-    h:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
    2010
    -04-09 21:43 2010-04-09 21:43    788880    ----a-w-    h:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe
    2010
    -04-09 21:43 2010-04-09 21:43    1181328    ----a-w-    h:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe
    2010
    -04-09 21:33 2009-12-07 14:10    2953352    -c--a-w-    h:\documents and settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}\Ad-AwareInstallation.exe
    2010
    -04-09 21:27 2010-04-09 21:27    --------    d-----w-    h:\program files\Lavasoft
    2010
    -04-09 21:22 2010-04-09 21:33    --------    dc-h--w-    h:\documents and settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
    2010-04-09 21:17 2010-04-09 21:17    5918776    ----a-w-    h:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
    2010-04-07 18:54 . 2010-04-07 18:54    --------    d-----w-    h:\program files\Common Files\Java
    2010-04-07 18:49 . 2010-04-07 18:49    503808    ----a-w-    h:\documents and settings\Luke\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-41f2bd8a-n\msvcp71.dll
    2010-04-07 18:49 . 2010-04-07 18:49    499712    ----a-w-    h:\documents and settings\Luke\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-41f2bd8a-n\jmc.dll
    2010-04-07 18:49 . 2010-04-07 18:49    348160    ----a-w-    h:\documents and settings\Luke\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-41f2bd8a-n\msvcr71.dll
    2010-04-07 18:49 . 2010-04-07 18:49    12800    ----a-w-    h:\documents and settings\Luke\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-73e8734e-n\decora-d3d.dll
    2010-04-07 18:49 . 2010-04-07 18:49    61440    ----a-w-    h:\documents and settings\Luke\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-73e8734e-n\decora-sse.dll
    2010-03-24 02:23 . 2010-03-30 01:40    --------    d-----w-    H:\ConverterOutput
    2010-03-24 02:23 . 2004-10-12 20:42    262144    ----a-w-    h:\windows\system32\TomsMoComp_ff.dll
    2010-03-24 02:23 . 2004-10-05 22:16    395776    ----a-w-    h:\windows\system32\libmplayer.dll
    2010-03-24 02:23 . 2004-10-04 07:50    112640    ----a-w-    h:\windows\system32\libmpeg2_ff.dll
    2010-03-24 02:23 . 2004-10-12 20:40    2255360    ----a-w-    h:\windows\system32\libavcodec.dll
    2010-03-24 02:23 . 2010-03-24 02:23    --------    d-----w-    h:\program files\Cucusoft
    2010-03-24 00:06 . 2010-03-24 00:06    --------    d-----w-    h:\documents and settings\Luke\Application Data\WinAVI
    2010-03-24 00:06 . 2010-03-24 00:06    --------    d-----w-    h:\program files\WinAVI Video Converter
    2010-03-22 15:45 . 2010-03-22 15:45    --------    d-----w-    h:\program files\MSECache

