Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

2nd Try, First Killed My Pc For A Month


  • Please log in to reply
1 reply to this topic

#1 CrytekRegulator

CrytekRegulator

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:10:43 PM

Posted 27 February 2008 - 05:15 PM

ComboFix 08-02-25.3 - Zack 2008-02-25 20:45:21.2 - NTFSx86
Running from: C:\Documents and Settings\Zack\Local Settings\Temporary Internet Files\Content.IE5\7MRRNZUL\ComboFix[1].exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\eliteprotector
C:\WINDOWS\cookies.ini
C:\WINDOWS\PerfInfo
C:\WINDOWS\ppqvmpqr
C:\WINDOWS\ppqvmpqr\1.png
C:\WINDOWS\ppqvmpqr\2.png
C:\WINDOWS\ppqvmpqr\3.png
C:\WINDOWS\ppqvmpqr\4.png
C:\WINDOWS\ppqvmpqr\5.png
C:\WINDOWS\ppqvmpqr\6.png
C:\WINDOWS\ppqvmpqr\bottom-rc.gif
C:\WINDOWS\ppqvmpqr\content.png
C:\WINDOWS\ppqvmpqr\download.gif
C:\WINDOWS\ppqvmpqr\frame-bottom-left.gif
C:\WINDOWS\ppqvmpqr\frame-h1bg.gif
C:\WINDOWS\ppqvmpqr\head.png
C:\WINDOWS\ppqvmpqr\indexuc.html
C:\WINDOWS\ppqvmpqr\indexud.html
C:\WINDOWS\ppqvmpqr\main.css
C:\WINDOWS\ppqvmpqr\net.png
C:\WINDOWS\ppqvmpqr\pc-mag.gif
C:\WINDOWS\ppqvmpqr\pc.gif
C:\WINDOWS\ppqvmpqr\poloska1.png
C:\WINDOWS\ppqvmpqr\poloska2.png
C:\WINDOWS\ppqvmpqr\poloska3.png
C:\WINDOWS\ppqvmpqr\promouc1.html
C:\WINDOWS\ppqvmpqr\promouc2.html
C:\WINDOWS\ppqvmpqr\promouc3.html
C:\WINDOWS\ppqvmpqr\promouc4.html
C:\WINDOWS\ppqvmpqr\promouc5.html
C:\WINDOWS\ppqvmpqr\promoud1.html
C:\WINDOWS\ppqvmpqr\promoud2.html
C:\WINDOWS\ppqvmpqr\promoud3.html
C:\WINDOWS\ppqvmpqr\promoud4.html
C:\WINDOWS\ppqvmpqr\promoud5.html
C:\WINDOWS\ppqvmpqr\reg.png
C:\WINDOWS\ppqvmpqr\repair.png
C:\WINDOWS\ppqvmpqr\scr-1.png
C:\WINDOWS\ppqvmpqr\scr-2.png
C:\WINDOWS\ppqvmpqr\styles.css
C:\WINDOWS\ppqvmpqr\top-rc.gif
C:\WINDOWS\ppqvmpqr\vline.gif
C:\WINDOWS\system32\awvvw.dll
C:\WINDOWS\system32\baivnabi.dll
C:\WINDOWS\system32\bynbbryi.dll
C:\WINDOWS\system32\dsygcgyt.ini
C:\WINDOWS\system32\eixngbgf.dll
C:\WINDOWS\system32\ekuqqnpi.dll
C:\WINDOWS\system32\ekvkdsbq.ini
C:\WINDOWS\system32\gmfrjjwt.dll
C:\WINDOWS\system32\hperfgty.ini
C:\WINDOWS\system32\kcwbnjrc.ini
C:\WINDOWS\system32\ndaTqsVqrX.dll
C:\WINDOWS\system32\otqayjto.dll
C:\WINDOWS\system32\ppvvhtfv.dll
C:\WINDOWS\system32\qbsdkvke.dll
C:\WINDOWS\system32\rsgadkom.exe
C:\WINDOWS\system32\rsmbbgym.dll
C:\WINDOWS\system32\suemkqll.dll
C:\WINDOWS\system32\tygcgysd.dll
C:\WINDOWS\system32\vtstu.dll
C:\WINDOWS\system32\wegaabxv.dll
C:\WINDOWS\system32\wowfx.dll
C:\WINDOWS\system32\wvvwa.ini
C:\WINDOWS\system32\wvvwa.ini2
C:\WINDOWS\system32\yopjkpht.ini
C:\WINDOWS\system32\ytgfreph.dll
.
---- Previous Run -------
.
C:\Documents and Settings\All Users\Start Menu\Live Safety Center.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\autorun.exe
C:\Documents and Settings\Zack\Application Data\antivirus.exe
