Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

TROJANDOWNLOADER.XS PLEASE HELP


  • Please log in to reply

#1
ROOKEY

ROOKEY

    New Member

  • Member
  • Pip
  • 1 posts
HI THERE I'M NEW TO ALL THIS STUFF. i NEED HELP MY PC SAYS IT BEEN INFECTED WITH DOWNLOADER.XS I HAVE A FEW PROGRAMS BUT THEY CAN'T TO SEEM TO PICK UP THIS TROJAN.
PLEASE HELP

rEGARDS ROOKEY

ComboFix 08-03-25.4 - Compaq_Owner 2008-03-27 11:07:48.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.502 [GMT 0:00]
Running from: C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\mkghj.dll
C:\WINDOWS\system32\sysmwwod.dll
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-02-27 to 2008-03-27 )))))))))))))))))))))))))))))))
.

2008-03-27 10:44 . 2008-03-27 10:44 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\TrojanHunter
2008-03-26 21:14 . 2008-03-26 21:38 <DIR> d-------- C:\Program Files\TrojanHunter 5.0
2008-03-26 17:37 . 2008-03-06 21:32 23,904 --a------ C:\WINDOWS\system32\drivers\COH_Mon.sys
2008-03-26 17:37 . 2008-03-06 21:32 10,537 --a------ C:\WINDOWS\system32\drivers\COH_Mon.cat
2008-03-26 17:37 . 2008-03-06 21:32 706 --a------ C:\WINDOWS\system32\drivers\COH_Mon.inf
2008-03-26 17:23 . 2008-03-26 17:28 <DIR> d-------- C:\Program Files\ACE-HIGH MP3 WAV WMA OGG Converter
2008-03-26 17:23 . 2002-11-13 11:14 1,703,936 --a------ C:\WINDOWS\system32\NCTAudioFile.dll
2008-03-26 17:23 . 2002-06-13 13:50 376,832 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-03-26 17:23 . 2002-11-06 15:12 360,448 --a------ C:\WINDOWS\system32\NCTWMAFile.dll
2008-03-26 17:23 . 2002-09-06 11:36 233,472 --a------ C:\WINDOWS\system32\lame_enc.dll
2008-03-26 17:23 . 2000-12-06 00:00 209,608 --a------ C:\WINDOWS\system32\Tabctl32.ocx
2008-03-26 17:23 . 2001-08-08 21:00 40,960 --a------ C:\WINDOWS\system32\DGPNorm.ocx
2008-03-26 16:03 . 2008-03-26 16:03 <DIR> d-------- C:\Program Files\LimeWire
2008-03-26 15:44 . 2008-03-26 15:44 94,208 --a------ C:\WINDOWS\system32\rmtkpkbg.exe
2008-03-26 14:21 . 2008-03-26 14:21 <DIR> d-------- C:\Program Files\Uniblue
2008-03-26 14:00 . 2005-08-25 18:18 118,784 --a------ C:\WINDOWS\system32\MSSTDFMT.DLL
2008-03-26 14:00 . 2005-08-25 18:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-03-26 13:10 . 2008-03-26 13:10 1,024 --a------ C:\WINDOWS\system32\drivers\D8205E69-ACF2-40F0-8C3E-FA1A9E44CD63.cxv
2008-03-26 13:03 . 2008-03-26 13:03 <DIR> d-------- C:\Program Files\Common Files\iS3
2008-03-26 13:03 . 2008-03-26 14:00 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2008-03-26 12:51 . 2006-11-05 12:27 991,232 --a------ C:\WINDOWS\system32\VchReg.dll
2008-03-26 12:51 . 2008-03-26 15:48 63 --a------ C:\WINDOWS\system\SYSRegC.dll
2008-03-26 12:45 . 2008-03-26 12:45 16 --a------ C:\WINDOWS\system32\coh.cache
2008-03-26 12:40 . 2008-03-26 13:20 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\uTorrent
2008-03-26 12:27 . 2008-03-26 12:27 147 --a------ C:\WINDOWS\system32\SDRemoveDB.db
2008-03-26 12:26 . 2008-03-26 12:26 63 --a------ C:\WINDOWS\system\SysSD.dll
2008-03-26 11:11 . 2008-03-26 15:30 115,000 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2008-03-26 11:11 . 2008-03-26 15:30 48,776 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2008-03-26 11:11 . 2008-03-26 15:30 8,014 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2008-03-26 11:11 . 2008-03-26 15:30 806 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
2008-03-26 11:10 . 2008-03-26 15:30 <DIR> d-------- C:\Program Files\Symantec
2008-03-25 20:17 . 2008-03-25 20:17 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\TuneUp Software
2008-03-25 19:45 . 2008-03-26 11:09 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-03-25 19:45 . 2008-03-25 19:45 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\SUPERAntiSpyware.com
2008-03-25 19:45 . 2008-03-25 19:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-03-25 17:49 . 2008-03-26 14:34 <DIR> d-------- C:\WINDOWS\CAVTemp
2008-03-25 17:19 . 2008-03-26 15:10 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-25 17:19 . 2008-03-26 15:10 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\CallingID
2008-03-25 17:13 . 2008-03-26 15:43 <DIR> d-------- C:\WINDOWS\rnapxs
2008-03-25 16:11 . 2008-03-25 16:11 8,627 --a------ C:\WINDOWS\system32\PAV_FOG.OPC
2008-03-25 16:08 . 2008-03-25 16:08 102 --a------ C:\WINDOWS\system32\UserRequest_1206461317.tmp
2008-03-25 15:34 . 2008-03-25 15:34 98,304 --a------ C:\WINDOWS\system32\bmrkbehm.exe
2008-03-25 15:26 . 2008-02-15 10:21 12,608 --a------ C:\WINDOWS\system32\drivers\TfKbMon.sys
2008-03-25 15:23 . 2008-03-25 15:23 <DIR> d-------- C:\Program Files\Common Files\PC Tools
2008-03-25 15:23 . 2008-03-25 15:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Tools
2008-03-25 13:05 . 2008-03-25 13:06 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\PC-Cleaner
2008-03-25 13:04 . 2008-03-25 13:04 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Desktopvirii
2008-03-25 13:04 . 2008-03-25 13:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\dizmhkfq
2008-03-25 13:04 . 2008-03-25 13:04 4,096 --a------ C:\Documents and Settings\Compaq_Owner\DesktopTrojan.Win32.BlackBird.exe
2008-03-25 13:04 . 2008-03-25 13:04 4,096 --a------ C:\Documents and Settings\Compaq_Owner\DesktopFWebdEditor.exe
2008-03-25 13:04 . 2008-03-25 13:04 4,096 --a------ C:\Documents and Settings\Compaq_Owner\Desktopfwebd.exe
