Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

just in time debugging and trojan


  • This topic is locked This topic is locked
2 replies to this topic

#1 unclesqueezers

unclesqueezers

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:48 AM

Posted 22 December 2010 - 10:37 AM

I ran combofix without any help. I had to because I couldnt get to any of my programs or the internet. Here is the log.

ComboFix 10-12-21.04 - JKirby 12/22/2010 9:47.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.180 [GMT -5:00]
Running from: c:\documents and settings\JKirby\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\7.pif
c:\documents and settings\JKirby\Application Data\Adobe\AdobeUpdate .exe
c:\documents and settings\JKirby\Application Data\Adobe\plugs
c:\documents and settings\JKirby\Local Settings\Application Data\{96C8B959-50B8-40D0-810A-FC22356DA43F}
c:\documents and settings\JKirby\Local Settings\Application Data\{96C8B959-50B8-40D0-810A-FC22356DA43F}\chrome.manifest
c:\documents and settings\JKirby\Local Settings\Application Data\{96C8B959-50B8-40D0-810A-FC22356DA43F}\chrome\content\_cfg.js
c:\documents and settings\JKirby\Local Settings\Application Data\{96C8B959-50B8-40D0-810A-FC22356DA43F}\chrome\content\overlay.xul
c:\documents and settings\JKirby\Local Settings\Application Data\{96C8B959-50B8-40D0-810A-FC22356DA43F}\install.rdf
c:\windows\ST6UNST.000
c:\windows\system32\Oeminfo.ini

.
((((((((((((((((((((((((( Files Created from 2010-11-22 to 2010-12-22 )))))))))))))))))))))))))))))))
.

2010-12-21 16:40 . 2010-11-16 17:01 6273872 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9190BB37-9361-488B-BFA1-347C9B05AF8D}\mpengine.dll
2010-12-21 15:42 . 2010-10-19 15:41 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-12-21 15:34 . 2010-12-21 15:34 -------- d-----w- c:\program files\Microsoft Security Client
2010-12-20 21:04 . 2010-12-20 21:04 537600 ----a-w- c:\documents and settings\All Users\Application Data\ohdWQxNjBR.exe
2010-12-17 13:44 . 2010-11-02 15:17 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-17 13:38 . 2010-10-11 14:59 45568 ------w- c:\windows\system32\dllcache\wab.exe
2010-12-01 18:58 . 2010-12-01 18:58 -------- d-----w- c:\program files\IObit
2010-12-01 18:58 . 2010-12-01 18:58 -------- d-----w- c:\documents and settings\JKirby\Application Data\IObit

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
Now, I still have the just in time debugging screen still popping up. How can I disable it?

BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:05:48 AM

Posted 30 December 2010 - 07:47 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:05:48 AM

Posted 04 January 2011 - 08:30 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users