Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My Combofix Log


  • Please log in to reply
1 reply to this topic

#1 Ananth !

Ananth !

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 19 June 2008 - 02:50 PM

ComboFix 08-06-16.5 - ananth 2008-06-20 0:42:22.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.208 [GMT 5.5:30]
Running from: C:\Documents and Settings\ananth\Desktop\ComboFix.exe
* Created a new restore point
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\as\Application Data\ShoppingReport
C:\Documents and Settings\as\Application Data\ShoppingReport\cs\Config.xml
C:\Documents and Settings\as\Application Data\ShoppingReport\cs\db\Aliases.dbs
C:\Documents and Settings\as\Application Data\ShoppingReport\cs\db\Sites.dbs
C:\Documents and Settings\as\Application Data\ShoppingReport\cs\dwld\WhiteList.xip
C:\Documents and Settings\as\Application Data\ShoppingReport\cs\report\aggr_storage.xml
C:\Documents and Settings\as\Application Data\ShoppingReport\cs\report\send_storage.xml
C:\Documents and Settings\as\Application Data\ShoppingReport\cs\res1\WhiteList.dbs

.
((((((((((((((((((((((((( Files Created from 2008-05-19 to 2008-06-19 )))))))))))))))))))))))))))))))
.

2008-06-19 20:58 . 2001-08-17 13:48 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-06-19 20:58 . 2001-08-17 13:48 12,160 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-06-19 20:58 . 2001-08-17 14:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-06-19 20:58 . 2001-08-17 14:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-06-19 20:09 . 2008-06-19 20:09 <DIR> d-------- C:\Program Files\YAMAHA
2008-06-19 20:09 . 1996-02-06 10:54 4,299,476 --a------ C:\WINDOWS\system32\sxgwave4.tbl
2008-06-19 20:09 . 2002-05-22 08:34 966,784 --a------ C:\WINDOWS\system32\drivers\sxgxgwdm.sys
2008-06-19 20:09 . 2002-07-22 14:17 229,376 --a------ C:\WINDOWS\system32\sxgmacpl.cpl
2008-06-19 20:09 . 2000-04-11 07:41 145,014 --a------ C:\WINDOWS\system32\sxgbin41.tbl
2008-06-19 20:09 . 2002-07-22 16:03 53,248 --a------ C:\WINDOWS\system32\Sxgtkbar.exe
2008-06-19 20:09 . 2002-05-21 17:24 49,152 --a------ C:\WINDOWS\system32\sxgapi32.dll
2008-06-19 20:09 . 2000-07-28 14:08 40,960 --a------ C:\WINDOWS\Reyalp99.dll
2008-06-19 20:09 . 2002-05-20 15:01 108 --a------ C:\WINDOWS\system32\sxgmasys.tbl
2008-06-19 17:45 . 2004-08-03 23:08 10,624 --a------ C:\WINDOWS\system32\drivers\gameenum.sys
2008-06-19 17:45 . 2004-08-03 23:08 10,624 --a--c--- C:\WINDOWS\system32\dllcache\gameenum.sys
2008-06-19 17:44 . 2001-08-17 12:20 334,208 --a------ C:\WINDOWS\system32\drivers\ds1wdm.sys
2008-06-19 17:44 . 2001-08-17 12:20 334,208 --a--c--- C:\WINDOWS\system32\dllcache\ds1wdm.sys
2008-06-19 14:39 . 2004-08-04 12:00 1,392,671 --a------ C:\WINDOWS\system32\MSVBVM60.DLL
2008-06-19 14:39 . 2004-11-13 06:57 1,386,496 --a------ C:\WINDOWS\system32\SETFFE.tmp
2008-06-19 14:39 . 2007-12-05 00:08 550,912 --a------ C:\WINDOWS\system32\OLEAUT32.DLL
2008-06-19 14:39 . 2004-08-04 12:00 83,456 --a------ C:\WINDOWS\system32\OLEPRO32.DLL
2008-06-19 14:39 . 2004-08-04 12:00 65,024 --a------ C:\WINDOWS\system32\ASYCFILT.DLL
2008-06-19 14:39 . 2004-08-04 12:00 17,920 --a------ C:\WINDOWS\system32\STDOLE2.TLB
2008-06-19 14:39 . 2004-08-04 12:00 3,584 --a------ C:\WINDOWS\system32\COMCAT.DLL
2008-06-19 14:36 . 2008-06-19 14:39 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\{CFAB4006-0AE0-414D-866A-DCB2C46553CF}
2008-06-18 21:21 . 2008-06-18 21:21 57,061 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP.dat
2008-06-18 21:21 . 2008-06-18 21:21 28,898 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpowerAMP.bmp
2008-06-18 16:33 . 2008-06-18 16:47 <DIR> d-------- C:\Program Files\pdf995
2008-06-18 16:33 . 2008-06-18 16:33 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\pdf995
2008-06-18 16:33 . 2008-06-18 19:13 249,856 --a------ C:\WINDOWS\system32\pdfmona.dll
2008-06-18 16:33 . 2008-06-18 19:13 51,716 --a------ C:\WINDOWS\system32\pdf995mon.dll
2008-06-18 16:33 . 2008-06-18 19:13 25 --a------ C:\WINDOWS\wpd99.drv
2008-06-18 16:28 . 2008-06-18 16:28 13,312 --a------ C:\WINDOWS\system32\idef.dll