2008-03-25 13:04 . 2008-03-25 13:04 4,096 --a------ C:\Documents and Settings\Compaq_Owner\Desktopfkwp2.0.exe
2008-03-25 13:04 . 2008-03-25 13:04 4,096 --a------ C:\Documents and Settings\Compaq_Owner\Desktopfkwp1.5.exe
2008-03-25 13:04 . 2008-03-25 13:04 4,096 --a------ C:\Documents and Settings\Compaq_Owner\Desktopfilemanagerclient.exe
2008-03-25 13:04 . 2008-03-25 13:04 4,096 --a------ C:\Documents and Settings\Compaq_Owner\DesktopEditorFKWP2.0.exe
2008-03-25 13:04 . 2008-03-25 13:04 4,096 --a------ C:\Documents and Settings\Compaq_Owner\DesktopEditorFKWP1.5.exe
2008-03-23 15:44 . 2008-03-23 15:44 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2008-03-23 15:44 . 2008-03-23 15:44 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-03-22 12:39 . 2008-03-22 12:44 37,888 --a------ C:\WINDOWS\system32\rar.exe
2008-03-17 12:23 . 2008-03-17 12:23 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Template
2008-03-17 12:22 . 2008-03-17 12:22 0 --a------ C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
2008-03-16 22:06 . 2008-03-16 22:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Backup
2008-03-16 21:58 . 2008-03-16 21:58 84 --a------ C:\Scans.dat
2008-03-16 21:45 . 2008-03-16 21:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\sentinel
2008-03-16 21:36 . 2008-03-25 17:47 <DIR> d-------- C:\Program Files\Common Files\Panda Software
2008-03-16 18:01 . 2003-10-22 16:54 81,920 --a------ C:\WINDOWS\system32\W32n50.dll
2008-03-16 18:01 . 2003-08-14 23:23 69,632 --a------ C:\WINDOWS\system32\MCCDevice.dll
2008-03-16 18:01 . 2003-10-22 16:54 17,162 --a------ C:\WINDOWS\system32\Pcandis5.sys
2008-03-16 18:01 . 2003-10-22 16:54 16,848 --a------ C:\WINDOWS\system32\Pcandis4.sys
2008-03-16 18:01 . 2003-10-22 16:54 16,073 --a------ C:\WINDOWS\system32\Pcandis3.vxd
2008-03-16 18:01 . 2003-07-17 22:16 6,048 --a------ C:\WINDOWS\system32\mcc16.dll
2008-03-16 18:01 . 2003-12-12 22:27 2,050 --a------ C:\WINDOWS\system32\ClientSyncLoaderDriver.htm
2008-03-16 18:01 . 2003-12-12 22:27 1,064 --a------ C:\WINDOWS\system32\ClientSyncLoader.htm
2008-03-12 21:04 . 2008-03-12 21:04 <DIR> d-------- C:\WINDOWS\Drivers
2008-03-12 21:04 . 2008-03-16 18:01 <DIR> d-------- C:\Program Files\Common Files\Motive
2008-03-12 21:00 . 2004-02-09 17:06 15,360 -ra------ C:\WINDOWS\system32\drivers\NetMotCM.sys
2008-03-08 15:30 . 2008-03-08 15:30 <DIR> d-------- C:\Program Files\Illustrate
2008-03-08 15:30 . 2008-03-08 15:30 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\AccurateRip
2008-03-08 15:30 . 2008-03-08 15:29 4,230,520 --a------ C:\WINDOWS\system32\SpoonUninstall.exe
2008-03-06 21:05 . 2008-03-26 14:04 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-27 11:05 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-27 10:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-03-26 23:28 --------- d-----w C:\Program Files\Norton 360
2008-03-26 17:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-26 16:49 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\NCH Swift Sound
2008-03-26 16:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2008-03-26 16:29 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\LimeWire
2008-03-26 15:18 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-26 15:11 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-03-26 14:30 --------- d-----w C:\Program Files\BitComet
2008-03-25 15:58 --------- d-----w C:\Program Files\Google
2008-03-25 14:18 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-23 15:44 --------- d-----w C:\Program Files\Nokia
2008-03-23 15:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-03-16 21:40 --------- d-----w C:\Program Files\ESET
2008-03-16 20:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\F-Secure
2008-03-14 12:00 --------- d-----w C:\Program Files\Driving Theory Test Express
2008-03-10 02:44 --------- d-----w C:\Program Files\Windows Live
2008-03-10 02:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-03-07 16:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Software rule flag owns
2008-03-06 21:53 --------- d-----w C:\Program Files\DietMP3
2008-02-28 14:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avg7
2008-02-26 21:49 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\PC Suite
2008-02-26 17:34 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-02-26 17:31 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-02-26 16:01 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\Ahead
2008-02-24 20:10 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\F-Secure
2008-02-24 14:49 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\BearShare
2008-02-20 18:36 --------- d-----w C:\Program Files\2 Pic
2008-02-17 23:50 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\Nokia
2008-02-16 13:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\fssg
2008-02-12 17:33 --------- d-----w C:\Program Files\DIFX
2008-02-12 17:32 --------- d-----w C:\Program Files\PC Connectivity Solution
2008-02-03 16:47 --------- d-----w C:\Program Files\Vista Drive Icon
2008-02-03 16:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-01-29 21:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems
2008-01-29 21:04 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
2008-01-11 05:53 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
.

