hey guys at securitywonks.net, i was using the software Freefixer becuase i was told by the program bazooka that it would help me get rid of malware and crap i dont need on my computer. Here is the log file generated by the program Freefixer:




FreeFixer v0.25 log
http://www.freefixer.com/
Operating system: Windows XP Service Pack 2
Log dated 2007-11-23 18:17


Winlogon Notify (9 whitelisted)
WgaLogon - C:\WINDOWS\system32\WgaLogon.dll

Transport service providers (4 whitelisted)
{A97F931E-D384-40EF-89CC-377BA6A267A3} - C:\WINDOWS\system32\imon.dll
{68F423CE-1CF2-4866-8C4B-49A470F42458} - C:\WINDOWS\system32\imon.dll
{1D686282-0E2D-4095-96DB-F53B4001037C} - C:\WINDOWS\system32\imon.dll
{93721B14-1084-4A9A-8E1C-4C59A118EC7B} - C:\WINDOWS\system32\imon.dll
{10B96D22-6135-4E93-A5DC-4A24BB83F1DC} - C:\WINDOWS\system32\imon.dll
{C4CADDF6-BEF3-447F-A888-75623F837F3F} - C:\WINDOWS\system32\imon.dll
{610C540F-14C3-4E3C-98CD-3585F0D60C22} - C:\WINDOWS\system32\imon.dll
{0D21606C-9576-4AC5-B11A-609BC1961EBE} - C:\WINDOWS\system32\imon.dll
{28A4D8DA-E908-4C6F-A926-A66CC7AD3224} - C:\WINDOWS\system32\imon.dll

Browser Helper _object_s
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}, Adobe PDF Reader _link_ Helper, C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}, , No file specified
{53707962-6F74-2D53-2644-206D7942484F}, , C:\PROGRA~1\SPYBOT~1\SDHelper.dll
{5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB}, , No file specified
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}, Groove GFS Browser Helper, F:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}, SSVHelper Class, C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
{7E853D72-626A-48EC-A868-BA8D5E23E045}, , No file specified

Internet Explorer toolbars (2 whitelisted)
HKLM\..\Toolbar\{E0E899AB-F487-11D5-8D29-0050BA6940E3} - FlashGet Bar - C:\PROGRA~1\FlashGet\fgiebar.dll
HKCU\..\Toolbar\ShellBrowser\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - - No file specified
HKCU\..\Toolbar\ShellBrowser\{C4069E3A-68F1-403E-B40E-20066696354B} - - No file specified
HKCU\..\Toolbar\WebBrowser\{F2CF5485-4E02-4F68-819C-B92DE9277049} - &_link_s - C:\WINDOWS\system32\ie_frame_.dll

Basic Internet Explorer settings
HKCU\..\Main, Start Page = http://www.google.com/
HKLM\..\Main, Start Page = http://go.microsoft.com/fw_link_/?_link_Id=69157
HKLM\..\Main, Search Page = http://go.microsoft.com/fw_link_/?_link_Id=54896
HKLM\..\Main, Default_Page_URL = http://go.microsoft.com/fw_link_/?_link_Id=69157
HKLM\..\Main, Default_Search_URL = http://go.microsoft.com/fw_link_/?_link_Id=54896

Registry Startups (1 whitelisted)
HKLM\..\Run, NeroCheck = C:\WINDOWS\system32\NeroCheck.exe
HKLM\..\Run, UpdReg = C:\WINDOWS\UpdReg.EXE
HKLM\..\Run, SiS Tray = C:\WINDOWS\system32\sistray.EXE
HKLM\..\Run, NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\..\Run, nwiz = nwiz.exe /install
HKLM\..\Run, CTSysVol = f:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe /r
HKLM\..\Run, CTDVDDET = f:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
HKLM\..\Run, SBDrvDet = C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
HKLM\..\Run, SunJavaUpdateSched = "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
HKLM\..\Run, GrooveMonitor = "F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\..\Run, WinampAgent = f:\Program Files\Winamp\winampa.exe
HKLM\..\Run, QuickTime Task = "C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKLM\..\Run, nod32kui = "f:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
HKLM\..\Run, NvMediaCenter = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\..\Run, CTHelper = CTHELPER.EXE
HKLM\..\Run, CTxfiHlp = CTXFIHLP.EXE
HKLM\..\Run, NeroFilterCheck = C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
HKLM\..\Run, NBKeyScan = "F:\Program Files\Nero 8\Nero BackItUp\NBKeyScan.exe"
HKLM\..\Run, cFosSpeed = F:\Program Files\cFosSpeed\cFosSpeed.exe
HKCU\..\Run, msnmsgr = "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
HKCU\..\Run, BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} = "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"

Autostart shortcuts
GA311 Smart Wizard Utility.lnk, , C:\Program Files\NETGEAR GA311 Adapter\GA311.exe
Utility Tray.lnk, , C:\WINDOWS\system32\sistray.exe

