Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help For Combofix Log


  • This topic is locked This topic is locked
2 replies to this topic

#1 rokazawa

rokazawa

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 25 February 2008 - 07:03 PM

Hello,

I am not familiar with this problem, when I try to execute the avg.exe I receceive the following error "AVGW.EXE IS NOT VALID WIN32 APPLICATION" , so that I had executed the combofix and I am sending the log for your help.



ComboFix 08-02-25.3 - rokazawa 2008-02-25 20:38:33.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1477 [GMT -3:00]
Running from: C:\Software\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\drivers\down
.
---- Previous Run -------
.
C:\Program Files\screensavers.com
C:\Program Files\screensavers.com\SSSInst\bin\SSSUninst.exe
C:\Program Files\screensavers.com\Wallpaper\swpstart.exe
C:\WINDOWS\install.exe
C:\WINDOWS\system32\drivers\down
C:\WINDOWS\system32\drivers\down\104015.exe
C:\WINDOWS\system32\drivers\down\110375.exe
C:\WINDOWS\system32\drivers\down\111046.exe
C:\WINDOWS\system32\drivers\down\113031.exe
C:\WINDOWS\system32\drivers\down\116640.exe
C:\WINDOWS\system32\drivers\down\116765.exe
C:\WINDOWS\system32\drivers\down\119828.exe
C:\WINDOWS\system32\drivers\down\120578.exe
C:\WINDOWS\system32\drivers\down\122421.exe
C:\WINDOWS\system32\drivers\down\123390.exe
C:\WINDOWS\system32\drivers\down\125531.exe
C:\WINDOWS\system32\drivers\down\128031.exe
C:\WINDOWS\system32\drivers\down\132390.exe
C:\WINDOWS\system32\drivers\down\135750.exe
C:\WINDOWS\system32\drivers\down\135953.exe
C:\WINDOWS\system32\drivers\down\137046.exe
C:\WINDOWS\system32\drivers\down\137593.exe
C:\WINDOWS\system32\drivers\down\139046.exe
C:\WINDOWS\system32\drivers\down\140859.exe
C:\WINDOWS\system32\drivers\down\142609.exe
C:\WINDOWS\system32\drivers\down\144031.exe
C:\WINDOWS\system32\drivers\down\144062.exe
C:\WINDOWS\system32\drivers\down\146703.exe
C:\WINDOWS\system32\drivers\down\14783656.exe
C:\WINDOWS\system32\drivers\down\14785531.exe
C:\WINDOWS\system32\drivers\down\14788203.exe
C:\WINDOWS\system32\drivers\down\14826796.exe
C:\WINDOWS\system32\drivers\down\148375.exe
C:\WINDOWS\system32\drivers\down\14838281.exe
C:\WINDOWS\system32\drivers\down\14840765.exe
C:\WINDOWS\system32\drivers\down\14842906.exe
C:\WINDOWS\system32\drivers\down\14856078.exe
C:\WINDOWS\system32\drivers\down\14859859.exe
C:\WINDOWS\system32\drivers\down\14865718.exe
C:\WINDOWS\system32\drivers\down\14865781.exe
C:\WINDOWS\system32\drivers\down\14867296.exe
C:\WINDOWS\system32\drivers\down\14881171.exe
C:\WINDOWS\system32\drivers\down\14897625.exe
C:\WINDOWS\system32\drivers\down\14899312.exe
C:\WINDOWS\system32\drivers\down\14900625.exe
C:\WINDOWS\system32\drivers\down\14908515.exe
C:\WINDOWS\system32\drivers\down\14913421.exe
C:\WINDOWS\system32\drivers\down\149281.exe
C:\WINDOWS\system32\drivers\down\14937125.exe
C:\WINDOWS\system32\drivers\down\14945296.exe
C:\WINDOWS\system32\drivers\down\149468.exe
C:\WINDOWS\system32\drivers\down\14972562.exe
C:\WINDOWS\system32\drivers\down\14988015.exe
C:\WINDOWS\system32\drivers\down\14997750.exe
C:\WINDOWS\system32\drivers\down\150046.exe
C:\WINDOWS\system32\drivers\down\15007984.exe
C:\WINDOWS\system32\drivers\down\15012437.exe
C:\WINDOWS\system32\drivers\down\15030203.exe