    .
    ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-04-15 08:08 . 2010-02-04 20:42    --------    d-----w-    h:\program files\Windows Media Connect 2
    2010-04-15 06:52 . 2009-09-16 05:01    --------    d-----w-    h:\program files\Microsoft
    2010-04-15 02:52 . 2010-01-13 09:09    0    ----a-w-    h:\documents and settings\Luke\Local Settings\Application Data\prvlcl.dat
    2010-04-13 08:23 . 2010-01-12 01:54    --------    d-----w-    h:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
    2010-04-13 05:22 . 2009-12-25 19:13    3070    ----a-w-    h:\documents and settings\Luke\Application Data\wklnhst.dat
    2010-04-10 03:18 . 2009-09-16 04:03    --------    d-----w-    h:\documents and settings\All Users\Application Data\f-secure
    2010-04-09 21:27 . 2010-01-11 19:23    --------    d-----w-    h:\documents and settings\All Users\Application Data\Lavasoft
    2010-04-09 21:19 . 2010-01-12 10:51    --------    d-----w-    h:\program files\Malwarebytes' 
    Anti-Malware
    2010
    -04-09 02:06 2010-01-12 21:50    --------    d-----w-    h:\program files\CCleaner
    2010
    -04-07 18:49 2009-09-16 20:56    --------    d-----w-    h:\program files\Java
    2010
    -03-30 22:33 2010-03-15 00:59    --------    d-----w-    h:\documents and settings\All Users\Application Data\Nero
    2010
    -03-30 22:33 2010-03-15 00:59    --------    d-----w-    h:\program files\Common Files\Nero
    2010
    -03-30 22:33 2010-03-15 01:00    --------    d-----w-    h:\program files\Nero
    2010
    -03-30 06:46 2010-01-12 10:52    38224    ----a-w-    h:\windows\system32\drivers\mbamswissarmy.sys
    2010
    -03-30 06:45 2010-01-12 10:52    20824    ----a-w-    h:\windows\system32\drivers\mbam.sys
    2010
    -03-29 02:27 2009-10-31 01:14    --------    d-----w-    h:\documents and settings\Luke\Application Data\LimeWire
    2010
    -03-23 06:56 2009-12-09 01:10    --------    d-----w-    h:\program files\iTunes
    2010
    -03-23 06:56 2009-12-09 01:04    --------    d-----w-    h:\documents and settings\All Users\Application Data\Apple Computer
    2010
    -03-23 06:56 2009-12-09 01:00    --------    d-----w-    h:\program files\Common Files\Apple
    2010
    -03-20 19:11 2009-09-16 04:08    40392    ----a-w-    h:\documents and settings\Luke\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2010
    -03-15 02:16 2010-03-15 02:04    --------    d-----w-    h:\documents and settings\Luke\Application Data\Nero
    2010
    -03-14 23:07 2010-03-14 23:07    --------    d-----w-    h:\program files\MSBuild
    2010
    -03-14 23:07 2010-03-14 23:07    --------    d-----w-    h:\program files\Reference Assemblies
    2010
    -03-14 22:41 2009-10-31 01:08    --------    d-----w-    h:\program files\LimeWire
    2010
    -03-13 16:05 2010-02-12 03:30    242696    ----a-w-    h:\windows\system32\drivers\avgtdix.sys
    2010
    -03-13 16:04 2010-03-13 16:04    12464    ----a-w-    h:\windows\system32\avgrsstx.dll
    2010
    -03-13 16:04 2010-02-12 03:30    29512    ----a-w-    h:\windows\system32\drivers\avgmfx86.sys
    2010
    -03-13 16:03 2010-02-12 03:30    216200    ----a-w-    h:\windows\system32\drivers\avgldx86.sys
    2010
    -03-11 12:38 2004-08-04 12:00    832512    ----a-w-    h:\windows\system32\wininet.dll
    2010
    -03-11 12:38 2009-09-16 23:12    78336    ----a-w-    h:\windows\system32\ieencode.dll
    2010
    -03-11 12:38 2004-08-04 12:00    17408    ----a-w-    h:\windows\system32\corpol.dll
    2010
    -03-09 10:28 2009-09-16 20:52    411368    ----a-w-    h:\windows\system32\deploytk.dll
    2010
    -03-08 00:09 2009-09-19 04:29    --------    d-----w-    h:\documents and settings\All Users\Application Data\NOS
    2010
    -03-07 14:19 2010-02-01 22:38    --------    d-----w-    h:\program files\QuickTime
    2010
    -02-23 05:07 2010-02-23 05:07    --------    d-----w-    h:\documents and settings\Luke\Application Data\Media Player Classic
    2010
    -02-23 01:04 2010-02-23 01:04    --------    d-----w-    h:\program files\Microsoft Silverlight
    2010
    -02-11 22:32 2010-02-11 22:32    33408    ----a-w-    h:\windows\system32\drivers\fsbts.sys
    .

    (((((((((((((((((((((((((((((((((((((   
    Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *
    Note* empty entries legit default entries are not shown 
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="h:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
    "WMPNSCFG"="h:\program files\Windows Media Player\WMPNSCFG.exe" [2009-07-14 70656]

    [
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Adobe Reader Speed Launcher"="h:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
    "Adobe ARM"="h:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
    "LifeCam"="h:\program files\Microsoft LifeCam\LifeExp.exe" [2007-01-12 275800]
    "SunJavaUpdateSched"="h:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
    "VX3000"="h:\windows\vVX3000.exe" [2009-06-26 757248]
    "SiSPower"="SiSPower.dll" [2005-07-13 49152]
    "SoundMan"="SOUNDMAN.EXE" [2005-08-18 90112]

    h:\documents and settings\All Users\Start Menu\Programs\Startup\
    Utility Tray.lnk h:\windows\system32\sistray.exe [2009-9-15 262144]

