Jump to content

lsmd19

Members
  • Posts

    10
  • Joined

  • Last visited

Reputation

0 Neutral
  1. everything has been done....deleted the files you asked me to delete. i hid all the files and folders again... i restarted my computer and presto......eveyrthing is working !!! Actually, everything is working faster and smooter.... Thank you so much for everything. Do I have to do anything else? If not then thank you again.... You were such a great help....
  2. i can not find these 2 on my laptop... c:\windows\Installer\{2c50c159-fbec-446c-9d73-04d55b8c62a2}\zip.dll c:\windows\Installer\{f4a85fe8-9184-4c5a-a44f-946ddbed1e97}\UnknownService.dll
  3. holy moly..... i didnt read the insructions correctly.....i'll delete all the other files as well....sorry about that...
  4. Hi, I deleted all 3 .exe files.....when i try to uninstall combofix through ComboFix /u the following message appears...windos cannot find combofix......i ran combofix through a flashdrive....could that be why?
  5. i took out everything you asked me to take out...i didnt run winsockfix because you asked me not to when you found out my internet connection came back on...i ran combofix again and came up with this new log......... ComboFix 09-09-01.07 - User 09/02/2009 8:45.2.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.894.583 [GMT -7:00] Running from: E:\com-bofix.exe . ((((((((((((((((((((((((( Files Created from 2009-08-02 to 2009-09-02 ))))))))))))))))))))))))))))))) . 2009-08-30 06:42 . 2009-08-30 06:42 21504 ----a-w- C:\emxtqjit.exe 2009-08-30 06:42 . 2009-08-30 06:42 17920 ----a-w- C:\osps.exe 2009-08-30 06:42 . 2009-08-30 06:42 48640 ----a-w- C:\blyuwrjl.exe 2009-08-15 21:50 . 2009-08-15 21:50 -------- d-----w- c:\program files\ffdshow 2009-08-13 19:20 . 2009-08-13 19:20 -------- d-----w- c:\windows\ServicePackFiles 2009-08-12 16:11 . 2009-06-05 07:42 655872 ------w- c:\windows\system32\dllcache\mstscax.dll 2009-08-09 18:14 . 2009-08-09 18:14 -------- d-----w- c:\documents and settings\User\Incomplete 2009-08-05 09:11 . 2009-08-05 09:11 204800 ------w- c:\windows\system32\dllcache\mswebdvd.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-02 15:31 . 2008-06-20 02:49 -------- d-----w- c:\program files\Common Files\AOL 2009-09-02 15:21 . 2009-02-23 06:07 -------- d-----w- c:\program files\Lavasoft 2009-09-02 15:15 . 2008-01-17 08:00 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2009-09-02 15:09 . 2008-06-20 02:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint 2009-09-01 05:16 . 2004-08-10 18:51 55808 ----a-w- c:\windows\system32\eventlog.dll 2009-08-13 19:22 . 2008-01-22 04:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-08-09 18:14 . 2008-04-03 09:34 -------- d-----w- c:\documents and settings\User\Application Data\LimeWire 2009-08-05 09:11 . 2004-08-10 18:51 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-07-19 21:55 . 2008-02-05 15:23 -------- d-----w- c:\documents and settings\User\Application Data\U3 2009-07-17 18:55 . 2004-08-10 18:50 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-14 06:43 . 2004-08-10 18:51 286208 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-06 18:04 . 2008-01-17 08:04 -------- d-----w- c:\program files\Microsoft Works 2009-06-26 15:59 . 2004-08-10 18:51 668160 ----a-w- c:\windows\system32\wininet.dll 2009-06-26 15:59 . 2004-08-10 18:51 81920 ----a-w- c:\windows\system32\ieencode.dll 2009-06-25 08:17 . 2004-08-10 18:51 59392 ----a-w- c:\windows\system32\wdigest.dll 2009-06-25 08:17 . 2004-08-10 18:51 56320 ----a-w- c:\windows\system32\secur32.dll 2009-06-25 08:17 . 2004-08-10 18:51 168448 ----a-w- c:\windows\system32\schannel.dll 2009-06-25 08:17 . 2004-08-10 18:51 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-06-25 08:17 . 2004-08-10 18:51 729600 ----a-w- c:\windows\system32\lsasrv.dll 2009-06-25 08:17 . 