|
| | | New Member
Group: Forum Members
Last Login: 3/27/2008 7:51 PM
Posts: 8, Visits: 14 |
| Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:23:46 PM, on 3/26/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: NormalRunning processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\OEM07Mon.exe
C:\Windows\System32\MediaButtons.exe
C:\Program Files\DELL\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\DELLOSD.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\SetPoint\SetPoint.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [OEM07Mon.exe] C:\Windows\OEM07Mon.exe
O4 - HKLM\..\Run: [MediaButtons] C:\Windows\System32\MediaButtons.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [dscactivate] c:\dell\dsca.exe 3
O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
O4 - HKLM\..\Run: [CCUTRAYICON] "C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [Coal 32] "C:\ProgramData\dartregsregs.t2em0md"
O4 - HKCU\..\Run: [Grey pop cake audio] "C:\ProgramData\EQ STUPID SLOW.0hj1j"
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Trent\AppData\Local\Temp\byvut.dll,#1
O4 - HKCU\..\Run: [Host Process] C:\Users\Trent\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1584324784-2898364789-997048515-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-21-1584324784-2898364789-997048515-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Mcx1')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: SetPoint.lnk = C:\Program Files\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\Dell Network Assistant\hnm_svc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Intel(R) NMSCore (NMSCore) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
O23 - Service: Intel(R) Quality Manager (QualityManager) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
O23 - Service: RelevantKnowledge - RelevantKnowledge - C:\Windows\system32\rlservice.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe --
End of file - 13955 bytes
|
| |
| | | New Member
Group: Forum Members
Last Login: 3/27/2008 7:51 PM
Posts: 8, Visits: 14 |
| | that is my log, please tell me how to fix the problem |
| |
| | | 
Senior Forum Moderator
Group: Moderators
Last Login: Today @ 7:46 AM
Posts: 27,525, Visits: 54,327 |
| Please disable UAC [User Account Control].
1. Click Start and then click the picture at the top of the right column on the Start menu,this opens the User Accounts Control Panel.
2. Click Turn User Account Control on or off,you will have to respond to a UAC prompt to complete this action.
3. Clear the Use User Account Control (UAC) to help protect your computer check box and click OK.
4. Click Restart Now when prompted,after your computer restarts,UAC will be off.
You can repeat these steps to re-enable UAC,just click to select the check box in Step 3 when we've finished.
Download Deljob.exe and save it on your desktop.
Double click on Deljob.exe.
A log,(logit.txt) should open afterwards.
This log will be present on your desktop.
Post the contents of the logfile into your next reply.
Download Combofix by sUBs and save to your desktop.
Alternative Combofix download link HERE.
Note
It is important that it is saved directly to your desktop
Now close any open browsers.
Double click on Combofix.exe and follow the prompts.
When it's finished it will produce a log.
Post the entire contents of C:\ComboFix.txt into your next reply.
Note
Do not mouseclick combofix's window or do anything else on your pc while it's running.
That may cause the program/system to freeze/hang.
Do NOT post the ComboFix-quarantined-files.txt unless I ask.
Note
In case your Antivirus or any other realtime scanner is displaying an alert after you downloaded Combofix or while you use Combofix,please disable your scanner and redownload Combofix again.
Some scanners may see some combofix related components as suspicious and block or delete them while there's nothing wrong with them.
__________________________________________________
Proud Member of ASAP (Alliance of Security Analysis Professionals).
Proud Member of U-N-I-T-E (Unified Network of Instructors and Trusted Eliminators).