    [
    HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
    2010-03-13 16:04    12464    ----a-w-    h:\windows\system32\avgrsstx.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @=
    "Service"

    [HKLM\~\startupfolder\H:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
    path=h:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
    backup
    =h:\windows\pss\Microsoft Office.lnkCommon Startup
    backupExtension
    =Common Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    2008-04-14 11:42    1695232    ------w-    h:\program files\Messenger\msmsgs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
    2009-03-05 23:07    2260480    --sha-r-    h:\program files\Spybot Search Destroy\TeaTimer.exe

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "h:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "h:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "h:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
    "h:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
    "h:\\Program Files\\LimeWire\\LimeWire.exe"=
    "h:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
    "h:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
    "h:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
    "h:\\WINDOWS\\system32\\mmc.exe"=

    [
    HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"3389:TCP:@xpsp2res.dll,-22009

    R0 Lbd
    ;Lbd;h:\windows\system32\drivers\Lbd.sys [4/9/2010 3:47 PM 64288]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86;h:\windows\system32\drivers\avgldx86.sys [2/11/2010 9:30 PM 216200]
    R1 AvgTdiX;AVG Free Network Redirector;h:\windows\system32\drivers\avgtdix.sys [2/11/2010 9:30 PM 242696]
    R2 avg9emc;AVG Free E-mail Scanner;h:\program files\AVG\AVG9\avgemc.exe [3/13/2010 10:03 AM 916760]
    R2 avg9wd;AVG Free WatchDog;h:\program files\AVG\AVG9\avgwdsvc.exe [3/13/2010 10:04 AM 308064]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;h:\program files\Lavasoft\Ad-Aware\AAWService.exe [12/2/2009 7:19 AM 1181328]
    .
    Contents of the 'Scheduled Tasks' folder

    2010
    -04-16 h:\windows\Tasks\Ad-Aware Update (Daily 1).job
    h:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 21:43]

    2010-04-16 h:\windows\Tasks\Ad-Aware Update (Daily 2).job
    h:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 21:43]

    2010-04-16 h:\windows\Tasks\Ad-Aware Update (Daily 3).job
    h:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 21:43]

    2010-04-16 h:\windows\Tasks\Ad-Aware Update (Daily 4).job
    h:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 21:43]

    2010-04-16 h:\windows\Tasks\Ad-Aware Update (Weekly).job
    h:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 21:43]

    2010-04-14 h:\windows\Tasks\AppleSoftwareUpdate.job
    h:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34]

    2009-10-10 h:\windows\Tasks\Microsoft_Hardware_Launch_LifeExp_exe.job
    h:\program files\Microsoft LifeCam\LifeExp.exe [2007-01-12 23:48]
    .
    .
    ------- 
    Supplementary Scan -------
    .
    uStart Page hxxp://www.facebook.com/
    mWindow Title Internet Explorer Provided by SHAW Internet
    FF 
    ProfilePath h:\documents and settings\Luke\Application Data\Mozilla\Firefox\Profiles\vpl06abi.default\
    FF prefs.jsbrowser.search.selectedEngine 
    FF prefs.jsbrowser.startup.homepage hxxp://www.sympatico.msn.ca/
    FF prefs.jskeyword.URL hxxp://ca.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_ca&p=
    FF componenth:\program files\AVG\AVG9\Firefox\components\avgssff.dll
    FF 
    HiddenExtensionMicrosoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - h:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
    .
    - - - - 
    ORPHANS REMOVED - - - -

    Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    Toolbar-Locked - (no file)
    WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista rootkit/stealth malware detector by Gmerhttp://www.gmer.net
    Rootkit scan 2010-04-16 00:29
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes 
    ...  

    scanning hidden autostart entries ... 

    scanning hidden files ...  

    scan completed successfully
    hidden files
    0

    **************************************************************************
    .
    --------------------- 
    DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 
    'explorer.exe'(3464)
    h:\windows\system32\WININET.dll
    h
    :\windows\system32\ieframe.dll
    h
    :\windows\system32\WPDShServiceObj.dll
    h
    :\windows\system32\PortableDeviceTypes.dll
    h
    :\windows\system32\PortableDeviceApi.dll
    .
    Completion time2010-04-16  00:32:48
    ComboFix
    -quarantined-files.txt  2010-04-16 06:32

