Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Combo Fix Log


  • Please log in to reply
2 replies to this topic

#1 sleazebagger

sleazebagger

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:20 AM

Posted 03 March 2008 - 02:49 AM

I set a restore counsel properly and ran but it didn't go through any stages. All I got was this simple log when I know I have Trojan.vundo and a couple other that were listed as appropriate for combo fix




Log:


WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons



Thanks much

BC AdBot (Login to Remove)

 


m

#2 sleazebagger

sleazebagger
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:20 AM

Posted 03 March 2008 - 03:30 AM

So i re-ran combo fix and this is my log:








ComboFix 08-03-03.6 - Owner 2008-03-03 1:54:32.1 - NTFSx86
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\ucleaner_setup.exe
C:\WINDOWS\system32\exbrmleg.dll
C:\WINDOWS\system32\gqrjagsm.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\qtnljepv.ini
C:\WINDOWS\system32\ssqrppo.dll
C:\WINDOWS\system32\ststv.ini
C:\WINDOWS\system32\ststv.ini2
C:\WINDOWS\system32\vpejlntq.dll
C:\WINDOWS\system32\vrymeqgt.dll
C:\WINDOWS\system32\vtsts.dll
C:\WINDOWS\system32\winepi32.dll
C:\WINDOWS\system32\winupdate.exe

.
((((((((((((((((((((((((( Files Created from 2008-02-03 to 2008-03-03 )))))))))))))))))))))))))))))))
.