C:\WINDOWS\system32\drivers\down\15048156.exe
C:\WINDOWS\system32\drivers\down\15049437.exe
C:\WINDOWS\system32\drivers\down\15053515.exe
C:\WINDOWS\system32\drivers\down\15060968.exe
C:\WINDOWS\system32\drivers\down\15065609.exe
C:\WINDOWS\system32\drivers\down\15108593.exe
C:\WINDOWS\system32\drivers\down\15112593.exe
C:\WINDOWS\system32\drivers\down\151765.exe
C:\WINDOWS\system32\drivers\down\153218.exe
C:\WINDOWS\system32\drivers\down\154609.exe
C:\WINDOWS\system32\drivers\down\155171.exe
C:\WINDOWS\system32\drivers\down\157250.exe
C:\WINDOWS\system32\drivers\down\158078.exe
C:\WINDOWS\system32\drivers\down\159890.exe
C:\WINDOWS\system32\drivers\down\160953.exe
C:\WINDOWS\system32\drivers\down\161000.exe
C:\WINDOWS\system32\drivers\down\161625.exe
C:\WINDOWS\system32\drivers\down\162828.exe
C:\WINDOWS\system32\drivers\down\162875.exe
C:\WINDOWS\system32\drivers\down\165171.exe
C:\WINDOWS\system32\drivers\down\169515.exe
C:\WINDOWS\system32\drivers\down\169718.exe
C:\WINDOWS\system32\drivers\down\172578.exe
C:\WINDOWS\system32\drivers\down\172640.exe
C:\WINDOWS\system32\drivers\down\172687.exe
C:\WINDOWS\system32\drivers\down\173265.exe
C:\WINDOWS\system32\drivers\down\173312.exe
C:\WINDOWS\system32\drivers\down\180515.exe
C:\WINDOWS\system32\drivers\down\180531.exe
C:\WINDOWS\system32\drivers\down\182125.exe
C:\WINDOWS\system32\drivers\down\182265.exe
C:\WINDOWS\system32\drivers\down\183125.exe
C:\WINDOWS\system32\drivers\down\184531.exe
C:\WINDOWS\system32\drivers\down\186093.exe
C:\WINDOWS\system32\drivers\down\186390.exe
C:\WINDOWS\system32\drivers\down\187437.exe
C:\WINDOWS\system32\drivers\down\187921.exe
C:\WINDOWS\system32\drivers\down\189390.exe
C:\WINDOWS\system32\drivers\down\190734.exe
C:\WINDOWS\system32\drivers\down\193515.exe
C:\WINDOWS\system32\drivers\down\200187.exe
C:\WINDOWS\system32\drivers\down\203203.exe
C:\WINDOWS\system32\drivers\down\203265.exe
C:\WINDOWS\system32\drivers\down\205203.exe
C:\WINDOWS\system32\drivers\down\206687.exe
C:\WINDOWS\system32\drivers\down\207187.exe
C:\WINDOWS\system32\drivers\down\207906.exe
C:\WINDOWS\system32\drivers\down\209140.exe
C:\WINDOWS\system32\drivers\down\209250.exe
C:\WINDOWS\system32\drivers\down\209828.exe
C:\WINDOWS\system32\drivers\down\210093.exe
C:\WINDOWS\system32\drivers\down\211734.exe
C:\WINDOWS\system32\drivers\down\213656.exe
C:\WINDOWS\system32\drivers\down\213906.exe
C:\WINDOWS\system32\drivers\down\214375.exe
C:\WINDOWS\system32\drivers\down\214468.exe
C:\WINDOWS\system32\drivers\down\215234.exe
C:\WINDOWS\system32\drivers\down\215875.exe
C:\WINDOWS\system32\drivers\down\216062.exe
C:\WINDOWS\system32\drivers\down\217546.exe
C:\WINDOWS\system32\drivers\down\217953.exe
C:\WINDOWS\system32\drivers\down\220203.exe
C:\WINDOWS\system32\drivers\down\221562.exe
C:\WINDOWS\system32\drivers\down\222453.exe
C:\WINDOWS\system32\drivers\down\222953.exe
C:\WINDOWS\system32\drivers\down\223703.exe
C:\WINDOWS\system32\drivers\down\224593.exe
C:\WINDOWS\system32\drivers\down\224765.exe
C:\WINDOWS\system32\drivers\down\224890.exe
C:\WINDOWS\system32\drivers\down\225609.exe
C:\WINDOWS\system32\drivers\down\225984.exe
C:\WINDOWS\system32\drivers\down\226484.exe
C:\WINDOWS\system32\drivers\down\226531.exe
C:\WINDOWS\system32\drivers\down\226921.exe
C:\WINDOWS\system32\drivers\down\227343.exe