2004-08-10 18:51 301568 ----a-w- c:\windows\system32\kerberos.dll 2009-06-22 11:35 . 2004-08-10 18:51 92544 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2009-06-16 14:55 . 2004-08-10 18:51 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-06-16 14:55 . 2004-08-10 18:51 82432 ----a-w- c:\windows\system32\fontsub.dll 2009-06-12 11:50 . 2004-08-10 18:51 76288 ----a-w- c:\windows\system32\telnet.exe 2009-06-10 14:21 . 2004-08-10 18:50 84992 ----a-w- c:\windows\system32\avifil32.dll 2009-06-10 06:32 . 2004-08-10 18:51 132096 ----a-w- c:\windows\system32\wkssvc.dll 2009-06-05 07:42 . 2004-08-10 19:01 655872 ----a-w- c:\windows\system32\mstscax.dll 2008-04-05 11:38 . 2008-04-05 11:38 36116 ----a-w- c:\program files\instaler.exe 2008-03-27 22:08 . 2008-03-27 22:07 9918872 ----a-w- c:\program files\WMEncoder.exe 2008-04-05 11:38 . 2008-04-05 11:38 23182 --sh--r- c:\windows\Installer\{2c50c159-fbec-446c-9d73-04d55b8c62a2}\zip.dll 2008-04-05 11:37 . 2008-04-05 11:37 14378 --sh--r- c:\windows\Installer\{f4a85fe8-9184-4c5a-a44f-946ddbed1e97}\UnknownService.dll . ((((((((((((((((((((((((((((( SnapShot@2009-09-01_05.38.50 ))))))))))))))))))))))))))))))))))))))))) . + 2004-08-10 18:51 . 2009-09-02 15:28 54478 c:\windows\system32\perfc009.dat + 2009-09-01 05:53 . 2009-09-02 15:11 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-01-22 03:56 . 2009-09-02 15:11 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat - 2008-01-22 03:56 . 2009-09-01 05:05 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat + 2008-01-22 03:56 . 2009-09-02 15:11 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat - 2008-01-22 03:56 . 2009-09-01 05:05 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat + 2004-08-10 18:51 . 2009-09-02 15:28 384834 c:\windows\system32\perfh009.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-10-09 2183168] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-11 39792] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-03 136600] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Dell Network Assistant.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Dell Network Assistant.lnk backup=c:\windows\pss\Dell Network Assistant.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Dell Network Assistant\\ezi_hnm2.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "10421:UDP"= 10421:UDP:SingleClick Discovery Protocol "10426:UDP"= 10426:UDP:SingleClick ICC R0 atiide;atiide;c:\windows\system32\drivers\atiide.sys [1/17/2008 12:33 AM 3456] R2 datunidr;DellAutomatedPCTuneUp UniDriver;c:\windows\system32\drivers\datunidr.sys [8/23/2007 5:29 PM 5376] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?] . Contents of the 'Scheduled Tasks' folder . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ mStart Page = hxxp://www.dell.com uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-09-02 08:48 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(620) c:\windows\system32\Ati2evxx.dll c:\windows\System32\BCMLogon.dll - - - - - - - > 'explorer.exe'(3396) c:\program files\Google\Google Desktop Search\GoogleDesktopCommon.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Completion time: 2009-09-02 8:49 ComboFix-quarantined-files.txt 2009-09-02 15:49 ComboFix2.txt 2009-09-01 05:44 Pre-Run: 109,438,763,008 bytes free Post-Run: 109,408,223,232 bytes free WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect 135 --- E O F --- 2009-08-26 03:24
  6. i cant seem to find adwatch....but i did find ad-aware. are those the same?
  7. I uninstalled mcafee and removed viewpoint media player ( viewpoint media player was the only thing i had in the comp that had the word viewpoint). I rebooted the computer and now i have an internet connection back. all without doing the other steps... should I still follow the steps you mentioned above?