C:\Documents and Settings\Zack\Application Data\macromedia\Flash Player\#SharedObjects\673ZN837\www.broadcaster.com
C:\Documents and Settings\Zack\Application Data\macromedia\Flash Player\#SharedObjects\673ZN837\www.broadcaster.com\BCLUserPrefs.sol
C:\Documents and Settings\Zack\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\Documents and Settings\Zack\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\Documents and Settings\Zack\Application Data\nvsvc1024.dll
C:\Documents and Settings\Zack\Application Data\printer.exe
C:\Documents and Settings\Zack\Application Data\ultra
C:\Documents and Settings\Zack\Application Data\ultra\uninstall.bat
C:\Documents and Settings\Zack\Desktop\Find Spyware Remover.lnk
C:\Documents and Settings\Zack\Desktop\Free Online Dating.lnk
C:\Documents and Settings\Zack\Desktop\Go to Casino.lnk
C:\Documents and Settings\Zack\Favorites\Online Security Guide.lnk
C:\Documents and Settings\Zack\My Documents\FNTS~1
C:\Documents and Settings\Zack\Start Menu\Programs\Startup\findfast.exe
C:\Program Files\3269.exe
C:\Program Files\Helper
C:\Program Files\Helper\Helper8.dll
C:\Program Files\irmbilwf
C:\Program Files\irmbilwf\kjwzirol.dll
C:\Program Files\outerinfo
C:\Program Files\outerinfo\OiUninstaller.exe
C:\Program Files\outerinfo\outerinfo.ico
C:\Program Files\SecCenter
C:\Program Files\SecCenter\scprot4.exe
C:\Program Files\SecCenter\scprot4.exe.bak
C:\Program Files\spoolsv.exe
C:\Program Files\ucleaner_setup.exe
C:\Program Files\Ultimate Cleaner
C:\WINDOWS\Casino.ico
C:\WINDOWS\cookies.ini
C:\WINDOWS\Free Online Dating.ico
C:\WINDOWS\inf\ultra.inf
C:\WINDOWS\lsass.exe
C:\WINDOWS\mgrs.exe
C:\WINDOWS\PerfInfo
C:\WINDOWS\PerfInfo\Iorw9ogv6buc.exe
C:\WINDOWS\PerfInfo\Iorw9ogv6bud.exe
C:\WINDOWS\shell.exe
C:\WINDOWS\Spyware Remover.ico
C:\WINDOWS\system32\ajpgldch.ini
C:\WINDOWS\system32\atawcxsu.exe
C:\WINDOWS\system32\awjcmrdy.dll
C:\WINDOWS\system32\bpsoctim.dll
C:\WINDOWS\system32\dbpdihcs.dll
C:\WINDOWS\system32\ddiqppdb.dll
C:\WINDOWS\system32\drvdiv.dll
C:\WINDOWS\system32\drvdivr.dll
C:\WINDOWS\system32\efhileoo.dll
C:\WINDOWS\system32\fwqldneq.dll
C:\WINDOWS\system32\gebcywt.dll
C:\WINDOWS\system32\gyfbffpg.exe
C:\WINDOWS\system32\hcdlgpja.dll
C:\WINDOWS\system32\idsbnumi.exe
C:\WINDOWS\system32\isueiubo.exe
C:\WINDOWS\system32\jcpciqpb.exe
C:\WINDOWS\system32\jkedktnk.exe
C:\WINDOWS\system32\jslfckms.dll
C:\WINDOWS\system32\ketgracd.exe
C:\WINDOWS\system32\kiwrmkxw.dll
C:\WINDOWS\system32\mcrupdate.exe
C:\WINDOWS\system32\mhodohxl.exe
C:\WINDOWS\system32\mitcospb.ini
C:\WINDOWS\system32\mwbtiqht.dll
C:\WINDOWS\system32\mwnmjyom.dll
C:\WINDOWS\system32\nepuxxyp.dll
C:\WINDOWS\system32\nflamqep.dll
C:\WINDOWS\system32\nhnnyrfk.exe
C:\WINDOWS\system32\nrpmxstb.exe
C:\WINDOWS\system32\nuinopsd
C:\WINDOWS\system32\nuinopsd\bg1.gif
C:\WINDOWS\system32\nuinopsd\bgtop.gif
C:\WINDOWS\system32\nuinopsd\bottom1.gif
C:\WINDOWS\system32\nuinopsd\essentials.gif
C:\WINDOWS\system32\nuinopsd\icon1.ico
C:\WINDOWS\system32\nuinopsd\install1.gif
C:\WINDOWS\system32\nuinopsd\left1.gif
C:\WINDOWS\system32\nuinopsd\li.gif
C:\WINDOWS\system32\nuinopsd\logo.gif
C:\WINDOWS\system32\nuinopsd\main.htm
C:\WINDOWS\system32\nuinopsd\mainframe.htm
C:\WINDOWS\system32\nuinopsd\nuinopsd1.exe
C:\WINDOWS\system32\nuinopsd\nuinopsd2.exe
C:\WINDOWS\system32\nuinopsd\reinstall1.gif
C:\WINDOWS\system32\nuinopsd\right1.gif
C:\WINDOWS\system32\nuinopsd\s1.htm
C:\WINDOWS\system32\nuinopsd\s2.htm
C:\WINDOWS\system32\nuinopsd\s3.htm
C:\WINDOWS\system32\nuinopsd\SMTop1.gif
C:\WINDOWS\system32\nuinopsd\SMTop2.gif
C:\WINDOWS\system32\nuinopsd\SMTop3.gif
C:\WINDOWS\system32\nuinopsd\SMTop4.gif
C:\WINDOWS\system32\nuinopsd\soft1_off.gif
C:\WINDOWS\system32\nuinopsd\soft1_off_ext.gif
C:\WINDOWS\system32\nuinopsd\soft1_on.gif
C:\WINDOWS\system32\nuinopsd\soft1_on_ext.gif
C:\WINDOWS\system32\nuinopsd\soft2_off.gif
C:\WINDOWS\system32\nuinopsd\soft2_off_ext.gif
C:\WINDOWS\system32\nuinopsd\soft2_on.gif
C:\WINDOWS\system32\nuinopsd\soft2_on_ext.gif
C:\WINDOWS\system32\nuinopsd\soft3_off.gif
C:\WINDOWS\system32\nuinopsd\soft3_off_ext.gif
C:\WINDOWS\system32\nuinopsd\soft3_on.gif
C:\WINDOWS\system32\nuinopsd\soft3_on_ext.gif
C:\WINDOWS\system32\nuinopsd\softbottom_off.gif
C:\WINDOWS\system32\nuinopsd\softbottom_on.gif
C:\WINDOWS\system32\nuinopsd\softleft_off.gif
C:\WINDOWS\system32\nuinopsd\softleft_on.gif
C:\WINDOWS\system32\nuinopsd\top1.gif
C:\WINDOWS\system32\nuinopsd\top2.gif
C:\WINDOWS\system32\nuinopsd\turnoff1.gif
C:\WINDOWS\system32\nuinopsd\turnon1.gif
C:\WINDOWS\system32\ojereavt.dll
C:\WINDOWS\system32\pnynqihm.dll
C:\WINDOWS\system32\printer.exe
C:\WINDOWS\system32\pruppnqw.exe
C:\WINDOWS\system32\qendlqwf.ini
C:\WINDOWS\system32\qxajrxdv.exe
C:\WINDOWS\system32\ratqibgt.ini
C:\WINDOWS\system32\rfkicaus.dll
C:\WINDOWS\system32\spoolvs.exe
C:\WINDOWS\system32\syudrpjt.exe
C:\WINDOWS\system32\tclrjhfd.dll
C:\WINDOWS\system32\tdxdlfri.dll
C:\WINDOWS\system32\tgbiqtar.dll
C:\WINDOWS\system32\ufhoxrwu.exe
C:\WINDOWS\system32\utstv.ini
C:\WINDOWS\system32\utstv.ini2
C:\WINDOWS\system32\vpknwqft.dll
C:\WINDOWS\system32\vxlqlmpr.dllbox
C:\WINDOWS\system32\whxfqbog.exe
C:\WINDOWS\system32\winrnt32.dll
C:\WINDOWS\system32\wpcngwlx.dll
C:\WINDOWS\system32\wvkmdfax.dll
C:\WINDOWS\system32\wxkmrwik.ini
C:\WINDOWS\system32\xafdmkvw.ini
C:\WINDOWS\system32\xfqgdlvp.exe
C:\WINDOWS\system32\xlibgfl254.dll
C:\WINDOWS\system32\xpgbldfw.dll
C:\WINDOWS\system32\xuytpybn.dll
C:\WINDOWS\system32\xyngngxs.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_DOMAINSERVICE
-------\DomainService


-------\LEGACY_DOMAINSERVICE
-------\DomainService


((((((((((((((((((((((((( Files Created from 2008-01-26 to 2008-02-26 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-10 17:47 --------- d-----w C:\Program Files\Yahoo!
2008-01-10 17:46 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-01-10 17:45 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-01-10 04:57 --------- d-----w C:\Program Files\TuneUp Utilities 2006
2008-01-10 04:52 --------- d-----w C:\Program Files\Microsoft IntelliType Pro
2008-01-10 04:29 --------- d-----w C:\Program Files\Avant Browser
2008-01-10 04:09 --------- d-----w C:\Program Files\LimeWire
2008-01-10 04:09 --------- d-----w C:\Documents and Settings\Zack\Application Data\teamspeak2
2008-01-10 04:09 --------- d-----w C:\Documents and Settings\Zack\Application Data\Morpheus Ultra
2008-01-10 04:09 --------- d-----w C:\Documents and Settings\Zack\Application Data\Morpheus
2008-01-10 04:09 --------- d-----w C:\Documents and Settings\Zack\Application Data\Avant Browser
2008-01-10 04:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\EnterNHelp
2008-01-09 18:29 --------- d-----w C:\Program Files\Sygate
2008-01-09 18:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-09 18:23 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-01-09 18:17 --------- d-----w C:\Program Files\Lavasoft
2008-01-09 17:41 --------- d-----w C:\Program Files\Trend Micro
2007-12-30 20:36 --------- d-----w C:\Documents and Settings\Zack\Application Data\SUPERAntiSpyware.com
2007-12-30 20:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-12-30 20:29 --------- d-----w C:\Program Files\XoftSpySE
2007-12-22 17:42 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2007-12-09 14:41 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
2007-12-09 14:32 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLds.DAT
2007-12-07 21:47 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2007-01-17 16:27 722,176 ----a-w C:\Documents and Settings\Zack\gotomypc_428.exe
2006-05-31 20:36 63,656 ----a-w C:\Documents and Settings\Zack\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00 15360]
"AOL Fast Start"="C:\PROGRA~1\AMERIC~1.0\AOL.exe" [2005-07-12 06:17 50776]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 16:43 4670704]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 10:24 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-07-20 19:07 7110656]
"type32"="C:\Program Files\Microsoft IntelliType Pro\type32.exe" [2005-03-15 03:46 196608]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-04-22 19:18 180269]
"UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 19:40 2577632]
"nwiz"="nwiz.exe" [2005-07-20 19:07 1519616 C:\WINDOWS\system32\nwiz.exe]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"LoadMSvcmm"="C:\Program Files\Movielink\MovielinkManager\Movielink User.exe" [2007-09-10 16:14 124248]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [ ]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41 49152]
"HostManager"="C:\Program Files\Common Files\AOL\1137735225\ee\AOLSoftware.exe" [2006-09-25 18:52 50736]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 04:48 157592]
"AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" [2006-10-23 06:50 71216]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [ ]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22 288472]
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe [2007-05-28 08:52:25 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cbxwvss]
cbxwvss.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vxlqlmpr]