C:\WINDOWS\system32\drivers\down\228968.exe
C:\WINDOWS\system32\drivers\down\229953.exe
C:\WINDOWS\system32\drivers\down\231109.exe
C:\WINDOWS\system32\drivers\down\231265.exe
C:\WINDOWS\system32\drivers\down\232406.exe
C:\WINDOWS\system32\drivers\down\233015.exe
C:\WINDOWS\system32\drivers\down\233046.exe
C:\WINDOWS\system32\drivers\down\234109.exe
C:\WINDOWS\system32\drivers\down\235218.exe
C:\WINDOWS\system32\drivers\down\235250.exe
C:\WINDOWS\system32\drivers\down\235484.exe
C:\WINDOWS\system32\drivers\down\237500.exe
C:\WINDOWS\system32\drivers\down\238000.exe
C:\WINDOWS\system32\drivers\down\238109.exe
C:\WINDOWS\system32\drivers\down\239531.exe
C:\WINDOWS\system32\drivers\down\240906.exe
C:\WINDOWS\system32\drivers\down\242171.exe
C:\WINDOWS\system32\drivers\down\242453.exe
C:\WINDOWS\system32\drivers\down\242515.exe
C:\WINDOWS\system32\drivers\down\243343.exe
C:\WINDOWS\system32\drivers\down\243640.exe
C:\WINDOWS\system32\drivers\down\244328.exe
C:\WINDOWS\system32\drivers\down\244984.exe
C:\WINDOWS\system32\drivers\down\245171.exe
C:\WINDOWS\system32\drivers\down\246484.exe
C:\WINDOWS\system32\drivers\down\247031.exe
C:\WINDOWS\system32\drivers\down\247687.exe
C:\WINDOWS\system32\drivers\down\248187.exe
C:\WINDOWS\system32\drivers\down\248453.exe
C:\WINDOWS\system32\drivers\down\249000.exe
C:\WINDOWS\system32\drivers\down\249671.exe
C:\WINDOWS\system32\drivers\down\249781.exe
C:\WINDOWS\system32\drivers\down\250406.exe
C:\WINDOWS\system32\drivers\down\251468.exe
C:\WINDOWS\system32\drivers\down\253078.exe
C:\WINDOWS\system32\drivers\down\253328.exe
C:\WINDOWS\system32\drivers\down\253437.exe
C:\WINDOWS\system32\drivers\down\254625.exe
C:\WINDOWS\system32\drivers\down\255140.exe
C:\WINDOWS\system32\drivers\down\255328.exe
C:\WINDOWS\system32\drivers\down\255906.exe
C:\WINDOWS\system32\drivers\down\256328.exe
C:\WINDOWS\system32\drivers\down\256531.exe
C:\WINDOWS\system32\drivers\down\258687.exe
C:\WINDOWS\system32\drivers\down\261093.exe
C:\WINDOWS\system32\drivers\down\261390.exe
C:\WINDOWS\system32\drivers\down\262484.exe
C:\WINDOWS\system32\drivers\down\264046.exe
C:\WINDOWS\system32\drivers\down\264203.exe
C:\WINDOWS\system32\drivers\down\264625.exe
C:\WINDOWS\system32\drivers\down\264718.exe
C:\WINDOWS\system32\drivers\down\266515.exe
C:\WINDOWS\system32\drivers\down\267046.exe
C:\WINDOWS\system32\drivers\down\267703.exe
C:\WINDOWS\system32\drivers\down\268609.exe
C:\WINDOWS\system32\drivers\down\269375.exe
C:\WINDOWS\system32\drivers\down\270578.exe
C:\WINDOWS\system32\drivers\down\272015.exe
C:\WINDOWS\system32\drivers\down\273843.exe
C:\WINDOWS\system32\drivers\down\274750.exe
C:\WINDOWS\system32\drivers\down\274859.exe
C:\WINDOWS\system32\drivers\down\275031.exe
C:\WINDOWS\system32\drivers\down\275906.exe
C:\WINDOWS\system32\drivers\down\276515.exe
C:\WINDOWS\system32\drivers\down\276609.exe
C:\WINDOWS\system32\drivers\down\276781.exe
C:\WINDOWS\system32\drivers\down\277250.exe
C:\WINDOWS\system32\drivers\down\277562.exe
C:\WINDOWS\system32\drivers\down\277859.exe
C:\WINDOWS\system32\drivers\down\278765.exe
C:\WINDOWS\system32\drivers\down\279250.exe
C:\WINDOWS\system32\drivers\down\280828.exe
C:\WINDOWS\system32\drivers\down\281625.exe
C:\WINDOWS\system32\drivers\down\282515.exe
C:\WINDOWS\system32\drivers\down\282703.exe
C:\WINDOWS\system32\drivers\down\284453.exe