  8. yes, I know i didnt follow the directions completely. my laptop wasnt really letting me do anything. and in safe mode it lagged so much. But I will try everything you suggested...I will post back with the results. thanks
  9. hello everyone, i am new here but i am having a problem with my laptop. after running combofix i can no longer connect to the internet. Combo fix may have deleted something it wasnt supposed to. when i try to repair the connection it say that it cant renew the ip address. A member had a similar problem on this earlier post... http://www.malwarebytes.org/forums/index.php?showtopic=21435 ... his problem was fixed with the help of an admin member. hopefully the same admin member can help me out. Or anyone really. It would be greatly appreciated. this is the combofix log.. ComboFix 09-08-31.03 - User 08/31/2009 22:26.1.2 - NTFSx86 MINIMAL Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.894.604 [GMT -7:00] Running from: E:\com-bofix.exe AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\fyblb.exe C:\LOG3.tmp c:\program files\antiviirus.exe c:\program files\tmp0.exe c:\program files\tmp1.exe c:\program files\tmp2.exe c:\program files\tmp3.exe c:\windows\braviax.exe c:\windows\cru629.dat c:\windows\dwltqnmx.exe c:\windows\fkdnrwsv.dll c:\windows\Installer\cc42255.msp c:\windows\Installer\WMEncoder.msi c:\windows\stfngdvw.dll c:\windows\svpekgontdn.dll c:\windows\sxfnewqb.dll c:\windows\system32\~.exe c:\windows\system32\braviax.exe c:\windows\system32\cru629.dat c:\windows\system32\dllcache\beep.sys c:\windows\system32\drivers\UACqomxnmltqp.sys c:\windows\system32\jalopeya.dll c:\windows\system32\loboseta.dll c:\windows\system32\lulakodu.dll c:\windows\system32\resdll.dll c:\windows\system32\tajf83ikdmf.dll c:\windows\system32\tapi.nfo c:\windows\system32\uacinit.dll c:\windows\system32\UACkdalbwmtaq.dll c:\windows\system32\UACpsbivdmtpq.dll c:\windows\system32\UACqtenebwprr.dll c:\windows\system32\UACwsvkloymws.dll c:\windows\system32\UACwutoijecjb.dat c:\windows\system32\wisdstr.exe c:\windows\system32\wscsvc32.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_UACd.sys -------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226ED} -------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226EE} -------\Service_UACd.sys ((((((((((((((((((((((((( Files Created from 2009-08-01 to 2009-09-01 ))))))))))))))))))))))))))))))) . 2009-08-30 06:42 . 2009-08-30 06:42 21504 ----a-w- C:\emxtqjit.exe 2009-08-30 06:42 . 2009-08-30 06:42 17920 ----a-w- C:\osps.exe 2009-08-30 06:42 . 2009-08-30 06:42 48640 ----a-w- C:\blyuwrjl.exe 2009-08-15 21:50 . 2009-08-15 21:50 -------- d-----w- c:\program files\ffdshow 2009-08-13 19:20 . 2009-08-13 19:20 -------- d-----w- c:\windows\ServicePackFiles 2009-08-12 16:11 . 2009-06-05 07:42 655872 ------w- c:\windows\system32\dllcache\mstscax.dll 2009-08-09 18:14 . 2009-08-09 18:14 -------- d-----w- c:\documents and settings\User\Incomplete 2009-08-05 09:11 . 2009-08-05 09:11 204800 ------w- c:\windows\system32\dllcache\mswebdvd.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-01 05:16 . 2004-08-10 18:51 55808 ----a-w- c:\windows\system32\eventlog.dll 2009-08-13 19:22 . 2008-01-22 04:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-08-09 18:14 . 2008-04-03 09:34 -------- d-----w- c:\documents and settings\User\Application Data\LimeWire 2009-08-05 09:11 . 2004-08-10 18:51 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-07-19 21:55 . 2008-02-05 15:23 -------- d-----w- c:\documents and settings\User\Application Data\U3 2009-07-17 18:55 . 2004-08-10 18:50 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-14 17:15 . 2009-07-06 05:16 25440 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\savapibridge.dll 2009-07-14 06:43 . 2004-08-10 18:51 286208 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-07 05:12 . 2009-07-06 05:15 1630560 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Resources.dll 2009-07-07 05:12 . 2009-07-06 05:15 2353480 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe 2009-07-06 18:04 . 2008-01-17 08:04 -------- d-----w- c:\program files\Microsoft Works 2009-07-06 05:16 . 2009-07-06 05:16 314712 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\threatwork.exe 2009-07-06 05:16 . 2009-07-06 05:16 15688 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lsdelete.exe 2009-07-06 05:16 . 2009-07-06 05:16 169312 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavamessage.dll 2009-07-06 05:16 . 2009-07-06 05:16 348496 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavalicense.dll 2009-06-26 15:59 . 2004-08-10 18:51 668160 ----a-w- c:\windows\system32\wininet.dll 2009-06-26 15:59 . 