vxlqlmpr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wvusssp]
wvusssp.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\xxywwtr]
xxywwtr.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, wowfx.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Aim6"="C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe" /d locale=en-US ee://aol/imApp
"AOL Fast Start"="C:\PROGRA~1\AMERIC~1.0\AOL.EXE" -b
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background
"AIM"=C:\Program Files\AIM\aim.exe -cnetwait.odl
"igndlm.exe"=C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
"YSearchProtection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Share-to-Web Namespace Daemon"=C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
"Pure Networks Port Magic"="C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe
"CamMonitor"=C:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe
"HostManager"=C:\Program Files\Common Files\AOL\1137735225\ee\AOLSoftware.exe
"AOL Spyware Protection"="C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
"IPHSend"=C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"BMafc3f513"=Rundll32.exe "C:\WINDOWS\system32\rsmbbgym.dll",s
"acf0c68f"=rundll32.exe "C:\WINDOWS\system32\tygcgysd.dll",b
"MediaFace Integration"=C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2004-08-04 06:00]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 15:38]
S2 NMSSvc;Intel® NMS;C:\WINDOWS\system32\NMSSvc.exe [2002-02-27 09:57]
S3 PhilCam8116;Logitech QuickCam Pro 3000 (08B0);C:\WINDOWS\system32\DRIVERS\CamDrO21.sys [2001-08-17 13:05]
S3 RtlPacket;RtlPacket;C:\WINDOWS\system32\Drivers\packet.sys [2001-09-26 15:49]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{35e33803-8942-11da-8b58-806d6172696f}]
\Shell\AutoRun\command - D:\FarCryAutoCD.exe

.
Contents of the 'Scheduled Tasks' folder
"2007-12-28 23:15:00 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
"2007-12-24 14:55:04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-02-26 02:54:05 C:\WINDOWS\Tasks\XoftSpySE 2.job"
- C:\Program Files\XoftSpySE\XoftSpy.exe
"2007-12-30 20:28:50 C:\WINDOWS\Tasks\XoftSpySE.job"
- C:\Program Files\XoftSpySE\XoftSpy.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-25 20:55:07
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\MOVIEL~1\MOVIEL~1\MOVIEL~1.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\devldr32.exe
C:\PROGRA~1\AMERIC~1.0\waol.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\AMERIC~1.0\shellmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
.
**************************************************************************
.
Completion time: 2008-02-25 20:59:18 - machine was rebooted [Zack]
ComboFix-quarantined-files.txt 2008-02-26 02:59:13

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,503 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:12:43 AM

Posted 17 March 2008 - 07:26 AM

I apologize for the very long delay. We have a huge backlog of HijackThis Logs to handle and it has been taking us greater time than normal to get caught up. If you are still having a problem, and want us to analyze your information, please post a brand new hijackthis log. If we do not hear back from you within a couple of days we will need to close your topic.

When posting your logs please post them directly into the reply. Do not attach them.

Also make sure you have already followed the steps outlined below:

Preparation Guide For Use Before Posting A Hijackthis Log

Thank you for your patience.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users