------- Sigcheck -------

2007-06-13 10:23 975360 9784e0719124e4a23989aef9e7ca02d6 C:\WINDOWS\explorer.exe
2007-06-13 11:26 1033216 7712df0cdde3a5ac89843e61cd5b3658 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-04 05:00 974336 a5c1f2cf7c31874e66478910b43d6513 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 10:23 975360 9784e0719124e4a23989aef9e7ca02d6 C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00 15360]
"zyiozevp"="C:\WINDOWS\system32\bmrkbehm.exe" [2008-03-25 15:34 98304]
"cvzxxgwl"="C:\WINDOWS\system32\rmtkpkbg.exe" [2008-03-26 15:44 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 16:04 52736]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-08 03:05 344064]
"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 23:44 61440]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 20:43 233472]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 20:47 57344 C:\WINDOWS\ALCXMNTR.EXE]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2004-10-25 22:17 90112]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2005-05-11 00:50 253952]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-11-27 23:29 185632]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]
"DrvIcon"="C:\Program Files\Vista Drive Icon\DrvIcon.exe" [2007-07-04 19:59 45056]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-10 05:59 115816]
"THGuard"="C:\Program Files\TrojanHunter 5.0\THGuard.exe" [2008-03-25 19:08 1047712]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336]

C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 22:05:02 630784]
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 07:43:08 180224]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Uniblue Powersuite.lnk - C:\Program Files\Uniblue\PowerSuite\PowerSuite.exe [2008-03-26 14:21:50 2783504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"k7gHAIttTw"= C:\Documents and Settings\All Users\Application Data\dizmhkfq\bcdqfkfw.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
"Windows Printing Driver"= WinSpooler.exe

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Driving Theory Test Express\\unins000.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26531:TCP"= 26531:TCP:BitComet 26531 TCP
"26531:UDP"= 26531:UDP:BitComet 26531 UDP

R3 PID_0920;Logitech QuickCam Express(PID_0920);C:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2003-09-16 17:41]
S3 se59bus;Sony Ericsson Device 089 driver (WDM);C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 20:07]
S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 20:07]
S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 20:07]
S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 20:08]
S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS);C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 20:06]
S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 20:09]
S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM);C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 20:06]
S3 usbprint;Microsoft USB PRINTER Class;C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 23:01]

*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
"2008-03-26 15:20:30 C:\WINDOWS\Tasks\Uniblue SpyEraser.job"
- C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-27 11:09:25
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-03-27 11:10:04
ComboFix-quarantined-files.txt 2008-03-27 11:09:47
.
2008-03-26 15:53:11 --- E O F ---

Edited by ROOKEY, 27 March 2008 - 06:41 AM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP