Taskman.exe doesn't work.. Please help

BullGuard Antivirus Forum > General Security > Spyware > Taskman.exe doesn't work.. Please help

Forum Quick Jump

[ << Previous Thread | Next Thread >> ]

Atryom
New Member

Date Joined Jan 2008
Total Posts : 12

Posted 1-7-2008 9:49 (GMT +1)

Well... I've read through a couple of pages now. And I see the best thing to do would be to make my own thread, and post my own logfile instead of looking at fixes for other's. Well here goes.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:49:57 AM, on 1/7/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\outlook\outlook.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\SpacialAudio\SAMBC\SAMBC.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Owner\Desktop\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [Recordpad] "C:\Program Files\NCH Swift Sound\Recordpad\recordpad.exe" -logon
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1124102319000
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 7691 bytes

Post Edited (Atryom) : 07-01-2008 08:51:39 GMT

Touch
Forum Moderator

Date Joined Jun 2004
Total Posts : 13599

Posted 1-7-2008 9:59 (GMT +1)

Hi Atryom

Please download Combofix:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

and save to the desktop.

Close all other browser windows.

Important-> Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".

Go to start --> run and copy/paste in the following:

"%userprofile%\desktop\combofix.exe" /killall

When finished, it will produce a logfile located at C:\ComboFix.txt.

Post the contents of that log in your next reply with a new hijackthis log.

Note:
Do not mouseclick combofix's window while it is running. That may cause your system to stall/hang.

Do NOT post your problem in someone elses thread.

Member of - Alliance of Security Analysis Professionals

Atryom
New Member

Date Joined Jan 2008
Total Posts : 12

Posted 1-9-2008 1:00 (GMT +1)

ComboFix 08-01-04.1 - Owner 2008-01-08 18:51:28.2 - NTFSx86

Running from: C:\Documents and Settings\Owner\desktop\daniel's music n stuff\combofix.exe
Command switches used :: /killall
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
---- Previous Run -------
.
C:\backup\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CnsMin.zip
C:\onoes.exe
C:\Program Files\outlook
C:\Program Files\outlook\outlook.exe
C:\Program Files\outlook\p.zip
C:\Program Files\outlook\v.tmp
C:\WINDOWS\system32\bszip.dll
C:\WINDOWS\system32\cmd.com
C:\WINDOWS\system32\netstat.com
C:\WINDOWS\system32\ping.com
C:\WINDOWS\system32\regedit.com
C:\WINDOWS\system32\taskkill.com
C:\WINDOWS\system32\tasklist.com
C:\WINDOWS\system32\tracert.com

.
((((((((((((((((((((((((( Files Created from 2007-12-08 to 2008-01-08 )))))))))))))))))))))))))))))))
.

