Bullguard Antivirus Forum Download A Free Copy Of Bullguard Antivirus Software
Free Antivirus Forum - Learn about antivirus, firewalls and personal security Free Antivirus Forum - Learn about antivirus, firewalls and personal security
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Logz pls
   
BullGuard Antivirus Forum > Virus Removal > Removal Help > Logz pls  
Forum Quick Jump
 
New Topic Post reply to : Logz pls Printable version of : Logz pls
[ << Previous Thread | Next Thread >> ]

drops123
New Member


Date Joined Aug 2007
Total Posts : 10
  		   Posted 2-25-2008 2:06 (GMT +1)    Quote: Logz plsAlert an admin about: Logz pls
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:53:07 PM, on 2/24/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\WINDOWS\System32\nvraidservice.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\vVX3000.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Microsoft LifeCam\MSCamSvc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\valve\steam\steam.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Linksys Wireless-G Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G Wireless Network Monitor\WMP54GS.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wbem\unsecapp.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\BitComet\BitComet.exe
C:\Documents and Settings\default\Desktop\HJT\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/b/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\System32\nvraidservice.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [Steam] "c:\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by107fd.bay107.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1100648429842
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: WMP54GSSVC - GEMTEKS - C:\Program Files\Linksys Wireless-G Wireless Network Monitor\WLService.exe
 
 
ComboFix 08-02-25.2 - default 2008-02-24 17:44:04.1 - NTFSx86
Running from: C:\Documents and Settings\default\Desktop\ComboFix.exe
 * Created a new restore point
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\Fonts\acrsecB.fon
C:\WINDOWS\Fonts\acrsecI.fon
C:\WINDOWS\smdat32a.sys
C:\WINDOWS\smdat32m.sys
.
(((((((((((((((((((((((((   Files Created from 2008-01-25 to 2008-02-25  )))))))))))))))))))))))))))))))
.
2008-02-21 18:27 . 2008-02-21 18:27 <DIR> d-------- C:\Program Files\GoldWave
2008-02-11 02:21 . 2008-02-23 08:05 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-02-11 02:21 . 2008-02-11 02:21 1,409 --a------ C:\WINDOWS\QTFont.for
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-25 00:17 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-02-24 21:30 --------- d-----w C:\Program Files\mIRC
2008-02-24 20:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
2008-02-11 11:25 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-02-11 11:25 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-02-11 08:34 --------- d-----w C:\Program Files\BitComet
2008-02-06 09:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-22 04:22 17,801 ----a-w C:\WINDOWS\system32\drivers\AegisP.sys
2008-01-22 04:21 --------- d-----w C:\Program Files\Linksys Wireless-G Wireless Network Monitor
2007-12-14 04:38 131,072 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe
2007-12-11 22:34 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-12-11 22:34 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-12-07 01:07 659,456 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-04 18:38 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-11-08 05:42 22,328 ----a-w C:\Documents and Settings\default\Application Data\PnkBstrK.sys
2005-03-21 10:51 56 --sh--r C:\WINDOWS\system32\7338A4FF9B.sys