Processes (17 whitelisted)
C:\WINDOWS\system32\sistray.EXE
F:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
F:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
F:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\QTTask.exe
F:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\CTHELPER.EXE
F:\Program Files\cFosSpeed\cFosSpeed.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
F:\Program Files\cFosSpeed\spd.exe
C:\Program Files\NETGEAR GA311 Adapter\GA311.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
F:\Program Files\Nero 8\Nero BackItUp\NBService.exe
f:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
F:\Program Files\FreeFixer\freefixer.exe

Application modules (49 whitelisted)
C:\WINDOWS\system32\ie_frame_.dll
C:\WINDOWS\system32\iertutil.dll
C:\WINDOWS\system32\Normaliz.dll
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\pdm.dll
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\msdbg2.dll
C:\WINDOWS\system32\ctagent.dll

Services (37 whitelisted)
cFosSpeedS, cFosSpeed System Service, f:\program files\cfosspeed\spd.exe
Creative Service for CDROM Access, Creative Service for CDROM Access, c:\windows\system32\ctsvccda.exe
MDM, Machine Debug Manager, c:\program files\common files\microsoft shared\vs7debug\mdm.exe
Nero BackItUp Scheduler 3, Nero BackItUp Scheduler 3, f:\program files\nero 8\nero backitup\nbservice.exe
NOD32krn, NOD32 Kernel Service, f:\program files\eset\nod32krn.exe
NVSvc, NVIDIA Display Driver Service, c:\windows\system32\nvsvc32.exe
PavPrSrv, Panda Process Protection Service, c:\program files\common files\panda software\pavshld\pavprsrv.exe
WMDM PMSP Service, WMDM PMSP Service, c:\windows\system32\mspmspsv.exe

Drivers (68 whitelisted)
AMON, AMON, C:\WINDOWS\system32\drivers\amon.sys
aslm75, aslm75, c:\windows\system32\drivers\aslm75.sys
eeCtrl, Symantec Eraser Control driver, c:\program files\common files\symantec shared\eengine\eectrl.sys
enodpl, enodpl, C:\WINDOWS\system32\drivers\enodpl.sys
IOPort, IOPort, c:\windows\system32\drivers\ioport.sys
LANPkt, Realtek LANPkt Protocol, C:\WINDOWS\system32\drivers\lanpkt.sys
nod32drv, nod32drv, C:\WINDOWS\system32\drivers\nod32drv.sys
PavProc, Panda Process Protection Driver, c:\windows\system32\drivers\pavproc.sys
PxHelp20, , C:\WINDOWS\system32\drivers\pxhelp20.sys
SbcpHid, SbcpHid, c:\windows\system32\drivers\sbcphid.sys
sdpiosys, , C:\WINDOWS\system32\drivers\sdpiosys.sys
Secdrv, Secdrv, C:\WINDOWS\system32\drivers\secdrv.sys
sfdrv01, StarForce Protection Environment Driver (version 1.x), C:\WINDOWS\system32\drivers\sfdrv01.sys
sfhlp02, StarForce Protection Helper Driver (version 2.x), C:\WINDOWS\system32\drivers\sfhlp02.sys
sfsync02, StarForce Protection Synchronization Driver (version 2.x), C:\WINDOWS\system32\drivers\sfsync02.sys
sisagp, SiS AGP Filter, C:\WINDOWS\system32\drivers\sisagpx.sys
SiSide, , C:\WINDOWS\system32\drivers\siside.sys
sisperf, Add Performance Filter Driver, C:\WINDOWS\system32\drivers\sisperf.sys
sptd, , C:\WINDOWS\system32\drivers\sptd.sys
An error occurred when trying to open the file for reading.
Filename: 'C:\WINDOWS\system32\drivers\sptd.sys'.
Current Working Directory: 'F:\Program Files\FreeFixer\'.
System error message: The process cannot access the file because it is being used by another process.

C++ exception: ios__base_::failbit set
tandpl, tandpl, C:\WINDOWS\system32\drivers\tandpl.sys



I would love any feedback and/or help from anyone who knows what they are doing. Thanks a bunch

Hello eclipse88

we will get back soon, waiting to get fix in forum (backslashes are getting stripped in the message which makes it difficult to distinguish different aspects of the freefixer log).

will get back soon, thanks for your interest in freefixer, we will not disappoint you,

SecurityWonks

Dear Eclipse,

finally, I had fixed myself the BACKSLASHES error, and had analysed your log after that,

I specifically find no things that ALARM up, I didnot find any much suspicious files in your freefixer log.

feel free to post in if you specifically were facing any trouble?

thanks for the wait, we are fixing incompatibilities, things were getting up and fine,

feel free to post if you like to convey further or share your thoughts about any malicious behaviour that you may find on your computer,

um so far my computer is runnin nice n clean, i was just wonderin if there were things that i shouldve deleted. if all is good then i thank u for ur time n effort

nice to hear it, feel free to post in here whenever you find trouble with your computer,

all the best