2004-08-10 18:51 81920 ----a-w- c:\windows\system32\ieencode.dll 2009-06-25 08:17 . 2004-08-10 18:51 59392 ----a-w- c:\windows\system32\wdigest.dll 2009-06-25 08:17 . 2004-08-10 18:51 56320 ----a-w- c:\windows\system32\secur32.dll 2009-06-25 08:17 . 2004-08-10 18:51 168448 ----a-w- c:\windows\system32\schannel.dll 2009-06-25 08:17 . 2004-08-10 18:51 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-06-25 08:17 . 2004-08-10 18:51 729600 ----a-w- c:\windows\system32\lsasrv.dll 2009-06-25 08:17 . 2004-08-10 18:51 301568 ----a-w- c:\windows\system32\kerberos.dll 2009-06-22 11:35 . 2004-08-10 18:51 92544 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2009-06-16 14:55 . 2004-08-10 18:51 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-06-16 14:55 . 2004-08-10 18:51 82432 ----a-w- c:\windows\system32\fontsub.dll 2009-06-12 11:50 . 2004-08-10 18:51 76288 ----a-w- c:\windows\system32\telnet.exe 2009-06-10 14:21 . 2004-08-10 18:50 84992 ----a-w- c:\windows\system32\avifil32.dll 2009-06-10 06:32 . 2004-08-10 18:51 132096 ----a-w- c:\windows\system32\wkssvc.dll 2009-06-05 07:42 . 2004-08-10 19:01 655872 ----a-w- c:\windows\system32\mstscax.dll 2009-06-03 19:27 . 2004-08-10 18:51 1290752 ----a-w- c:\windows\system32\quartz.dll 2008-04-05 11:38 . 2008-04-05 11:38 36116 ----a-w- c:\program files\instaler.exe 2008-03-27 22:08 . 2008-03-27 22:07 9918872 ----a-w- c:\program files\WMEncoder.exe 2008-04-05 11:38 . 2008-04-05 11:38 23182 --sh--r- c:\windows\Installer\{2c50c159-fbec-446c-9d73-04d55b8c62a2}\zip.dll 2008-04-05 11:37 . 2008-04-05 11:37 14378 --sh--r- c:\windows\Installer\{f4a85fe8-9184-4c5a-a44f-946ddbed1e97}\UnknownService.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Aim6"="c:\program files\AIM6\aim6.exe" [2008-06-12 50528] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-10-09 2183168] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784] "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-08-04 582992] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-11 39792] "Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-07-06 520024] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-03 136600] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Dell Network Assistant.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Dell Network Assistant.lnk backup=c:\windows\pss\Dell Network Assistant.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Dell Network Assistant\\ezi_hnm2.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"= "c:\\Program Files\\AIM6\\aim6.exe"= "c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"= "c:\\Program Files\\McAfee\\VirusScan\\mcvsmap.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "10421:UDP"= 10421:UDP:SingleClick Discovery Protocol "10426:UDP"= 10426:UDP:SingleClick ICC R0 atiide;atiide;c:\windows\system32\drivers\atiide.sys [1/17/2008 12:33 AM 3456] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2/22/2009 11:12 PM 64160] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [1/18/2009 2:34 PM 1029456] S2 datunidr;DellAutomatedPCTuneUp UniDriver;c:\windows\system32\drivers\datunidr.sys [8/23/2007 5:29 PM 5376] S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [6/19/2008 7:49 PM 24652] . Contents of the 'Scheduled Tasks' folder 2009-08-11 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 05:15] 2009-07-15 c:\windows\Tasks\McDefragTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2008-01-17 20:32] 2008-01-17 c:\windows\Tasks\McQcTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2008-01-17 20:32] . - - - - ORPHANS REMOVED - - - - URLSearchHooks-HookURL - (no file) URLSearchHooks-Rank - (no file) BHO-{a0ddd57f-7f7a-4159-91ba-149b37c80e81} - c:\windows\system32\lulakodu.dll HKLM-Run-nohahasogo - c:\windows\system32\jalopeya.dll . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ mStart Page = hxxp://www.dell.com uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-08-31 22:38 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(236) c:\windows\system32\Ati2evxx.dll c:\windows\System32\BCMLogon.dll - - - - - - - > 'explorer.exe'(1344) c:\program files\Google\Google Desktop Search\GoogleDesktopCommon.dll . ------------------------ Other Running Processes ------------------------ . c:\progra~1\McAfee\MSC\mcmscsvc.exe c:\windows\system32\wbem\unsecapp.exe c:\progra~1\McAfee.com\Agent\mcagent.exe c:\progra~1\McAfee\MSC\mcuimgr.exe . ************************************************************************** . Completion time: 2009-09-01 22:44 - machine was rebooted ComboFix-quarantined-files.txt 2009-09-01 05:44 Pre-Run: 109,714,997,248 bytes free Post-Run: 110,144,286,720 bytes free 203 --- E O F --- 2009-08-26 03:24
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.