    Pre
    -Run120,661,106,688 bytes free
    Post
    -Run120,680,722,432 bytes free

    WindowsXP
    -KB310994-SP2-Home-BootDisk-ENU.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    h:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi
    (0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

    - - End Of File - - 74E118DE3890D857AA5F0F70EF4995AC 
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2010
    Location
    Edmonton, Canada
    Posts
    8
    Rep Power
    0
    This is my Hijackthis Log


    PHP Code:
    Logfile of Trend Micro HijackThis v2.0.3 (BETA)
    Scan saved at 12:47:40 AMon 4/16/2010
    Platform
    Windows XP SP3 (WinNT 5.01.2600)
    MSIEInternet Explorer v7.00 (7.00.6000.17023)
    Boot modeNormal

    Running processes
    :
    H:\WINDOWS\System32\smss.exe
    H
    :\WINDOWS\system32\winlogon.exe
    H
    :\WINDOWS\system32\services.exe
    H
    :\WINDOWS\system32\lsass.exe
    H
    :\WINDOWS\system32\svchost.exe
    H
    :\WINDOWS\System32\svchost.exe
    H
    :\Program Files\AVG\AVG9\avgchsvx.exe
    H
    :\Program Files\AVG\AVG9\avgrsx.exe
    H
    :\Program Files\AVG\AVG9\avgcsrvx.exe
    H
    :\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    H
    :\WINDOWS\system32\spoolsv.exe
    H
    :\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    H
    :\Program Files\AVG\AVG9\avgwdsvc.exe
    H
    :\Program Files\Java\jre6\bin\jqs.exe
    h
    :\Program Files\Microsoft LifeCam\MSCamS32.exe
    H
    :\Program Files\Common Files\Java\Java Update\jusched.exe
    H
    :\WINDOWS\system32\spupdsvc.exe
    H
    :\WINDOWS\SOUNDMAN.EXE
    H
    :\PROGRA~1\AVG\AVG9\avgtray.exe
    H
    :\WINDOWS\system32\svchost.exe
    H
    :\WINDOWS\system32\ctfmon.exe
    H
    :\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    H
    :\Program Files\AVG\AVG9\avgemc.exe
    H
    :\Program Files\AVG\AVG9\avgnsx.exe
    H
    :\Program Files\AVG\AVG9\avgcsrvx.exe
    H
    :\WINDOWS\system32\sistray.exe
    H
    :\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    H
    :\WINDOWS\system32\cmd.exe
    H
    :\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    H
    :\WINDOWS\system32\wuauclt.exe
    H
    :\WINDOWS\explorer.exe
    H
    :\Program Files\Spybot Search Destroy\TeaTimer.exe
    H
    :\WINDOWS\system32\msiexec.exe
    H
    :\Program Files\Internet Explorer\iexplore.exe
    H
    :\Program Files\Windows Live\Messenger\msnmsgr.exe
    H
    :\WINDOWS\system32\wuauclt.exe
    H
    :\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