2008-03-02 17:37 . 2008-03-02 17:37 16,628 --a------ C:\Program Files\tmp81819125.exe
2008-03-01 09:40 . 2008-03-01 09:40 91,615 --a------ C:\Program Files\udefender_setup.exe
2008-03-01 09:34 . 2008-03-01 09:34 16,600 --a------ C:\Program Files\tmp101696484.exe
2008-03-01 09:34 . 2008-03-01 09:34 16,556 --a------ C:\Program Files\tmp101696500.exe
2008-03-01 09:34 . 2008-03-01 09:34 13,504 --a------ C:\Program Files\tmp101697390.exe
2008-03-01 09:34 . 2008-03-01 09:34 13,364 --a------ C:\Program Files\tmp101698421.exe
2008-03-01 09:12 . 2008-03-02 17:51 414 ---hs---- C:\WINDOWS\system32\pnhphptw.ini
2008-02-29 03:44 . 2008-03-01 09:50 27,840 --a------ C:\Program Files\xloader30029.exe
2008-02-29 00:45 . 2008-02-29 00:45 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\InterVideo
2008-02-29 00:42 . 2008-02-29 00:42 <DIR> d-------- C:\Program Files\InterVideo Information Service
2008-02-29 00:42 . 2008-02-29 00:42 <DIR> d-------- C:\Program Files\Common Files\Ulead
2008-02-29 00:42 . 2006-05-11 18:41 654 --------- C:\WINDOWS\remove.iss
2008-02-29 00:41 . 2008-02-29 00:41 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
2008-02-29 00:36 . 2008-02-29 00:36 <DIR> d-------- C:\Program Files\Common Files\InterVideo
2008-02-29 00:35 . 2008-02-29 00:36 <DIR> d-------- C:\Program Files\InterVideo
2008-02-29 00:31 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2008-02-28 23:16 . 2008-02-28 23:16 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2008-02-28 23:11 . 2008-02-28 23:11 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-02-28 23:11 . 2008-02-28 23:14 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-02-28 22:42 . 2008-02-28 22:42 <DIR> d-------- C:\Program Files\Common Files\xing shared
2008-02-27 12:14 . 2008-02-27 12:15 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Walgreens
2008-02-18 14:48 . 2008-02-18 14:48 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
2008-02-18 12:01 . 2008-02-18 12:45 <DIR> d-------- C:\Documents and Settings\Owner\temp
2008-02-18 12:01 . 2008-02-18 12:45 <DIR> d--h----- C:\Documents and Settings\Owner\QMCache00
2008-02-18 12:01 . 2008-02-21 18:40 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Move Networks
2008-02-16 12:00 . 2008-02-16 12:20 <DIR> d-------- C:\Program Files\M-Audio USB Keyboard Device
2008-02-16 12:00 . 2008-02-16 12:19 724,992 --a------ C:\WINDOWS\iun6002.exe
2008-02-16 11:59 . 2008-02-16 12:19 82,944 --a------ C:\WINDOWS\system32\usbkt1x1.dll
2008-02-16 11:59 . 2008-02-16 12:19 22,304 --a------ C:\WINDOWS\system32\drivers\usbkt1x1.sys
2008-02-16 11:59 . 2008-02-16 12:19 13,504 --a------ C:\WINDOWS\system32\drivers\uks11ldr.sys
2008-02-11 10:03 . 2008-02-12 23:01 <DIR> d-------- C:\Program Files\Full Tilt Poker
2008-02-10 19:33 . 2008-02-10 19:33 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\ImgBurn
2008-02-10 19:31 . 2008-02-10 19:32 <DIR> d-------- C:\Program Files\ImgBurn
2008-02-10 17:06 . 2008-02-10 17:06 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\InstallShield
2008-02-08 23:07 . 2008-02-08 23:07 368,640 --a------ C:\WINDOWS\system32\ReWire.dll
2008-02-08 23:07 . 2008-02-08 23:07 233,472 --a------ C:\WINDOWS\system32\REX Shared Library.dll
2008-02-08 22:29 . 2008-02-08 22:29 <DIR> d-------- C:\Program Files\Propellerhead
2008-02-08 21:52 . 2008-02-08 21:52 <DIR> d-------- C:\Program Files\uTorrent
2008-02-08 21:52 . 2008-03-02 20:22 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\uTorrent
2008-02-07 15:59 . 2008-02-07 16:02 <DIR> d-------- C:\Program Files\Winamp
2008-02-07 15:59 . 2008-02-07 16:59 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Winamp
2008-02-05 21:13 . 2008-02-05 21:15 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\VTExtra
2008-02-03 13:06 . 2008-02-03 13:06 <DIR> d-------- C:\Program Files\Native Instruments
2008-02-03 13:03 . 2008-02-03 13:03 <DIR> d-------- C:\Program Files\MagicDisc
2008-02-03 13:03 . 2007-09-05 01:46 92,544 --a------ C:\WINDOWS\system32\drivers\mcdbus.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-03 08:21 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-03-03 08:16 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-02 23:57 --------- d-----w C:\Program Files\PokerStars
2008-02-29 06:44 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
2008-02-29 06:42 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-29 06:35 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-29 06:09 --------- d-----w C:\Program Files\CyberLink
2008-02-29 04:42 --------- d-----w C:\Program Files\Real
2008-02-29 04:41 --------- d-----w C:\Program Files\Common Files\Real
2008-02-27 03:59 --------- d-----w C:\Documents and Settings\Owner\Application Data\DivX
2008-02-24 03:57 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
2008-02-19 01:24 --------- d-----w C:\Program Files\Yahoo!
2008-02-13 16:01 --------- d-----w C:\Program Files\eMule
2008-02-09 06:54 --------- d-----w C:\Documents and Settings\Owner\Application Data\Azureus
2008-01-31 19:59 --------- d-----w C:\Program Files\DivX
2008-01-31 18:48 --------- d-----w C:\Documents and Settings\Owner\Application Data\Propellerhead Software
2008-01-31 18:08 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\Propellerhead Software
2008-01-29 06:41 --------- d-----w C:\Documents and Settings\Owner\Application Data\CyberLink
2008-01-29 06:41 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
2008-01-26 00:16 --------- d-----w C:\Program Files\EA GAMES
2008-01-25 13:44 --------- d-----w C:\Program Files\TuneUp Utilities 2006
2008-01-24 17:13 --------- d-----w C:\Program Files\PowerISO
2008-01-24 17:02 --------- d-----w C:\Program Files\MagicISO
2008-01-24 16:20 --------- d-----w C:\Program Files\Belarc
2008-01-24 15:01 --------- d-----w C:\Program Files\Norton AntiVirus
2008-01-24 14:52 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
2008-01-24 14:49 --------- d-----w C:\Program Files\MSBuild
2008-01-24 14:49 --------- d-----w C:\Program Files\Microsoft Works
2008-01-23 22:44 --------- d-----w C:\Documents and Settings\Owner\Application Data\Thunderbird