2008-06-18 16:17 . 2008-06-18 16:17 <DIR> d-------- C:\Program Files\ReaSoft
2008-06-18 16:17 . 2008-06-18 16:34 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\ReaSoft
2008-06-18 16:17 . 2008-04-08 16:49 59,904 --a------ C:\WINDOWS\system32\ReaPDFPrinter.cpl
2008-06-17 19:52 . 2006-12-12 02:42 176,235 --a------ C:\WINDOWS\system32\Primomonnt.dll
2008-06-17 19:51 . 2008-06-17 19:51 <DIR> d-------- C:\WINDOWS\PrimoPDF
2008-06-17 19:51 . 2008-06-17 19:51 <DIR> d-------- C:\Program Files\activePDF
2008-06-17 19:07 . 2008-06-17 19:07 <DIR> d-------- C:\WINDOWS\system32\psconv
2008-06-17 19:07 . 2008-06-17 19:07 <DIR> d-------- C:\Program Files\psconvert
2008-06-17 19:07 . 2008-06-17 19:07 <DIR> d-------- C:\Program Files\8848Soft
2008-06-17 19:07 . 2003-04-11 18:28 679,109 --a------ C:\WINDOWS\FONTSDIR.MFD
2008-06-17 19:07 . 2001-10-29 01:42 116,224 --a------ C:\WINDOWS\system32\pdfmonnt.dll
2008-06-17 19:07 . 2008-06-17 19:07 164 --a------ C:\WINDOWS\system32\psconv.ini
2008-06-17 19:05 . 2008-06-18 17:00 <DIR> d-------- C:\Program Files\Foxit Software
2008-06-17 19:04 . 2008-06-17 19:04 <DIR> d-------- C:\Program Files\uTorrent
2008-06-17 19:04 . 2008-06-19 17:15 <DIR> d-------- C:\Documents and Settings\ananth\Application Data\uTorrent
2008-06-17 18:55 . 2008-06-17 18:55 <DIR> dr-h----- C:\Documents and Settings\ananth\Application Data\SecuROM
2008-06-17 18:55 . 2008-06-17 18:55 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-06-17 18:46 . 2008-06-17 18:46 754 --a------ C:\WINDOWS\WORDPAD.INI
2008-06-17 18:37 . 2008-06-17 18:37 <DIR> d-------- C:\Program Files\VeryPDF PDF2Word v3.0
2008-06-17 17:41 . 2008-04-14 16:31 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-17 17:41 . 2008-04-14 16:31 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-17 17:22 . 2005-06-28 10:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-06-17 16:46 . 2008-06-17 16:46 <DIR> d-------- C:\Program Files\Avanquest update
2008-06-17 16:46 . 2008-06-17 16:46 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\BVRP Software
2008-06-17 16:45 . 2008-06-17 16:45 <DIR> d-------- C:\Program Files\Sony Ericsson
2008-06-17 16:45 . 2008-06-17 16:45 <DIR> d-------- C:\Documents and Settings\ananth\Application Data\InstallShield
2008-06-17 16:45 . 2008-06-17 16:45 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sony Ericsson
2008-06-17 15:19 . 2008-06-17 15:19 <DIR> d-------- C:\Program Files\GNU
2008-06-17 11:46 . 2008-06-17 11:46 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo!
2008-06-16 23:24 . 2008-06-19 22:05 <DIR> d-------- C:\Documents and Settings\ananth\Application Data\skypePM
2008-06-16 23:24 . 2008-06-16 23:24 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-06-16 23:19 . 2008-06-16 23:19 <DIR> d-------- C:\Program Files\Skype
2008-06-16 23:19 . 2008-06-20 00:48 <DIR> d-------- C:\Documents and Settings\ananth\Application Data\Skype
2008-06-16 23:19 . 2008-06-16 23:19 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype
2008-06-16 22:15 . 2008-06-16 22:15 <DIR> d-------- C:\Program Files\Google
2008-06-16 22:11 . 2008-06-17 11:41 <DIR> d-------- C:\Program Files\Yahoo!
2008-06-16 20:02 . 2008-06-16 20:02 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-06-16 20:02 . 2008-06-16 20:02 <DIR> d-------- C:\WINDOWS\Profiles
2008-06-16 20:02 . 2008-06-16 20:02 <DIR> d-------- C:\Program Files\D-Link
2008-06-16 20:02 . 2008-06-16 20:02 <DIR> d-------- C:\Documents and Settings\ananth\Application Data\InterTrust
2008-06-16 20:02 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-06-15 22:53 . 2008-06-15 22:52 33,846 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp TTA Codec.bmp
2008-06-15 22:53 . 2008-06-18 21:18 33,846 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Mp2 and BwfMp2 codec.bmp
2008-06-15 22:53 . 2008-06-15 22:53 33,846 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp m4a Utilities.bmp
2008-06-15 22:53 . 2008-06-15 22:53 3,417 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp TTA Codec.dat