C:\WINDOWS\system32\drivers\down\284531.exe
C:\WINDOWS\system32\drivers\down\284812.exe
C:\WINDOWS\system32\drivers\down\285640.exe
C:\WINDOWS\system32\drivers\down\286890.exe
C:\WINDOWS\system32\drivers\down\287656.exe
C:\WINDOWS\system32\drivers\down\288546.exe
C:\WINDOWS\system32\drivers\down\289406.exe
C:\WINDOWS\system32\drivers\down\292828.exe
C:\WINDOWS\system32\drivers\down\293750.exe
C:\WINDOWS\system32\drivers\down\293765.exe
C:\WINDOWS\system32\drivers\down\293921.exe
C:\WINDOWS\system32\drivers\down\29436312.exe
C:\WINDOWS\system32\drivers\down\294453.exe
C:\WINDOWS\system32\drivers\down\29464484.exe
C:\WINDOWS\system32\drivers\down\29469125.exe
C:\WINDOWS\system32\drivers\down\29473546.exe
C:\WINDOWS\system32\drivers\down\294859.exe
C:\WINDOWS\system32\drivers\down\29506625.exe
C:\WINDOWS\system32\drivers\down\29533281.exe
C:\WINDOWS\system32\drivers\down\29535328.exe
C:\WINDOWS\system32\drivers\down\29538156.exe
C:\WINDOWS\system32\drivers\down\29548000.exe
C:\WINDOWS\system32\drivers\down\295593.exe
C:\WINDOWS\system32\drivers\down\29561234.exe
C:\WINDOWS\system32\drivers\down\29578015.exe
C:\WINDOWS\system32\drivers\down\29578531.exe
C:\WINDOWS\system32\drivers\down\29582078.exe
C:\WINDOWS\system32\drivers\down\29585125.exe
C:\WINDOWS\system32\drivers\down\29589531.exe
C:\WINDOWS\system32\drivers\down\29621656.exe
C:\WINDOWS\system32\drivers\down\29643078.exe
C:\WINDOWS\system32\drivers\down\296546.exe
C:\WINDOWS\system32\drivers\down\297578.exe
C:\WINDOWS\system32\drivers\down\299281.exe
C:\WINDOWS\system32\drivers\down\300125.exe
C:\WINDOWS\system32\drivers\down\304406.exe
C:\WINDOWS\system32\drivers\down\304640.exe
C:\WINDOWS\system32\drivers\down\306484.exe
C:\WINDOWS\system32\drivers\down\308375.exe
C:\WINDOWS\system32\drivers\down\313250.exe
C:\WINDOWS\system32\drivers\down\313890.exe
C:\WINDOWS\system32\drivers\down\314218.exe
C:\WINDOWS\system32\drivers\down\315343.exe
C:\WINDOWS\system32\drivers\down\317312.exe
C:\WINDOWS\system32\drivers\down\323125.exe
C:\WINDOWS\system32\drivers\down\324078.exe
C:\WINDOWS\system32\drivers\down\326328.exe
C:\WINDOWS\system32\drivers\down\332234.exe
C:\WINDOWS\system32\drivers\down\335718.exe
C:\WINDOWS\system32\drivers\down\336718.exe
C:\WINDOWS\system32\drivers\down\337593.exe
C:\WINDOWS\system32\drivers\down\337937.exe
C:\WINDOWS\system32\drivers\down\341125.exe
C:\WINDOWS\system32\drivers\down\341359.exe
C:\WINDOWS\system32\drivers\down\343546.exe
C:\WINDOWS\system32\drivers\down\344593.exe
C:\WINDOWS\system32\drivers\down\345828.exe
C:\WINDOWS\system32\drivers\down\349140.exe
C:\WINDOWS\system32\drivers\down\358484.exe
C:\WINDOWS\system32\drivers\down\361562.exe
C:\WINDOWS\system32\drivers\down\362859.exe
C:\WINDOWS\system32\drivers\down\363390.exe
C:\WINDOWS\system32\drivers\down\363656.exe
C:\WINDOWS\system32\drivers\down\367671.exe
C:\WINDOWS\system32\drivers\down\372093.exe
C:\WINDOWS\system32\drivers\down\377531.exe
C:\WINDOWS\system32\drivers\down\377968.exe
C:\WINDOWS\system32\drivers\down\380296.exe
C:\WINDOWS\system32\drivers\down\381656.exe
C:\WINDOWS\system32\drivers\down\384187.exe
C:\WINDOWS\system32\drivers\down\384390.exe
C:\WINDOWS\system32\drivers\down\388625.exe
C:\WINDOWS\system32\drivers\down\390218.exe
C:\WINDOWS\system32\drivers\down\391625.exe
C:\WINDOWS\system32\drivers\down\392375.exe
