Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Task manager disabled, regedit disabled, and right clicking folders crashes explorer.exe


  • This topic is locked This topic is locked
1 reply to this topic

#1 somedumbgamer

somedumbgamer

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:51 AM

Posted 24 May 2009 - 05:36 PM

I've been searching all over the interwebs and have found several tips on how to fix the task manager and regedit, but nothing has worked so far. I CAN enable them, but they just get disabled again after a few seconds. I've had this problem for a few months now. I'm not sure how it started, because I was away at college, and then I came back to my PC being all messed up.

More recently, I came back home again yesterday, and now, right-clicking folders CRASHES MY COMPUTER! What the hell! I searched Google and found a few webpages about the problem but haven't really found anything that seems... relevant. One site talks about DivX, another talks about some windows update... I dunno. I haven't really tried to fix this problem yet, but I'm sure it's unrelated to my other ones. Besides, it doesn't seem like I can fix it without regedit and my task manager anyway.

Someone on another forum told me to run ComboFix so I did, but I dunno what to do with the info it searched up, so I'll just post it here.

ComboFix 09-05-24.01 - Jefferson Lam 05/24/2009 13:39.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1537 [GMT -7:00]
Running from: c:\documents and settings\Jefferson Lam\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\IE4 Error Log.txt
c:\windows\system32\bszip.dll

.
((((((((((((((((((((((((( Files Created from 2009-04-24 to 2009-05-24 )))))))))))))))))))))))))))))))
.

2009-05-05 20:32 . 2009-05-05 20:32 381272 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\threatwork.exe
2009-05-05 20:32 . 2009-05-05 20:32 85320 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lsdelete.exe
2009-05-04 20:34 . 2009-05-04 20:34 2406728 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2009-04-27 20:36 . 2009-04-27 20:36 343888 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavalicense.dll
2009-04-27 20:36 . 2009-04-27 20:36 25440 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\savapibridge.dll
2009-04-27 20:36 . 2009-04-27 20:36 165728 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavamessage.dll
2009-04-27 20:36 . 2009-04-27 20:36 82784 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\ShellExt.dll
2009-04-27 20:36 . 2009-04-27 20:36 289632 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\UpdateManager.dll
2009-04-27 20:36 . 2009-04-27 20:36 1629024 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Resources.dll
2009-04-27 20:35 . 2009-04-27 20:35 212848 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\RPAPI.dll
2009-04-27 20:35 . 2009-04-27 20:35 64160 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\32\lbd.sys
2009-04-27 20:35 . 2009-04-27 20:35 40288 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\PrivacyClean.dll
2009-04-27 20:35 . 2009-04-27 20:35 632680 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\CEAPI.dll
2009-04-27 20:35 . 2009-04-27 20:35 552808 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2009-04-27 20:35 . 2009-04-27 20:35 539512 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2009-04-27 20:35 . 2009-04-27 20:35 626000 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWWSC.exe
2009-04-27 20:35 . 2009-04-27 20:35 516440 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe
2009-04-27 20:35 . 2009-04-27 20:35 1026896 ----a-w c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-24 18:03 . 2005-12-25 04:30 -------- d-----w c:\program files\Steam
2009-04-30 06:36 . 2007-09-20 21:39 -------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-04-27 20:35 . 2009-03-24 20:32 64160 ----a-w c:\windows\system32\drivers\Lbd.sys
2009-03-25 05:20 . 2009-03-25 05:20 10134 ----a-r c:\documents and settings\Jefferson Lam\Application Data\Microsoft\Installer\{3101CB58-3482-4D21-AF1A-7057FC935355}\ARPPRODUCTICON.exe
2009-03-12 08:17 . 2009-03-24 20:31 2902048 -c--a-w c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe
2009-03-09 19:06 . 2009-03-24 20:39 15688 ----a-w c:\windows\system32\lsdelete.exe
2009-03-06 14:44 . 2005-08-16 10:18 283648 ----a-w c:\windows\system32\pdh.dll
2001-04-19 06:45 . 2005-12-26 02:37 975872 ----a-w c:\program files\oC11b68.exe
2007-09-29 23:34 . 2007-09-29 23:34 135680 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2007-06-01 07:22 . 2005-12-24 23:23 61038 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2007-06-01 07:22 . 2005-12-24 23:23 49256 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2007-06-01 07:22 . 2005-12-24 23:23 166000 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
1999-07-07 00:00 . 1999-07-07 00:00 6 --sh--r c:\windows\@@desktop.dat
2008-01-30 05:21 . 2005-12-26 23:14 56 --sh--r c:\windows\system32\929F76A152.sys
2008-01-30 05:21 . 2005-12-26 23:14 3558 --sha-w c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-06 413696]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-10 44032]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-23 197960]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-04-27 516440]
"RRT-Auto"="c:\documents and settings\Jefferson Lam\Desktop\RRT\RRT.exe" [2009-03-17 226304]
"VF0060 STISvc"="V0060Pin.dll" - c:\windows\system32\V0060Pin.dll [2004-11-01 36864]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2008-10-10 139264]