2008-01-23 01:33 --------- d-----w C:\Program Files\Symantec
2008-01-23 01:32 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
2008-01-23 01:32 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
2008-01-23 01:32 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2008-01-23 01:32 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2008-01-23 01:03 --------- d-----w C:\Program Files\Common Files\Kaspersky Lab
2008-01-23 00:52 --------- d-----w C:\Program Files\RegDoctor
2008-01-23 00:51 89,088 ----a-w C:\WINDOWS\system32\atl71.dll
2008-01-23 00:51 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-01-23 00:51 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-01-23 00:51 1,060,864 ----a-w C:\WINDOWS\system32\mfc71.dll
2008-01-23 00:49 1,047,552 ----a-w C:\WINDOWS\system32\mfc71u.dll
2008-01-23 00:41 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
2008-01-23 00:39 --------- d-----w C:\Program Files\Azureus
2008-01-23 00:27 --------- d-----w C:\Program Files\iolo
2008-01-22 21:27 --------- d-----w C:\Documents and Settings\Owner\Application Data\iolo
2008-01-22 21:19 --------- d-----w C:\Program Files\Kaspersky Lab
2008-01-22 21:18 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Anti-Virus Personal
2008-01-22 21:02 --------- d-----w C:\Program Files\Common Files\Adobe
2008-01-22 21:00 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
2008-01-22 20:59 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
2008-01-22 20:42 --------- d-----w C:\Documents and Settings\Owner\Application Data\Ashampoo
2008-01-22 20:39 --------- d-----w C:\Program Files\Ashampoo
2008-01-22 20:39 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\ashampoo
2008-01-22 20:13 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-01-22 20:13 --------- d-----w C:\Documents and Settings\Owner\Application Data\TuneUp Software
2008-01-22 20:13 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
2008-01-22 19:48 --------- d-----w C:\Program Files\iTunes
2008-01-22 19:48 --------- d-----w C:\Documents and Settings\Owner\Application Data\Apple Computer
2008-01-22 19:47 --------- d-----w C:\Program Files\QuickTime
2008-01-22 19:47 --------- d-----w C:\Program Files\iPod
2008-01-22 19:47 --------- d-----w C:\Program Files\Bonjour
2008-01-22 19:46 --------- d-----w C:\Program Files\Apple Software Update
2008-01-22 19:45 --------- d-----w C:\Program Files\Common Files\Apple
2008-01-22 19:45 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
2008-01-22 19:30 --------- d-----w C:\Program Files\Java
2008-01-22 19:29 --------- d-----w C:\Program Files\Common Files\Java
2008-01-22 18:10 20,747 ----a-w C:\WINDOWS\system32\drivers\AegisP.sys
2008-01-22 18:10 --------- d-----w C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor
2008-01-22 17:43 --------- d-----w C:\Program Files\Intel
2008-01-22 16:57 --------- d-----w C:\Program Files\microsoft frontpage
2008-01-20 07:07 33,292 ----a-w C:\WINDOWS\system32\drivers\scdemu.sys
2008-01-15 15:54 10,537 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.cat
2008-01-15 11:28 706 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.inf
2008-01-13 00:32 23,904 ----a-w C:\WINDOWS\system32\drivers\COH_Mon.sys
2008-01-04 21:59 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-01-04 21:58 9,464 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-01-04 21:58 9,336 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-01-04 21:58 43,528 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
2008-01-04 21:58 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-01-04 21:58 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-01-04 21:58 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2008-01-04 21:58 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2008-01-04 21:58 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2008-01-04 21:58 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-01-04 21:57 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-01-04 21:57 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-01-04 21:57 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-01-04 21:57 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-01-04 21:57 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2008-01-04 21:57 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-01-04 21:57 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-01-04 21:57 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-01-04 21:57 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-01-04 21:57 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-01-04 21:57 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-01-04 21:57 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-01-04 21:56 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-01-04 21:56 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-12-07 02:21 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-04 18:38 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00 15360]
"Mozilla Thunderbird"="C:\Program Files\Mozilla Thunderbird\thunderbird.exe" [2008-03-01 19:02 8483952]
"TuneUp MemOptimizer"="C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" [2005-09-21 22:34 294912]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 17:43 4670704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-01-22 18:47 84640]
"osCheck"="C:\Program Files\Norton AntiVirus\osCheck.exe" [2008-01-22 18:48 26248]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22 267048]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2008-01-20 01:05 217088]
"gcNotifier"="C:\Documents and Settings\Owner\Local Settings\Application Data\VTShared\GCNotifier.exe" [2008-01-25 13:03 176128]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 17:38 583048]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-02-28 22:40 185896]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 21:01 71216]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 22:17 52256]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 17:34 213936]
"UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ]