C:\WINDOWS\system32\drivers\down\396031.exe
C:\WINDOWS\system32\drivers\down\397093.exe
C:\WINDOWS\system32\drivers\down\398640.exe
C:\WINDOWS\system32\drivers\down\400156.exe
C:\WINDOWS\system32\drivers\down\407171.exe
C:\WINDOWS\system32\drivers\down\408937.exe
C:\WINDOWS\system32\drivers\down\411000.exe
C:\WINDOWS\system32\drivers\down\413875.exe
C:\WINDOWS\system32\drivers\down\417171.exe
C:\WINDOWS\system32\drivers\down\419906.exe
C:\WINDOWS\system32\drivers\down\420750.exe
C:\WINDOWS\system32\drivers\down\427781.exe
C:\WINDOWS\system32\drivers\down\427828.exe
C:\WINDOWS\system32\drivers\down\428937.exe
C:\WINDOWS\system32\drivers\down\429343.exe
C:\WINDOWS\system32\drivers\down\432609.exe
C:\WINDOWS\system32\drivers\down\433718.exe
C:\WINDOWS\system32\drivers\down\441390.exe
C:\WINDOWS\system32\drivers\down\444187.exe
C:\WINDOWS\system32\drivers\down\449984.exe
C:\WINDOWS\system32\drivers\down\472031.exe
C:\WINDOWS\system32\drivers\down\479703.exe
C:\WINDOWS\system32\drivers\down\481468.exe
C:\WINDOWS\system32\drivers\down\488718.exe
C:\WINDOWS\system32\drivers\down\489437.exe
C:\WINDOWS\system32\drivers\down\502343.exe
C:\WINDOWS\system32\drivers\down\508312.exe
C:\WINDOWS\system32\drivers\down\510968.exe
C:\WINDOWS\system32\drivers\down\514968.exe
C:\WINDOWS\system32\drivers\down\527609.exe
C:\WINDOWS\system32\drivers\down\530250.exe
C:\WINDOWS\system32\drivers\down\531328.exe
C:\WINDOWS\system32\drivers\down\535390.exe
C:\WINDOWS\system32\drivers\down\538062.exe
C:\WINDOWS\system32\drivers\down\542031.exe
C:\WINDOWS\system32\drivers\down\544000.exe
C:\WINDOWS\system32\drivers\down\556984.exe
C:\WINDOWS\system32\drivers\down\557062.exe
C:\WINDOWS\system32\drivers\down\561140.exe
C:\WINDOWS\system32\drivers\down\561281.exe
C:\WINDOWS\system32\drivers\down\563468.exe
C:\WINDOWS\system32\drivers\down\565796.exe
C:\WINDOWS\system32\drivers\down\575843.exe
C:\WINDOWS\system32\drivers\down\582562.exe
C:\WINDOWS\system32\drivers\down\610718.exe
C:\WINDOWS\system32\drivers\down\611421.exe
C:\WINDOWS\system32\drivers\down\615984.exe
C:\WINDOWS\system32\drivers\down\623750.exe
C:\WINDOWS\system32\drivers\down\626437.exe
C:\WINDOWS\system32\drivers\down\63687.exe
C:\WINDOWS\system32\drivers\down\650671.exe
C:\WINDOWS\system32\drivers\down\652875.exe
C:\WINDOWS\system32\drivers\down\655859.exe
C:\WINDOWS\system32\drivers\down\660375.exe
C:\WINDOWS\system32\drivers\down\675234.exe
C:\WINDOWS\system32\drivers\down\675562.exe
C:\WINDOWS\system32\drivers\down\677906.exe
C:\WINDOWS\system32\drivers\down\682062.exe
C:\WINDOWS\system32\drivers\down\683125.exe
C:\WINDOWS\system32\drivers\down\684203.exe
C:\WINDOWS\system32\drivers\down\688375.exe
C:\WINDOWS\system32\drivers\down\693609.exe
C:\WINDOWS\system32\drivers\down\695390.exe
C:\WINDOWS\system32\drivers\down\703359.exe
C:\WINDOWS\system32\drivers\down\723281.exe
C:\WINDOWS\system32\drivers\down\727531.exe
C:\WINDOWS\system32\drivers\down\731625.exe
C:\WINDOWS\system32\drivers\down\731734.exe
C:\WINDOWS\system32\drivers\down\742843.exe
C:\WINDOWS\system32\drivers\down\747203.exe
C:\WINDOWS\system32\drivers\down\765703.exe
C:\WINDOWS\system32\drivers\down\780093.exe
C:\WINDOWS\system32\drivers\down\793359.exe
C:\WINDOWS\system32\drivers\down\95640.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_SROSA
-------\srosa