2008-01-07 04:28 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-03 02:36 . 2008-01-03 02:39 <DIR> d-------- C:\Program Files\Winamp
2008-01-03 02:36 . 2008-01-03 02:44 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Winamp
2007-12-31 05:29 . 2007-12-31 05:29 <DIR> d-------- C:\Program Files\NCH Swift Sound
2007-12-31 05:29 . 2007-12-31 05:29 <DIR> d-------- C:\Program Files\NCH Software
2007-12-31 05:29 . 2007-12-31 05:29 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Recordpad
2007-12-31 05:29 . 2007-12-31 05:29 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\NCH Swift Sound
2007-12-31 05:29 . 2007-12-31 05:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2007-12-31 00:04 . 2007-12-31 00:04 <DIR> d-------- C:\Documents and Settings\Owner\Incomplete
2007-12-30 01:40 . 2007-12-30 01:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2007-12-30 01:38 . 2007-12-30 01:39 <DIR> d-------- C:\Program Files\Yahoo!
2007-12-29 02:48 . 2007-12-29 02:48 268 --ah----- C:\sqmdata07.sqm
2007-12-29 02:48 . 2007-12-29 02:48 244 --ah----- C:\sqmnoopt07.sqm
2007-12-26 15:35 . 2007-12-26 15:35 <DIR> d-------- C:\Program Files\GoldWave
2007-12-26 01:56 . 2007-12-31 00:06 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\FrostWire
2007-12-26 01:55 . 2007-12-26 01:56 <DIR> d-------- C:\Program Files\FrostWire
2007-12-26 01:55 . 2007-12-26 01:55 <DIR> d-------- C:\Program Files\AskSBar
2007-12-26 01:30 . 2007-12-26 01:30 <DIR> d-------- C:\Program Files\SpacialAudio
2007-12-26 01:23 . 2007-12-26 01:23 <DIR> d-------- C:\Program Files\MySQL
2007-12-25 02:56 . 2007-12-25 02:56 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Ableton
2007-12-25 02:56 . 2007-12-25 02:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ableton
2007-12-25 01:01 . 2007-12-25 01:03 <DIR> d-------- C:\Program Files\Windows Live Safety Center
2007-12-24 13:56 . 2007-12-24 13:56 <DIR> d-------- C:\Program Files\SystemRequirementsLab
2007-12-24 13:56 . 2007-12-24 13:56 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\SystemRequirementsLab
2007-12-21 00:50 . 2007-12-21 00:50 <DIR> d-------- C:\Program Files\VstPlugins
2007-12-21 00:50 . 2002-07-07 17:14 1,294,336 --a------ C:\WINDOWS\system32\vorbis.acm
2007-12-21 00:50 . 2005-04-12 10:21 225,280 --a------ C:\WINDOWS\system32\rewire.dll
2007-12-21 00:49 . 2007-12-21 00:50 <DIR> d-------- C:\Program Files\Image-Line
2007-12-19 23:18 . 2007-12-19 23:18 244 --ah----- C:\sqmnoopt04.sqm
2007-12-19 23:18 . 2007-12-19 23:18 232 --ah----- C:\sqmdata04.sqm
2007-12-15 19:51 . 2007-12-15 19:51 <DIR> d--hs---- C:\WINDOWS\ftpcache
2007-12-14 00:27 . 2007-12-14 00:27 268 --ah----- C:\sqmdata06.sqm
2007-12-14 00:27 . 2007-12-14 00:27 244 --ah----- C:\sqmnoopt06.sqm
2007-12-13 21:55 . 2007-12-13 21:55 619 --a------ C:\WINDOWS\eReg.dat
2007-12-13 16:51 . 2007-12-13 16:51 244 --ah----- C:\sqmnoopt05.sqm
2007-12-13 16:51 . 2007-12-13 16:51 232 --ah----- C:\sqmdata05.sqm
2007-12-12 17:24 . 2007-12-12 17:24 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2007-12-12 17:24 . 2007-12-12 17:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2007-12-12 13:25 . 2007-12-12 13:25 <DIR> d-------- C:\Program Files\Common Files\SWF Studio
2007-12-11 14:44 . 2007-12-11 14:44 156,992 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-06 22:58 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-01-04 20:00 --------- d-----w C:\Program Files\Norton Security Scan
2008-01-04 01:54 --------- d-----w C:\Documents and Settings\Owner\Application Data\Image Zone Express
2007-12-26 04:27 --------- d-----w C:\Program Files\DivX
2007-12-26 04:14 --------- d-----w C:\Documents and Settings\Owner\Application Data\LimeWire
2007-12-16 01:00 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-14 02:48 --------- d-----w C:\Program Files\EA GAMES
2007-12-12 22:25 --------- d-----w C:\Program Files\Common Files\Adobe
2007-12-01 08:01 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-11-30 04:35 --------- d-----w C:\Program Files\Windows Live
2007-11-30 04:34 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2007-11-30 04:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-28 05:16 --------- d-----w C:\Program Files\MUSHclient
2007-11-24 17:53 --------- d-----w C:\Documents and Settings\Owner\Application Data\HP
2007-11-17 05:45 --------- d-----w C:\Program Files\Macromedia
2007-11-17 05:45 --------- d-----w C:\Program Files\Common Files\Macromedia
2007-11-17 05:43 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-11-15 18:53 --------- d-----w C:\Documents and Settings\Owner\Application Data\DivX
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
2007-12-26 01:55 66912 --a------ C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
2007-12-26 01:55 267592 --a------ C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}

[HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [2007-12-26 01:55 267592]

[HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 07:00 15360]
"Aim6"="" []
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 13:42 1404928]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-09-20 08:35 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-09-20 08:32 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-09-20 08:36 114688]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 22:12 49152]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-02-08 00:12 488984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2007-02-08 00:13 774168]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 03:00 132496]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 13:42 267064]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"Recordpad"="C:\Program Files\NCH Swift Sound\Recordpad\recordpad.exe" [2007-12-31 05:29 577540]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2005-08-15 05:20:41]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 22:23:26]
Kodak EasyShare software.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2003-06-25 05:25:38]
KODAK Software Updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe [2003-06-08 16:48:18]

S3 USB-100;Realtek RTL8150 USB 10/100 Fast Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\RTL8150.SYS [2006-05-10 14:22]

.
Contents of the 'Scheduled Tasks' folder
"2008-01-02 23:20:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-01-04 20:59:07 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-08 18:56:28
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-08 18:59:53 - machine was rebooted [Owner]
ComboFix-quarantined-files.txt 2008-01-08 23:59:50
.
2007-12-12 08:07:44 --- E O F ---

Touch
Forum Moderator

Date Joined Jun 2004
Total Posts : 13599

Posted 1-9-2008 7:26 (GMT +1)

combofix get rid of some infections. How are things running now ?

Do NOT post your problem in someone elses thread.

Member of - Alliance of Security Analysis Professionals

Atryom
New Member

Date Joined Jan 2008
Total Posts : 12

Posted 1-10-2008 10:05 (GMT +1)

Everything seems fine. Taskman works, as well as command prompt. Thanks.

Touch
Forum Moderator

Date Joined Jun 2004
Total Posts : 13599

Posted 1-10-2008 11:26 (GMT +1)

That´s good news smilewinkgrin

Please read Tony Klein's excellent article about how to prevent against spyware/hijackers in the future

http://www.castlecops.com/t7736-So_how_did_I_get_infected_in_the_first_place.html

Since your problem appears to be resolved, this thread will now be closed.

If you need this topic reopened, please PM a Moderator and we will reopen it for you

Do NOT post your problem in someone elses thread.

Member of - Alliance of Security Analysis Professionals

Forum Information

Currently it is Thursday, November 20, 2008 10:13 PM (GMT +1)
There are a total of 63.946 posts in 15.823 threads.
In the last 3 days there were 33 new threads and 163 reply posts. View Active Threads