Malware Complaints
 
|
| |
| | | New Member
Group: Forum Members
Last Login: 3/27/2008 7:51 PM
Posts: 8, Visits: 14 |
| --------------------------------------------------------
No LOP job-files found
--------------------------------------------------------
Files in Windows Tasks folder
Norton Internet Security - Run Full System Scan - Trent.job
--------------------------------------------------------
Export App Data folders
--------------------------------------------------------
Volume in drive C is OS
Volume Serial Number is CCB8-7A85 Directory of C:\ProgramData 03/14/2008 07:00 PM <DIR> 2ACA5C~1 2ACA5CC3-0F83-453D-A079-1076FE1A8B65
12/03/2007 07:11 PM <DIR> Adobe
12/25/2007 02:11 PM <DIR> AOL
12/25/2007 02:14 PM <DIR> AOLOCP~1 AOL OCP
12/27/2007 05:39 PM <DIR> Apple
12/27/2007 06:58 PM <DIR> APPLEC~1 Apple Computer
12/25/2007 12:21 PM <DIR> ATI
03/23/2008 04:26 PM 24,592 DARTRE~1.F3S dartregsregs.f3sgf
03/23/2008 04:26 PM 245,776 DARTRE~1.T2E dartregsregs.t2em0md
03/23/2008 04:27 PM 188,432 EQSTUP~1.0HJ EQ STUPID SLOW.0hj1j
03/23/2008 04:27 PM <DIR> FLAWBI~1 Flaw bits
12/03/2007 07:09 PM <DIR> Google
03/26/2008 05:16 PM <DIR> Grisoft
12/03/2007 07:08 PM <DIR> Gtek
12/03/2007 06:58 PM <DIR> INSTAL~1 InstallShield
12/03/2007 07:08 PM <DIR> Intel
12/03/2007 06:56 PM <DIR> Logitech
03/13/2008 02:58 PM <DIR> MICROS~2 Microsoft Help
03/23/2008 04:27 PM <DIR> PARTHI~1 Part Hide Grey Pop
12/03/2007 07:47 PM <DIR> Roxio
03/14/2008 07:13 PM <DIR> SeekmoSA
12/03/2007 07:00 PM <DIR> SINGLE~1 SingleClick Systems
12/03/2007 06:58 PM <DIR> Sonic
12/03/2007 07:07 PM <DIR> SUPPOR~1 SupportSoft
03/24/2008 06:59 PM <DIR> Symantec
12/26/2007 06:20 PM <DIR> TEMP
12/25/2007 02:11 PM <DIR> VIEWPO~1 Viewpoint
12/03/2007 07:07 PM <DIR> YAHOO
3 File(s) 458,800 bytes
25 Dir(s) 216,735,891,456 bytes free
--------------------------------------------------------
All User Accounts
--------------------------------------------------------
All Users
Mcx1
Public
Trent
--------------------------------------------------------
this is deljob log, will get the other up in a minute |
| |
| | |
Senior Forum Moderator
Group: Moderators
Last Login: Today @ 7:46 AM
Posts: 27,525, Visits: 54,327 |
| Post the entire contents of C:\ComboFix.txt into your next reply when you're ready please.
__________________________________________________
Proud Member of ASAP (Alliance of Security Analysis Professionals).
Proud Member of U-N-I-T-E (Unified Network of Instructors and Trusted Eliminators).
Malware Complaints
|
| |
| | | New Member
Group: Forum Members
Last Login: 3/27/2008 7:51 PM
Posts: 8, Visits: 14 |
| ComboFix 08-03-25.4 - Trent 2008-03-26 20:18:47.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1097 [GMT -4:00]
Running from: C:\Users\Trent\Downloads\ComboFix.exe
* Created a new restore point
.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
. C:\Program Files\Video Add-on
C:\ProgramData\SeekmoSA
C:\ProgramData\SeekmoSA\SeekmoSA.dat
C:\ProgramData\SeekmoSA\SeekmoSA_kyf.dat
C:\ProgramData\SeekmoSA\SeekmoSAAbout.mht
C:\ProgramData\SeekmoSA\SeekmoSAau.dat
C:\ProgramData\SeekmoSA\SeekmoSAEULA.mht
C:\Users\Trent\AppData\Roaming\Seekmo
C:\Users\Trent\AppData\Roaming\urlredir.cfg
C:\Windows\system32\qomno.dll .
((((((((((((((((((((((((( Files Created from 2008-02-27 to 2008-03-27 )))))))))))))))))))))))))))))))
. 2008-03-26 17:16 . 2008-03-26 17:16 <DIR> d-------- C:\Users\Trent\AppData\Roaming\Grisoft
2008-03-26 17:16 . 2008-03-26 17:16 <DIR> d-------- C:\Users\All Users\Grisoft
2008-03-26 17:16 . 2008-03-26 17:16 <DIR> d-------- C:\ProgramData\Grisoft
2008-03-26 17:16 . 2007-05-30 08:10 10,872 --a------ C:\Windows\System32\drivers\AvgAsCln.sys
2008-03-26 16:53 . 2008-03-26 16:53 <DIR> d-------- C:\Program Files\Trend Micro
2008-03-25 08:15 . 2008-03-25 08:27 <DIR> d--hs---- C:\Users\Trent\!