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\valve\steam\steam.exe" [2007-11-29 18:35 1266936]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 20:05 204288]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2004-11-22 08:18 307200]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 13:06 1318912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVRaidService"="C:\WINDOWS\System32\nvraidservice.exe" [2004-01-12 21:36 83456]
"SoundMan"="SOUNDMAN.EXE" [2004-05-14 00:47 67072 C:\WINDOWS\SOUNDMAN.EXE]
"NeroCheck"="C:\WINDOWS\System32\\NeroCheck.exe" [2001-07-09 03:50 155648]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 00:00 90112]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe" [2005-06-03 02:52 36975]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-23 08:58 579072]
"LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe" [2006-06-29 16:54 269104]
"VX3000"="C:\WINDOWS\vVX3000.exe" [2006-06-29 16:55 707376]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 10:12 90112]
"CTSysVol"="C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe" [2003-09-17 10:43 57344]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-04-21 21:10 335872]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 09:54 282624]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-03-14 18:05 257088]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-24 00:06 487424]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-12-18 04:06 185896]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-24 07:58 219136]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06 29696]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 13:05:56 65588]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Valve\\Steam\\Steam.exe"=
"C:\\Valve\\Steam\\SteamApps\\mattd33\\condition zero\\hl.exe"=
"C:\\Valve\\Steam\\SteamApps\\mattd33\\counter-strike\\hl.exe"=
"C:\\Valve\\Steam\\SteamApps\\mattd33\\counter-strike source\\hl2.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\rundll32.exe"=
"C:\\Valve\\Steam\\SteamApps\\mattd33\\half-life 2 deathmatch\\hl2.exe"=
"C:\\Program Files\\mIRC\\mirc.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\WINDOWS\\system32\\rtcshare.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Valve\\Steam\\steamapps\\mattd33\\team fortress 2\\hl2.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard downloader
"6112:TCP"= 6112:TCP:blizzard downloader
"24502:TCP"= 24502:TCP:BitComet 24502 TCP
"24502:UDP"= 24502:UDP:BitComet 24502 UDP
R0 iteraid;ITERAID_Service_Install;C:\WINDOWS\system32\DRIVERS\iteraid.sys [2004-10-29 11:21]
R0 SI3112r;Silicon Image SiI 3512 SATARaid Controller;C:\WINDOWS\system32\DRIVERS\SI3112r.sys [2004-08-27 16:18]
R2 MSCamSvc;MSCamSvc;"C:\Program Files\Microsoft LifeCam\MSCamSvc.exe" [2006-06-29 16:54]
S3 SE31bus;Sony Ericsson Device 049 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\SE31bus.sys [2006-11-10 08:45]
S3 SE31mdfl;Sony Ericsson Device 049 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\SE31mdfl.sys [2006-11-10 08:45]
S3 SE31mdm;Sony Ericsson Device 049 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\SE31mdm.sys [2006-11-10 08:45]
S3 SE31mgmt;Sony Ericsson Device 049 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\SE31mgmt.sys [2006-11-10 08:45]
S3 se31nd5;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (NDIS);C:\WINDOWS\system32\DRIVERS\se31nd5.sys [2006-11-10 08:46]
S3 SE31obex;Sony Ericsson Device 049 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\SE31obex.sys [2006-11-10 08:46]
S3 se31unic;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (WDM);C:\WINDOWS\system32\DRIVERS\se31unic.sys [2006-11-10 08:46]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\start.exe
.
Contents of the 'Scheduled Tasks' folder
"2008-02-19 02:40:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-24 17:47:16
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-02-24 17:48:00
ComboFix-quarantined-files.txt  2008-02-25 00:47:43
.
2008-02-24 01:27:23 --- E O F --- 
Back to Top
 