c:\documents and settings\Jefferson Lam\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-3-24 883216]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-11-07 23:41 72208 ----a-w c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave"= serwvdrv.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
"DellSupport"="c:\progra~1\DELLSU~1\DSAgnt.exe" /startup
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" -lang 1033
"AtiTrayTools"="c:\program files\Ray Adams\ATI Tray Tools\atitray.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RealTray"=c:\program files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
"MimBoot"=c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" -lang 1033
"SunJavaUpdateSched"=c:\program files\Java\jre1.5.0_06\bin\jusched.exe
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"ehTray"=c:\windows\ehome\ehtray.exe
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
"Openwares LiveUpdate"=c:\program files\LiveUpdate\LiveUpdate.exe
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Steam\\SteamApps\\somedumbgamer\\half-life\\hl.exe"=
"c:\\Program Files\\Steam\\SteamApps\\somedumbgamer\\team fortress classic\\hl.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Soulseek-Test\\slsk.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\GameSpy\\Comrade\\Comrade.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\dla\\tfswctrl.exe"=
"c:\\WINDOWS\\KHALMNPR.EXE"=
"c:\\Program Files\\Logitech\\SetPoint\\LULnchr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"e:\\Program Files\\Last.fm\\LastFM.exe"=
"c:\\Program Files\\Rainlendar\\Rainlendar.exe"=
"c:\\WINDOWS\\system32\\wuauclt.exe"=
"e:\\Program Files\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Updater5\\AdobeUpdater.exe"=
"c:\\Program Files\\AIM6\\aolsoftware.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\doom 2\\doom2.bat"=
"c:\\Program Files\\Logitech\\SetPoint\\SetPoint.exe"=
"c:\\Program Files\\AIM6\\anotify.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\oddworld abes oddysee\\AbeWin.exe"=
"c:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"=
"c:\\Program Files\\Lavasoft\\Ad-Aware\\AAWService.exe"=
"c:\\Program Files\\Apple Software Update\\SoftwareUpdate.exe"=
"c:\\Program Files\\Common Files\\Logishrd\\KHAL2\\KHALMNPR.EXE"=
"c:\\Program Files\\Steam\\SteamApps\\common\\left 4 dead\\left4dead.exe"=
"c:\\WINDOWS\\system32\\drwtsn32.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [3/24/2009 1:32 PM 64160]
R1 atitray;atitray;c:\program files\Ray Adams\ATI Tray Tools\atitray.sys [9/27/2006 2:47 AM 13952]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [7/1/2008 9:04 AM 34312]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [3/9/2009 12:06 PM 953168]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [12/20/2006 6:38 PM 3712]
R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2/10/2007 6:29 AM 29178224]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [10/28/2007 2:02 PM 24652]
R3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\ilkgmm.sys --> c:\windows\system32\drivers\ilkgmm.sys [?]
S2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [7/1/2008 9:02 AM 468224]
S3 V0060VID;Creative WebCam Live! Ultra;c:\windows\system32\drivers\V0060Vid.sys [12/24/2005 3:50 PM 196409]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2009-05-16 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2006-12-20 13:51]

2009-05-12 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 20:35]

2009-05-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34]
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-procexp90.Sys


.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
Trusted Zone: aol.com\free
Trusted Zone: musicmatch.com\online
FF - ProfilePath - c:\documents and settings\Jefferson Lam\Application Data\Mozilla\Firefox\Profiles\979jd4xm.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=en
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("signon.prefillForms", true);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-24 13:45
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2574013493-1033100342-2010041444-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-2574013493-1033100342-2010041444-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:9a,61,66,92,93,e6,16,f4,17,ac,cd,0c,32,41,0b,12,9d,2b,c5,35,ad,c2,0d,
3f,1a,ad,c3,6d,1d,94,93,b8,40,b2,a9,a2,26,e4,84,8a,9b,57,5a,fa,d3,8c,39,1b,\
"??"=hex:cf,55,c7,95,2b,14,4d,f8,66,7b,0c,1b,19,52,fe,22
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(776)
c:\windows\system32\Ati2evxx.dll
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
c:\program files\common files\logitech\bluetooth\LBTServ.dll

- - - - - - - > 'explorer.exe'(3508)
c:\program files\Logitech\SetPoint\lgscroll.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
e:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CTSVCCDA.EXE
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2009-05-24 13:55 - machine was rebooted
ComboFix-quarantined-files.txt 2009-05-24 20:55

Pre-Run: 13,771,259,904 bytes free
Post-Run: 13,744,615,424 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect /TUTag=2V9PA9 /Kernel=TUKernel.exe
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition (TuneUp Backup)" /noexecute=optin /fastdetect /TUTag=2V9PA9-BAK

274 --- E O F --- 2009-05-13 19:04


Heeeeelp! I'm dying without any of these functions ;_;

Edited by somedumbgamer, 24 May 2009 - 05:43 PM.


BC AdBot (Login to Remove)

 


#2 Guest_The weatherman_*

Guest_The weatherman_*

  • Guests
  • OFFLINE
  •  

Posted 24 May 2009 - 06:20 PM

Hello somedumbgamer,

Please note the message text in blue at the top of the Am I infected? What do I do? forum.

ComboFix logs should not to be posted outside the HijackThis forums and then only when requested by a HJT Team member. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

Please create a new topic explaining the nature of your problem in the Am I infected? What do I do? forum. Describe pop-ups and system tray or desktop icons that have appeared. Explain what is "going wrong" with your computer. Note any tools you have used and their respective results.

If needed, we will direct you to our HJT Preparation Guide.

Thank you for using BleepingComputer as your malware removal source.

This topic is now closed. If you have any questions, please PM me or another Moderator.

Regards,

The weatherman




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users