 Log By Combofix Downloader.delf.12.an Problem |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.  |
 Jul 3 2008, 05:33 AM
Post
#1
|
|
|
New Member  Group: Members Posts: 1 Joined: 3-July 08 Member No.: 220,170  |
This is the log file i've receved from combofix setup. oul'you please verify that and help me? Thank you in advance. Regard. Antonio. LOG: ComboFix 08-07-01.3 - cbargagn 2008-07-03 10:32:53.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1040.18.191 [GMT 2:00] Eseguito da: C:\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Creati Da 2008-06-03 al 2008-07-03 ))))))))))))))))))))))))))))))))))) . 2008-07-02 17:28 . 2008-07-02 17:29 2,168,192 --a------ C:\ComboFix.exe 2008-07-02 14:54 . 2008-07-02 14:57 25,230,635 --a------ C:\u7iavi1530p6.bin 2008-07-02 13:46 . 2008-07-02 12:43 51,221,523 --a------ C:\5329xdat.exe 2008-07-02 11:04 . 2008-07-02 11:04 <DIR> d-------- C:\dat-5328 2008-07-02 11:04 . 2008-07-01 18:18 30,139,904 --a------ C:\dat-5328.zip 2008-07-02 10:48 . 2008-07-02 10:48 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\Grisoft 2008-07-01 16:51 . 2006-09-05 18:03 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2008-07-01 15:25 . 2008-07-01 15:25 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\2BrightSparks 2008-06-30 05:20 . 2008-06-30 05:20 31,755,454 --a------ C:\scan.dat 2008-06-30 05:20 . 2008-06-30 05:20 1,726,389 --a------ C:\clean.dat 2008-06-30 05:20 . 2008-06-30 05:20 878,903 --a------ C:\names.dat 2008-06-30 05:20 . 2008-06-30 05:20 51,200 --a------ C:\validate.exe 2008-06-30 05:20 . 2008-06-30 05:20 839 --a------ C:\packing.lst 2008-06-30 05:20 . 2008-06-30 05:20 714 --a------ C:\pkgdesc.ini 2008-06-27 15:49 . 2008-06-27 15:49 122,502 --a------ C:\MamutuSetup.exe 2008-06-27 15:36 . 2008-06-27 15:37 6,416,408 --a------ C:\SUPERAntiSpywarePro.exe 2008-06-27 15:11 . 2008-06-27 15:11 2,460,160 --a------ C:\vnlt6301.exe 2008-06-27 14:21 . 2008-06-27 14:10 13,380,712 --a------ C:\sdsetup.exe 2008-06-26 17:50 . 2008-06-26 17:50 <DIR> d-------- C:\Documents and Settings\cbargagn\Dati applicazioni\SpywareRemover 2008-06-26 17:25 . 2008-06-26 18:07 <DIR> d-------- C:\Programmi\NoAdware5.0 2008-06-26 17:14 . 2008-06-26 18:05 <DIR> d-------- C:\Programmi\XoftSpySE 2008-06-26 15:07 . 2008-06-26 15:07 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\SUPERAntiSpyware.com 2008-06-26 15:05 . 2008-06-27 18:00 <DIR> d-------- C:\Programmi\SUPERAntiSpyware 2008-06-26 15:05 . 2008-06-27 18:00 <DIR> d-------- C:\Documents and Settings\cbargagn\Dati applicazioni\SUPERAntiSpyware.com 2008-06-26 12:26 . 2008-06-27 16:12 <DIR> d-------- C:\Programmi\Google 2008-06-26 11:46 . 2008-06-27 17:04 <DIR> d-------- C:\VEXPLITE 2008-06-26 11:46 . 2008-03-17 19:23 39,808 --a------ C:\WINDOWS\system32\drivers\VIRAGTLT.SYS 2008-06-25 17:50 . 2008-06-26 12:58 <DIR> d-------- C:\Programmi\a-squared Free 2008-06-25 17:14 . 2008-06-27 18:00 <DIR> d-a------ C:\Documents and Settings\All Users\Dati applicazioni\TEMP 2008-06-25 14:25 . 2008-07-02 17:43 <DIR> d--h----- C:\$AVG8.VAULT$ 2008-06-25 13:53 . 2008-07-02 16:08 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys 2008-06-25 13:53 . 2008-07-02 16:08 76,040 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys 2008-06-25 13:53 . 2008-07-02 16:08 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll 2008-06-25 13:52 . 2008-07-03 08:11 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg 2008-06-25 13:52 . 2008-06-25 13:52 <DIR> d-------- C:\Programmi\AVG 2008-06-25 13:52 . 2008-06-25 13:52 <DIR> d-------- C:\Documents and Settings\All Users\Dati applicazioni\avg8 2008-06-25 13:24 . 2008-06-25 13:38 316,640 --a------ C:\WINDOWS\WMSysPr9.prx 2008-06-25 13:15 . 2004-07-17 11:40 19,528 --a------ C:\WINDOWS\002298_.tmp 2008-06-25 13:14 . 2004-08-03 22:43 15,872 --a------ C:\WINDOWS\system32\spupdsvc.exe 2008-06-25 12:50 . 2008-05-27 21:50 48,347,376 --a------ C:\avg_free_stf_all_8_100a1295.exe 2008-06-25 12:33 . 2008-02-20 11:29 188 --a------ C:\web_login.url 2008-06-25 12:32 . 2008-06-25 12:32 <DIR> d-------- C:\WINDOWS\Start Menu 2008-06-25 12:32 . 2008-06-25 12:32 <DIR> d-------- C:\WINDOWS\Favorites 2008-06-25 12:32 . 2008-06-25 12:32 <DIR> d-------- C:\Identities 2008-06-25 12:32 . 2008-06-25 12:32 <DIR> d-------- C:\Collegamenti 2008-06-25 11:45 . 2008-06-25 11:45 <DIR> d-------- C:\Documents and Settings\administrator.DOLE.IT.MIL\Dati applicazioni\PC Suite . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-26 11:36 --------- d-----w C:\Programmi\File comuni\Adobe 2008-06-18 13:19 --------- d-----w C:\Documents and Settings\cbargagn\Dati applicazioni\AdobeUM 2008-06-06 07:01 --------- d-----w C:\Documents and Settings\cbargagn\Dati applicazioni\Nokia Multimedia Player 2007-03-19 13:46 17,408 ----a-w C:\Programmi\misura stanze.xls 2006-10-26 08:23 16,752 ----a-w C:\Documents and Settings\cbargagn\Dati applicazioni\GDIPFONTCACHEV1.DAT . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* i valori vuoti & legittimi/default non sono visualizzati. [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A7A0AB52-99D6-4EAD-99B4-C5817F4CAF35}] 2008-03-04 17:44 91904 --a------ C:\WINDOWS\System32\EqnClas.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:39 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="C:\Programmi\Analog Devices\Core\smax4pnp.exe" [2004-10-14 14:42 1404928] "ShStatEXE"="C:\Programmi\Network Associates\VirusScan\SHSTAT.EXE" [2004-09-22 08:00 98304] "QuickTime Task"="C:\Programmi\QuickTime\qttask.exe" [2006-12-10 11:09 282624] "PCSuiteTrayApplication"="C:\Programmi\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 13:20 227328] "McAfeeUpdaterUI"="C:\Programmi\McAfee\Common Framework\UdaterUI.exe" [2007-10-25 16:06 136512] "igfxtray"="C:\WINDOWS\System32\igfxtray.exe" [2005-09-20 10:35 94208] "igfxpers"="C:\WINDOWS\System32\igfxpers.exe" [2005-09-20 10:36 114688] "igfxhkcmd"="C:\WINDOWS\System32\hkcmd.exe" [2005-09-20 10:32 77824] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-07-02 16:08 1232152] "Adobe Reader Speed Launcher"="C:\Programmi\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "!AVG Anti-Spyware"="C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2008-07-01 17:01 6731312] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2004-08-19 15:39 15360] "Nokia.PCSync"="C:\Programmi\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 15:58 1744896] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\disallowrun] "1"= msmsgs "2"= msmsgs.exe "3"= msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-707402437-1915618803-922709458-1099\Scripts\Logon\0\0] "Script"=\\milsrv11\NETLOGON\ITAexpl\ITAexpl.cmd [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-707402437-1915618803-922709458-1146\Scripts\Logon\0\0] "Script"=\\milsrv11\NETLOGON\ITAexpl\ITAexpl.cmd [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= R0 utncqkcu;utncqkcu;C:\WINDOWS\system32\drivers\hubysnlu.dat [] R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-07-02 16:08] R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-07-02 16:08] R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-07-02 16:08] R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-07-02 16:08] *Newly Created Service* - CATCHME . Contenuto della cartella 'Scheduled Tasks' "2008-07-03 01:00:00 C:\WINDOWS\Tasks\SpywareRemover Scheduled Scan.job" - C:\Programmi\SpywareRemover\SpywareRemover.ex - C:\Programmi\SpywareRemover . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-03 10:35:02 Windows 5.1.2600 Service Pack 2 NTFS scansione processi nascosti ... scansione entrate autostart nascoste ... Scansione files nascosti ... Scansione completata con successo Files nascosti: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\utncqkcu] "ImagePath"="system32\drivers\hubysnlu.dat" . Ora fine scansione: 2008-07-03 10:35:55 ComboFix-quarantined-files.txt 2008-07-03 08:35:51 ComboFix2.txt 2008-07-02 15:45:28 ComboFix3.txt 2008-07-02 15:35:21 17 Directory 70,791,589,888 byte disponibili 21 Directory 70,799,298,560 byte disponibili 129 |
 |
 
|
|
Jul 3 2008, 06:14 AM
Post
#2
|
|
|
arachibutyrophobia Group: BC Advisor Posts: 4,187 Joined: 4-March 05 From: Northern CA. Member No.: 13,532 |
ComboFix logs should not to be posted outside the HijackThis forums. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.
Please create a new topic explaining the nature of your problem. Describe pop-ups and system tray or desktop icons that have appeared. Explain what is "going wrong" with your computer. Note any tools you have used and their respective results. If needed, we will direct you to our HJT Preparation Guide. Thank you for using BleepingComputer as your malware removal source. I will contact a moderator to have this topic closed. dc3 -------------------- May we please have a little chlorine in the gene pool?
|
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 7th September 2008 - 06:34 AM |
© 2003-2008 All Rights Reserved Bleeping Computer LLC.