drops123
New Member


Date Joined Aug 2007
Total Posts : 10
  		   Posted 2-25-2008 11:49 (GMT +1)    Quote: Logz plsAlert an admin about: Logz pls
forgot this

CLEANING COMPLETE - (2.040 secs)
------------------------------------------------------------------------------------------
5.78MB removed.
------------------------------------------------------------------------------------------

Details of files deleted
------------------------------------------------------------------------------------------
IE Temporary Internet Files (288 files) 1.52MB
C:\Documents and Settings\default\Cookies\default@mymrc.txt 67 bytes
C:\Documents and Settings\default\Cookies\default@atcomet.txt 432 bytes
C:\Documents and Settings\default\Cookies\default@youtube.txt 685 bytes
C:\Documents and Settings\default\Cookies\default@tribalfusion.txt 243 bytes
C:\Documents and Settings\default\Cookies\default@google.txt 131 bytes
C:\Documents and Settings\default\Cookies\default@atdmt.txt 98 bytes
C:\Documents and Settings\default\Cookies\default@abmr.txt 258 bytes
C:\Documents and Settings\default\Cookies\default@www.bullguard.txt 1.15KB
C:\Documents and Settings\default\Cookies\default@forums.caleague.txt 661 bytes
C:\Documents and Settings\default\Cookies\default@casalemedia.txt 616 bytes
C:\Documents and Settings\default\Cookies\default@recaptcha.txt 118 bytes
C:\Documents and Settings\default\Cookies\default@cevo.txt 326 bytes
C:\Documents and Settings\default\Cookies\default@caleague.txt 98 bytes
C:\Documents and Settings\default\Cookies\default@yahoo.txt 166 bytes
C:\Documents and Settings\default\Cookies\default@facebook.txt 665 bytes
C:\Documents and Settings\default\Cookies\default@www.caleague.txt 103 bytes
C:\Documents and Settings\default\Cookies\default@login.facebook.txt 90 bytes
C:\Documents and Settings\default\Cookies\default@ads.newworld.txt 102 bytes
C:\Documents and Settings\default\Cookies\default@www.legitproof.txt 255 bytes
C:\Documents and Settings\default\Cookies\default@indextools.txt 889 bytes
C:\Documents and Settings\default\Cookies\default@advertising.txt 456 bytes
C:\Documents and Settings\default\Cookies\default@www.sourceradio.txt 356 bytes
C:\Documents and Settings\default\Cookies\default@sourceradio.txt 385 bytes
C:\Documents and Settings\default\Cookies\default@doubleclick.txt 83 bytes
C:\Documents and Settings\default\Local Settings\History\History.IE5\MSHist012008022420080225\index.dat 48.00KB
C:\WINDOWS\TEMP\netfxsl.log 14.55KB
C:\WINDOWS\TEMP\WGAErrLog.txt 255 bytes
C:\WINDOWS\system32\wbem\Logs\wbemess.log 1.14KB
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\drwtsn32.log 0.33MB
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp 68.51KB
Removed Cookie: indextools.com
Removed Cookie: www.bullguard.com
Removed Cookie: google.ca
Removed Cookie: google.com
Removed Cookie: piriform.com
Removed Cookie: postsecret.blogspot.com
Removed Cookie: statcounter.com
Removed Cookie: ad.yieldmanager.com
Removed Cookie: imagechan.com
Removed Cookie: yahoo.com
C:\Documents and Settings\default\Application Data\Mozilla\Firefox\Profiles\5mdn84nb.default\downloads.rdf 1,006 bytes
Firefox/Mozilla Temporary Internet Cache (46 files) 3.79MB
C:\Documents and Settings\default\Application Data\Mozilla\Firefox\Profiles\5mdn84nb.default\history.dat 8.48KB
C:\Documents and Settings\default\Application Data\Macromedia\Flash Player\#SharedObjects\CU9MRAPK\chatango.com\fixed_id.sol 54 bytes
C:\Documents and Settings\default\Application Data\Macromedia\Flash Player\#SharedObjects\CU9MRAPK\chatango.com\mini_login.sol 48 bytes
C:\Documents and Settings\default\Application Data\Macromedia\Flash Player\#SharedObjects\CU9MRAPK\www.youtube.com\soundData.sol 58 bytes
C:\Documents and Settings\default\Application Data\Macromedia\Flash Player\#SharedObjects\CU9MRAPK\www.youtube.com\soundData_level0.loadClip.sol 74 bytes
C:\Documents and Settings\default\Application Data\Macromedia\Flash Player\#SharedObjects\CU9MRAPK\www.youtube.com\timeDisplayConfig.sol 81 bytes
C:\Documents and Settings\default\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#chatango.com\settings.sol 82 bytes
C:\Documents and Settings\default\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.youtube.com\settings.sol 85 bytes
C:\Documents and Settings\default\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol 397 bytes
------------------------------------------------------------------------------------------
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 14292
  		   Posted 2-25-2008 12:24 (GMT +1)    Quote: Logz plsAlert an admin about: Logz pls
Hello smile
It looks clean to Me, do You have any problems ?

Do NOT post your problem in someone elses thread.

Back to Top
 
New Topic Post reply to : Logz pls Printable version of : Logz pls
 
Forum Information
Currently it is Tuesday, January 06, 2009 3:16 PM (GMT +1)
There are a total of 65.866 posts in 16.165 threads.
In the last 3 days there were 22 new threads and 89 reply posts. View Active Threads
Who's Online
This forum has 27758 registered members. Please welcome our newest member, Nards.
46 Guest(s), 2 Registered Member(s) are currently online.  Details
phill, Touch
5 Latest Threads
Have I a machine infection? (9)06-01-2009 14:14:36 (Touch)
How to restore missing control panel and properties (1)06-01-2009 14:07:24 (Touch)
Virus stopping AVG and spybot from running (6)06-01-2009 13:27:28 (N11xxy)
Error message (0)06-01-2009 13:24:43 (tariq1)
Cannot remove malware (4)06-01-2009 13:13:30 (phill)


Need Support? Write to: | Forum Help Manual

Download free trial version of Bullguard