2008-06-15 22:53 . 2008-06-15 22:53 3,175 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp m4a Utilities.dat
2008-06-15 22:53 . 2008-06-18 21:18 1,844 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Mp2 and BwfMp2 codec.dat
2008-06-15 22:49 . 2008-06-15 22:49 <DIR> d-------- C:\Program Files\Free WMA to MP3 Converter
2008-06-15 22:46 . 2008-06-19 14:15 <DIR> d-------- C:\Program Files\Free RM to MP3 Converter
2008-06-15 22:46 . 2005-02-27 21:48 356,352 --a------ C:\WINDOWS\system32\RealMediaSplitter.ax
2008-06-15 21:06 . 2004-11-02 06:28 163,840 --a------ C:\WINDOWS\system32\igfxres.dll
2008-06-15 21:04 . 2004-08-04 12:00 28,288 --a--c--- C:\WINDOWS\system32\dllcache\xjis.nls
2008-06-15 21:02 . 2004-08-04 12:00 562,176 --a--c--- C:\WINDOWS\system32\dllcache\fxsst.dll
2008-06-15 21:01 . 2004-08-04 12:00 2,134,528 --a--c--- C:\WINDOWS\system32\dllcache\smtpsnap.dll
2008-06-15 21:00 . 2008-06-15 21:00 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-06-15 21:00 . 2008-06-15 21:00 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-06-15 21:00 . 2008-06-15 21:00 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-06-15 21:00 . 2008-06-15 21:00 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
2008-06-15 21:00 . 2008-06-15 21:00 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-06-15 21:00 . 2008-06-15 21:00 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-06-15 20:43 . 2004-08-04 12:00 13,107,200 --a------ C:\WINDOWS\system32\oembios.bin
2008-06-15 20:31 . 2008-06-15 20:31 <DIR> d-------- C:\Program Files\MSI
2008-06-15 20:31 . 2003-07-14 13:57 143,360 --a------ C:\WINDOWS\system32\IpLib.dll
2008-06-15 20:31 . 2003-09-02 11:25 11,266 --a------ C:\WINDOWS\system32\drivers\diag69xp.sys
2008-06-15 20:31 . 2003-09-17 15:57 8,440 --a------ C:\WINDOWS\system32\drivers\LANPkt.sys
2008-06-15 20:29 . 2008-06-15 20:29 169 --a------ C:\WINDOWS\RtlRack.ini
2008-06-15 20:27 . 2005-03-01 09:31 392,704 --a------ C:\WINDOWS\system32\drivers\senfilt.sys
2008-06-15 20:19 . 2008-06-15 20:19 <DIR> d-------- C:\Program Files\Realtek Sound Manager
2008-06-15 20:19 . 2008-06-15 20:19 <DIR> d-------- C:\Program Files\Intel
2008-06-15 20:19 . 2008-06-15 20:19 <DIR> d-------- C:\Program Files\AvRack
2008-06-15 20:19 . 2004-08-04 00:56 130,048 --a------ C:\WINDOWS\system32\ksproxy.ax
2008-06-15 20:19 . 2004-08-04 00:56 130,048 --a--c--- C:\WINDOWS\system32\dllcache\ksproxy.ax
2008-06-15 20:19 . 2004-08-03 23:07 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2008-06-15 20:19 . 2005-07-15 14:18 40,960 --a------ C:\WINDOWS\system32\ChCfg.exe
2008-06-15 20:19 . 2006-06-14 14:17 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2008-06-15 20:19 . 2004-08-04 00:56 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2008-06-15 20:19 . 2001-07-05 21:49 164 --a------ C:\WINDOWS\avrack.ini
2008-06-15 20:18 . 2008-06-15 20:18 <DIR> d-------- C:\Program Files\Realtek AC97
2008-06-15 20:18 . 2006-04-20 14:31 18,788,352 --a------ C:\WINDOWS\system32\alsndmgr.cpl
2008-06-15 20:18 . 2006-04-20 14:53 10,524,672 --a------ C:\WINDOWS\system32\RTLCPL.exe
2008-06-15 20:18 . 2006-04-21 08:46 3,964,352 --a------ C:\WINDOWS\system32\drivers\alcxwdm.sys
2008-06-15 20:18 . 2006-03-01 13:52 577,536 --a------ C:\WINDOWS\soundman.exe
2008-06-15 20:18 . 2006-03-20 09:18 315,392 --a------ C:\WINDOWS\alcupd.exe
2008-06-15 20:18 . 2005-11-18 08:50 217,088 --a------ C:\WINDOWS\Alcrmv.exe
2008-06-15 20:18 . 2002-02-05 11:24 141,016 --a------ C:\WINDOWS\system32\alsndmgr.wav
2008-06-15 20:18 . 2006-01-10 11:08 135,168 --a------ C:\WINDOWS\system32\RtlCPAPI.dll
2008-06-14 17:25 . 1996-08-19 19:13 132,096 --a------ C:\WINDOWS\system32\RashIcon.dll
2008-06-14 17:25 . 1996-08-19 19:13 41,472 --a------ C:\WINDOWS\system32\RashProp.dll
2008-06-14 17:25 . 1995-06-01 07:11 28,672 --a------ C:\WINDOWS\system32\AWEMan32.dll
2008-06-14 17:24 . 2008-06-14 17:24 <DIR> d-------- C:\Documents and Settings\ananth\WINDOWS
2008-06-14 17:24 . 1996-01-09 10:38 283,648 --a------ C:\WINDOWS\uninst.exe
2008-06-14 11:23 . 2008-06-18 21:18 33,846 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Monkeys Audio Codec.bmp