    R0 
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page http://www.facebook.com/
    R1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL http://go.microsoft.com/fwlink/?LinkId=69157
    R1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL http://go.microsoft.com/fwlink/?LinkId=54896
    R1 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page http://go.microsoft.com/fwlink/?LinkId=54896
    R0 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page http://go.microsoft.com/fwlink/?LinkId=69157
    O2 BHOAcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 
    BHOWormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - H:\Program Files\AVG\AVG9\avgssie.dll
    O2 
    BHOSpybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 
    BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 BHOWindows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 
    BHOJava(tmPlug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 
    BHOJQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 
    HKLM\..\Run: [Adobe Reader Speed Launcher"H:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 HKLM\..\Run: [Adobe ARM"H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 HKLM\..\Run: [LifeCam"h:\Program Files\Microsoft LifeCam\LifeExp.exe"
    O4 HKLM\..\Run: [SunJavaUpdateSched"H:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 HKLM\..\Run: [VX3000H:\WINDOWS\vVX3000.exe
    O4 
    HKLM\..\Run: [SiSPowerRundll32.exe SiSPower.dll,ModeAgent
    O4 
    HKLM\..\Run: [SoundManSOUNDMAN.EXE
    O4 
    HKCU\..\Run: [msnmsgr"H:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 
    HKCU\..\Run: [WMPNSCFGH:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 
    - Global StartupUtility Tray.lnk H:\WINDOWS\system32\sistray.exe
    O9 
    Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 
    Extra 'Tools' menuitemSpybot Search Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 
    Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 
    Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 
    Extra buttonMessenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
    O9 
    Extra 'Tools' menuitemWindows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
    O16 
    DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab
    O16 DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    O16 DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
    O16 DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
    O18 Protocollinkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - H:\Program Files\AVG\AVG9\avgpp.dll
    O20 
    Winlogon Notifyavgrsstarter avgrsstx.dll (file missing)
    O22 SharedTaskSchedulerBrowseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\system32\browseui.dll
    O22 
    SharedTaskSchedulerComponent Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\system32\browseui.dll
    O23 
    ServiceApple Mobile Device Apple Inc. - H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 
    ServiceAVG Free E-mail Scanner (avg9emc) - AVG Technologies CZs.r.o. - H:\Program Files\AVG\AVG9\avgemc.exe
    O23 
    ServiceAVG Free WatchDog (avg9wd) - AVG Technologies CZs.r.o. - H:\Program Files\AVG\AVG9\avgwdsvc.exe
    O23 
    ServiceJava Quick Starter (JavaQuickStarterService) - Sun MicrosystemsInc. - H:\Program Files\Java\jre6\bin\jqs.exe
    O23 
    ServiceLavasoft Ad-Aware Service Lavasoft H:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

    --
    End of file 6557 bytes 
  6. #4
  7. They're coming to take me away

    Join Date
    Jan 2005
    Location
    Florida
    Posts
    5,103
    Rep Power
    5049
    Originally Posted by lukeylikesit
    I'm having problems sharing my media with WPM 11 so i ran Combo-fix and Hijackthis but i have no clue how to read it

    i have windows xp SP3 home
    and i was told to run those by a friend and to find a forum where some one knows how to read them

    can anyone help me out?
    What sort of problems are you having? Not being able to share doesn't mean you have an infection. You need to give more details into why you think this is an infection issue.. what problems you're having.. what you've tried... any error messages... etc.
    "I don't need to get a life. I'm a gamer. I have lots of lives!"
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2010
    Location
    Edmonton, Canada
    Posts
    8
    Rep Power
    0
    i run WMP 11 then i click the drop down menu under library then click on "media sharing..."

    then media sharing box pops up
    i then check the box that says share my media and then click ok

    the second media sharing box pops up and it dose not have any divices to check
    i check the box share my media to box and when i click "ok" "cancel" or "apply" nothing happens
    i click the X at the top and still nothing
    something will only happen when i click the "settings" button BUT
    it frezees right away and a:

    Windows Media Player has encountered a problem and needs to close. We are sorry for the inconvenience.
    Error signature:
    AppName: wmplayer.exe AppVer: 11.0.5721.5145 ModName: ntdll.dll
    ModVer: 5.1.2600.5755 Offset: 0000120e

    so i close that one and another one pops up

    DrWatson Postmortem Debugger has encountered a problem and needs to close. We are sorry for the inconvenience.
    Error signature:
    EventType : BEX P1 : drwtsn32.exe P2 : 5.1.2600.0 P3 : 3b7d84a2
    P4 : dbghelp.dll P5 : 5.1.2600.5512 P6 : 4802a0b2 P7 : 0001295d
    P8 : c0000409 P9 : 00000000

    and the only way to close down WMP 11 is to use Ctrl+Alt+Delete and end it

    ok one other note:
    when i'm installing WMP 11 i do get 3 error pop up boxes how ever it still fully installs and works fine the only thing i have probpems with is media sharing
    the pop up errors are in order the appear

    H:\Program Files\Windows Media Player\wmpnetwk.exe is not a walid Win32 application

    H:\Program Files\Windows Media Player\wmpenc.exe is not a walid Win32 application

    H:\Program Files\Windows Media Player\wmpenc.exe is not a walid Win32 application

    and the only option is to click ok

    i hope this helps you understand my problem
    and thanks for taking your time

IMN logo majestic logo threadwatch logo seochat tools logo