C:\Documents and Settings\Owner\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]
MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe [2008-02-03 13:03:01 557568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"zip"= {301d29aa-31a8-4bbb-a691-0d31c15a0bdc} - C:\WINDOWS\Installer\{301d29aa-31a8-4bbb-a691-0d31c15a0bdc}\zip.dll [2008-02-29 03:22 38438]
"VolumeSrv"= {26a30384-1b77-46fa-ae22-a116cf128383} - C:\WINDOWS\Installer\{26a30384-1b77-46fa-ae22-a116cf128383}\VolumeSrv.dll [2008-02-29 03:21 14374]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe
"PRONoMgr.exe"=c:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
"SoundMan"=SOUNDMAN.EXE
"RegDoctor"=C:\Program Files\RegDoctor\RegDoctor.exe -Quick

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=

R3 WUSB54GPV4SRV;Linksys Home Wireless-G USB Adaptor Driver;C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2005-10-17 19:50]
S3 NAL;Nal Service ;C:\WINDOWS\system32\Drivers\iqvw32.sys [2002-10-16 00:11]
S3 UKS11LDR;M-Audio USB Keystation Loader;C:\WINDOWS\system32\drivers\uks11ldr.sys [2008-02-16 12:19]
S3 USBKT1X1;M-Audio USB Keystation;C:\WINDOWS\system32\drivers\usbkt1x1.sys [2008-02-16 12:19]

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-03 02:18:42
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156]
-> C:\WINDOWS\Installer\{301d29aa-31a8-4bbb-a691-0d31c15a0bdc}\zip.dll
-> C:\WINDOWS\Installer\{26a30384-1b77-46fa-ae22-a116cf128383}\VolumeSrv.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv42.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\WINDOWS\system32\cscript.exe
.
**************************************************************************
.
Completion time: 2008-03-03 2:25:23 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-03 08:25:19
.
2008-02-29 09:04:15 --- E O F ---









Please help if needed. Thank you

#3 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,395 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:20 AM

Posted 24 March 2008 - 02:00 PM

I apologize for the very long delay. We have a huge backlog of HijackThis Logs to handle and it has been taking us greater time than normal to get caught up. If you are still having a problem, and want us to analyze your information, please post a brand new hijackthis log. If we do not hear back from you within a couple of days we will need to close your topic.

When posting your logs please post them directly into the reply. Do not attach them.

Thank you for your patience.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users