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-19 14:39 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-16 14:32 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-06-16 14:32 --------- d-----w C:\Program Files\Common Files\Adobe
2008-06-14 04:00 --------- d-----w C:\Program Files\MSN Messenger
2008-06-13 21:45 --------- d-----w C:\Documents and Settings\as\Application Data\uTorrent
2008-06-11 13:16 --------- d-----w C:\Documents and Settings\as\Application Data\MyPhoneExplorer
2008-06-05 12:05 --------- d-----w C:\Documents and Settings\as\Application Data\DMCache
2008-05-18 17:30 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-05-18 17:30 --------- d-----w C:\Program Files\Windows Live Favorites
2008-05-08 13:22 --------- d-----w C:\Documents and Settings\as\Application Data\IDM
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-01 08:01 --------- d-----w C:\Program Files\Common Files\Java
2008-05-01 07:51 --------- d-----w C:\Documents and Settings\as\Application Data\AD ON Multimedia
2008-05-01 07:43 --------- d-----w C:\Documents and Settings\as\Application Data\InstallShield
2008-05-01 06:51 --------- d-----w C:\Documents and Settings\as\Application Data\Winamp
2008-05-01 06:30 --------- d-----w C:\Program Files\Common Files\xing shared
2008-05-01 06:30 --------- d-----w C:\Program Files\Common Files\Real
2008-04-27 19:26 --------- d-----w C:\Documents and Settings\as\Application Data\GRETECH
2008-04-26 15:09 --------- d-----w C:\Documents and Settings\as\Application Data\AccurateRip
2008-04-26 14:57 --------- d-----w C:\Program Files\Common Files\MicroWorld
2008-04-26 07:58 --------- d-----w C:\Documents and Settings\as\Application Data\vlc
2008-04-26 06:46 --------- d-----w C:\Program Files\microsoft frontpage
2008-04-26 06:46 --------- d-----w C:\Documents and Settings\as\Application Data\Microsoft Web Folders
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{28F51CDA-3BD1-4F06-8F7B-2A881411983F}]
2008-06-18 16:28 13312 --a------ C:\WINDOWS\system32\idef.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-05-30 15:54 21718312]
"Messenger (Yahoo!)"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2008-05-27 21:58 4269296]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2007-11-20 15:02 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"="mHotkey.exe" [2003-07-29 11:59 526848 C:\WINDOWS\mHotkey.exe]
"ShowWnd"="ShowWnd.exe" [2003-09-19 09:09 36864 C:\WINDOWS\ShowWnd.exe]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-06-14 10:52 949376]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-11-02 06:33 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-11-02 06:29 126976]
"DiagAP8169"="C:\Program Files\MSI\LAN Utility\DiagAP8169 /hw" [ ]
"SoundMan"="SOUNDMAN.EXE" [2006-03-01 13:52 577536 C:\WINDOWS\soundman.exe]
"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-02 02:52 3739648]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06 40048]
"SxgTkBar"="SxgTkBar.exe" [2002-07-22 16:03 53248 C:\WINDOWS\system32\Sxgtkbar.exe]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-06-19 21:45 185632]