((((((((((((((((((((((((( Files Created from 2008-01-25 to 2008-02-25 )))))))))))))))))))))))))))))))
.

2008-02-25 20:04 . 2008-02-25 20:26 <DIR> d-------- C:\ComboFix[1]
2008-02-25 19:49 . 2008-02-25 19:49 <DIR> d-------- C:\Documents and Settings\SAPServiceJ2E\Application Data\AVG7
2008-02-25 19:49 . 2008-02-25 19:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-02-25 19:49 . 2008-02-25 19:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-02-24 12:44 . 2008-02-24 12:44 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico
2008-02-24 12:44 . 2008-02-24 12:44 1,406 --a------ C:\WINDOWS\system32\Help.ico
2008-02-24 12:43 . 2008-02-24 13:23 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2008-02-24 12:43 . 2008-02-24 12:44 30,590 --a------ C:\WINDOWS\system32\pavas.ico
2008-02-24 12:20 . 2008-02-24 12:20 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-24 12:15 . 2008-02-24 12:15 <DIR> d-------- C:\Program Files\Alwil Software
2008-02-24 11:59 . 2008-02-24 11:59 <DIR> d-------- C:\WINDOWS\McAfee.com
2008-02-24 09:02 . 2008-02-24 20:06 <DIR> d-------- C:\Program Files\Windows Live Safety Center
2008-02-24 08:57 . 2008-02-25 20:14 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-02-17 18:35 . 2008-02-24 08:50 1,146 --a------ C:\WINDOWS\system32\appldiag
2008-02-17 15:59 . 2008-02-17 16:02 358 --a------ C:\WINDOWS\pdf2word.INI
2008-02-17 15:56 . 2008-02-17 15:56 <DIR> d-------- C:\Program Files\VeryPDF PDF2Word v3.0
2008-02-17 15:47 . 2008-02-17 15:47 43 --a------ C:\WINDOWS\gswin32.ini
2008-02-17 15:13 . 2004-01-10 20:57 122,880 --a------ C:\WINDOWS\system32\pdfmont.dll
2008-02-17 13:08 . 2008-02-17 15:45 <DIR> d-------- C:\Program Files\PlotSoft
2008-02-17 11:33 . 2004-06-06 20:17 53,248 --a------ C:\WINDOWS\system32\uninstpw.exe
2008-02-17 11:33 . 2005-05-07 14:15 24,576 --a------ C:\WINDOWS\system32\custsave.exe
2008-02-17 11:18 . 2008-02-17 11:20 <DIR> d-------- C:\Program Files\gs
2008-02-04 19:12 . 2008-02-04 19:12 <DIR> d-------- C:\Program Files\DVD Shrink
2008-02-04 19:12 . 2008-02-05 17:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-25 23:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Babylon
2008-02-25 23:16 --------- d-----w C:\Documents and Settings\rokazawa\Application Data\Skype
2008-02-20 01:01 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-02-20 01:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-02-17 18:49 --------- d-----w C:\Program Files\eMule
2008-02-10 16:02 --------- d-----w C:\Program Files\DivX
2008-01-04 21:59 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-01-04 21:58 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-01-04 21:58 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-01-04 21:58 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-01-04 21:57 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-01-04 21:57 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-01-04 21:57 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-01-04 21:57 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-01-04 21:57 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2008-01-04 21:57 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-01-04 21:57 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-01-04 21:57 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-01-04 21:57 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-01-04 21:57 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-01-04 21:57 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-01-04 21:57 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-01-04 21:56 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-01-04 21:56 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-01-01 20:20 --------- d-----w C:\Documents and Settings\j2eadm\Application Data\ACD Systems
2008-01-01 20:19 --------- d-----w C:\Documents and Settings\j2eadm\Application Data\HP
2007-12-31 20:28 --------- d-----w C:\Program Files\Winamp
2007-12-07 02:21 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-04 18:38 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-10-09 11:32 28,808 ----a-w C:\Documents and Settings\rokazawa\Application Data\GDIPFONTCACHEV1.DAT
2007-06-28 01:39 32,990,353 ----a-w C:\Program Files\TT_hi.wmv
2006-02-19 06:28 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
2005-04-01 01:17 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2006-02-26 04:09 720569]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2006-10-13 16:20 20058152]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54 5674352]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-03 19:29 165784]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 21:56 15360]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-02-25 20:09 145920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-10-29 10:28 185896]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-04-01 09:52 1368064]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2004-03-26 13:40 794624]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 21:57 30208]
"RaidTool"="C:\Program Files\VIA\RAID\raid_tool.exe" [2005-04-26 08:22 589824]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24 286720]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2006-05-18 10:29 49152]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 14:42 267064]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41 49152]
"Device Detector"="DevDetect.exe" []
"Babylon Client"="C:\Program Files\Babylon\Babylon-Pro\Babylon.exe" [2006-12-13 16:15 2785256]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-07-14 14:09 57344]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-02-25 20:09 411648]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 21:56 15360]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-02-25 20:09 145920]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26 29696]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22 288472]
HP Photosmart Premier Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2006-02-10 07:56:20 73728]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 08:01:04 83360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"23503:TCP"= 23503:TCP:BitComet 23503 TCP
"23503:UDP"= 23503:UDP:BitComet 23503 UDP