2008-03-25 08:15 . 2008-03-25 08:15 3,545,428 --------- C:\Users\Trent\x1.dat
2008-03-25 08:14 . 2008-03-25 08:14 61,952 --a------ C:\Users\Trent\winlogon.exe
2008-03-24 21:33 . 2008-03-24 21:33 <DIR> d-------- C:\Program Files\Xvid
2008-03-24 21:33 . 2007-06-28 18:52 765,952 --a------ C:\Windows\System32\xvidcore.dll
2008-03-24 21:33 . 2007-06-28 18:54 180,224 --a------ C:\Windows\System32\xvidvfw.dll
2008-03-24 21:33 . 2007-06-28 18:55 77,824 --a------ C:\Windows\System32\xvid.ax
2008-03-23 16:27 . 2008-03-23 16:27 <DIR> d-------- C:\Users\All Users\Part Hide Grey Pop
2008-03-23 16:27 . 2008-03-23 16:27 <DIR> d-------- C:\ProgramData\Part Hide Grey Pop
2008-03-23 16:26 . 2008-03-23 16:27 <DIR> d-------- C:\Users\All Users\Flaw bits
2008-03-23 16:26 . 2008-03-23 16:27 <DIR> d-------- C:\ProgramData\Flaw bits
2008-03-14 19:16 . 2008-03-14 19:16 <DIR> d-------- C:\Windows\Sun
2008-03-14 19:16 . 2008-03-14 19:16 <DIR> d-------- C:\Windows\.jagex_cache_32
2008-03-14 19:00 . 2008-03-14 19:00 <DIR> d-------- C:\Users\All Users\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
2008-03-14 19:00 . 2008-03-14 19:00 <DIR> d-------- C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
2008-03-12 14:59 . 2007-12-16 18:50 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
2008-03-12 14:59 . 2007-12-16 05:56 41,984 --a------ C:\Windows\System32\drivers\monitor.sys
2008-03-07 13:40 . 2008-03-07 13:40 13,035 --a------ C:\Windows\System32\drivers\SymRedir.cat
2008-03-07 13:40 . 2008-03-07 13:40 1,358 --a------ C:\Windows\System32\drivers\SymRedir.inf
2008-03-07 13:39 . 2008-03-07 13:39 191,536 --a------ C:\Windows\System32\drivers\symtdi.sys
2008-03-07 13:39 . 2008-03-07 13:39 145,968 --a------ C:\Windows\System32\drivers\symfw.sys
2008-03-07 13:39 . 2008-03-07 13:39 39,984 --a------ C:\Windows\System32\drivers\symids.sys
2008-03-07 13:39 . 2008-03-07 13:39 37,936 --a------ C:\Windows\System32\drivers\symndisv.sys
2008-03-07 13:39 . 2008-03-07 13:39 27,696 --a------ C:\Windows\System32\drivers\symredrv.sys
2008-03-07 13:39 . 2008-03-07 13:39 12,848 --a------ C:\Windows\System32\drivers\symdns.sys
2008-03-04 06:53 . 2008-03-26 20:24 54,156 --ah----- C:\Windows\QTFont.qfn
2008-03-04 06:53 . 2008-03-04 06:53 1,409 --a------ C:\Windows\QTFont.for
2008-03-04 06:52 . 2008-03-04 06:52 <DIR> d-------- C:\Program Files\iTunes
2008-03-04 06:52 . 2008-03-04 06:52 <DIR> d-------- C:\Program Files\iPod .
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-24 22:59 --------- d-----w C:\ProgramData\Symantec
2008-03-14 00:04 --------- d-----w C:\Program Files\Windows Mail
2008-03-13 18:58 --------- d-----w C:\ProgramData\Microsoft Help
2008-03-11 03:17 --------- d-----w C:\Program Files\Norton Internet Security
2008-03-11 03:17 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-07 20:46 --------- d-----w C:\Program Files\Java
2008-03-07 01:32 706 ----a-w C:\Windows\system32\drivers\COH_Mon.inf
2008-03-07 01:32 23,904 ----a-w C:\Windows\system32\drivers\COH_Mon.sys
2008-03-07 01:32 10,537 ----a-w C:\Windows\system32\drivers\COH_Mon.cat
2008-02-16 02:09 --------- d-----w C:\Program Files\DELL
2008-02-13 22:07 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-13 22:07 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-13 22:04 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-13 22:04 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-13 22:04 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-13 22:03 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-13 22:03 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-13 22:03 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 22:03 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-13 22:03 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-13 22:03 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-13 22:03 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-13 22:03 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-13 22:03 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-13 22:03 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-13 22:03 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-13 22:00 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-13 22:00 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-13 22:00 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-13 22:00 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-12 20:35 --------- d-----w C |
| |
|