C:\Documents and Settings\ananth\Start Menu\Programs\Startup\
dBpowerAMP.lnk - C:\Program Files\Illustrate\dBpoweramp\Amp.exe [2008-06-18 21:21:11 208958]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Foxit Software\\PDF Editor\\PDFEdit.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 LANPkt;Realtek LANPkt Protocol;C:\WINDOWS\system32\DRIVERS\LANPkt.sys [2003-09-17 15:57]
R3 Diag69xp;Diag69xp;C:\WINDOWS\system32\Drivers\Diag69xp.sys [2003-09-02 11:25]
R3 SOFTXG;YAMAHA XG SoftSynthesizer;C:\WINDOWS\system32\drivers\sxgxgwdm.sys [2002-05-22 08:34]

.
Contents of the 'Scheduled Tasks' folder
"2008-06-19 19:14:04 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-20 00:47:54
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\ESET\nod32krn.exe
C:\Program Files\MSI\LAN Utility\DiagAP8169.exe
C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
.
**************************************************************************
.
Completion time: 2008-06-20 0:50:48 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-19 19:20:37

Pre-Run: 5,627,084,800 bytes free
Post-Run: 5,746,397,184 bytes free

240 --- E O F --- 2008-06-18 21:30:50



Expecting to get a reply soon. 'Cause that Malware "Download the anti-virus NOW" is giving me problems :thumbsup:

BC AdBot (Login to Remove)

 


#2 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:09:34 PM

Posted 12 July 2008 - 08:29 PM

Hello Ananth !

Welcome to BleepingComputer :thumbsup:
========================
If you are still in need of assistance please post a new Hijackthis log.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users