R2 BCMNTIO;BCMNTIO;C:\PROGRA~1\CheckIt\DIAGNO~1\BCMNTIO.sys [2004-03-05 16:09]
R2 HWiNFO32;HWiNFO32 Kernel Driver;C:\Program Files\HWiNFO32\HWiNFO32.SYS [2007-03-05 19:14]
R2 MAPMEM;MAPMEM;C:\PROGRA~1\CheckIt\DIAGNO~1\MAPMEM.sys [2004-03-05 16:09]
R2 SAPDBWWW;SAP DB WWW;c:\sapdb\programs\web\pgm\wahttp.exe [2006-09-04 21:05]
R2 SAPJ2E_00;SAPJ2E_00;C:\usr\sap\J2E\SCS00\exe\sapstartsrv.exe pf=C:\usr\sap\J2E\SYS\profile\START_SCS00_okazawa []
R2 SAPJ2E_01;SAPJ2E_01;C:\usr\sap\J2E\JC01\exe\sapstartsrv.exe pf=C:\usr\sap\J2E\SYS\profile\START_JC01_okazawa []
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 18:38]
R2 XServer;XServer;c:\sapdb\programs\pgm\serv.exe [2006-09-04 18:59]
R3 msloop;Microsoft Loopback Adapter Driver;C:\WINDOWS\system32\DRIVERS\loop.sys [2001-08-17 13:53]
S2 Agendador do LiveUpdate automático;Agendador do LiveUpdate automático;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" []
S2 NvNdis;NVIDIA NDIS IO Control Driver;C:\WINDOWS\system32\Drivers\NvNdis.sys []
S2 SAPOsCol;SAPOsCol;C:\usr\sap\J2E\SCS00\exe\saposcol.exe service []
S3 ASPI;Advanced SCSI Programming Interface Driver;C:\WINDOWS\System32\DRIVERS\ASPI32.sys [2002-07-17 08:05]
S3 SAP DBTech-.M760034 (quick);SAPDB: .M760034 (quick);C:\sapdb\J2E\db\pgm\quickknl.exe []
S3 SAP DBTech-.M760034 (slow);SAPDB: .M760034 (slow);C:\sapdb\J2E\db\pgm\slowknl.exe [2006-09-04 22:02]
S3 SAP DBTech-.M760034 (test);SAPDB: .M760034 (omststknl.exe);C:\sapdb\J2E\db\pgm\omststknl.exe []
S3 SAP DBTech-.M760034;SAPDB: .M760034;C:\sapdb\J2E\db\pgm\kernel.exe [2006-09-04 20:41]
S3 SAP DBTech-J2E (quick);SAPDB: J2E (quick);C:\sapdb\J2E\db\pgm\quickknl.exe []
S3 SAP DBTech-J2E (slow);SAPDB: J2E (slow);C:\sapdb\J2E\db\pgm\slowknl.exe [2006-09-04 22:02]
S3 SAP DBTech-J2E (test);SAPDB: J2E (omststknl.exe);C:\sapdb\J2E\db\pgm\omststknl.exe []
S3 SAP DBTech-J2E;SAPDB: J2E;C:\sapdb\J2E\db\pgm\kernel.exe [2006-09-04 20:41]
S3 sapccmsr.01;SAPCCMSR.01;C:\usr\sap\J2E\JC01\exe\sapccmsr.exe -Service pf=C:\usr\sap\J2E\SYS\profile\J2E_JC01_okazawa []

.
Contents of the 'Scheduled Tasks' folder
"2008-02-05 21:07:17 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-02-25 22:56:00 C:\WINDOWS\Tasks\Verificar Atualizações para a Barra de Ferramentas do Windows Live.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2008-02-24 21:27:00 C:\WINDOWS\Tasks\WebReg Photosmart C4100 series.job"
- C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-25 20:39:53
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-25 20:40:32
ComboFix-quarantined-files.txt 2008-02-25 23:40:30
.
2008-02-12 23:51:32 --- E O F ---

BC AdBot (Login to Remove)

 


#2 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:03:50 AM

Posted 26 February 2008 - 09:00 AM

Hi,

The malware was already deleted by Combofix.

All you have to do here is to reinstall your Antivirus, because the malware you were dealing with previously corrupted your Antivirus.
Not sure what Antivirus you are using here, because you talk about AVG while I see references to McAfee and Symantec/Norton in your log. Keep in mind, you can't have more than one Antivirus installed!

* Go to start > run and copy and paste next command in the field:

ComboFix /u

Make sure there's a space between Combofix and /
Then hit enter.

This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.

Reboot and post a HijackThislog after reboot, after you have reinstalled your Antivirus.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:03:50 AM

Posted 07 March 2008 - 04:36 AM

Due to the lack of feedback, this Topic is closed.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users