Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Please help me [CLOSED]

Started by commanderdevin , Apr 27 2008 08:07 AM

  • This topic is locked This topic is locked

#1
commanderdevin
Posted 27 April 2008 - 08:07 AM

commanderdevin

    New Member

  • Member
  • Pip
  • 5 posts
MY computer is stinking lately can anyone look over my log?





Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:07:15 AM, on 4/27/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\WINDOWS\System32\Rundll32.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Program Files\Corel\Graphics9\Register\Remind32.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\System32\cidaemon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Corel Registration.lnk = C:\Program Files\Corel\Graphics9\Register\Remind32.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - ?p=ZKxdm021YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://ak.imgag.com/...llerControl.cab
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://muse.egloball...s/ebraryRdr.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=58813
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zon...kr.cab56986.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplane...C_2.3.6.108.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.updat...b?1207775871734
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zon...1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1185147822515
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.co.../sysreqlab2.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://messenger.zon...mjolauncher.cab
O16 - DPF: {91F71D75-A73B-4E3B-8A14-F03557B82B29} (Cax3DPlugin Object) - http://www.graalonli...graalplugin.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zon...ro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zon...ot.cab57213.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com.../crusher-us.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zon...oF.cab57176.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zon...ss.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zon...er.cab56986.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Automatic LiveUpdate Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\WINDOWS\system32\HPZipm12.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)

--
  • 0

Advertisements

#2
greyknight17
Posted 27 April 2008 - 08:51 AM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
That doesn't help us much.....does it stink literally? :)

Uninstall Viewpoint via the Add/Remove Programs panel.

I don't see much that needs fixing here. What problems are you having on this computer?

Run a scan in HijackThis. Check each of the following if they still exist and hit 'Fix Checked' after you checked the last one:

O8 - Extra context menu item: &Search - ?p=ZKxdm021YYUS
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

Download Malwarebytes ' Anti-Malware at http://www.besttechi.../mbam-setup.exe or http://www.majorgeek...ware_d5756.html Double-click on mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Full Scan, then click Scan.
* The scan may take some time to finish, so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to restart (see Extra Note below).
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy & paste the entire report into your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

1. Download combofix at http://www.techsuppo...Bs/ComboFix.exe or http://download.blee...Bs/ComboFix.exe
2. Double-click combofix.exe & follow the prompts.
3. When finished, it will produce a log for you. Post that log in your next reply.

Note:
Do not click on combofix's window while it's running. That may cause it to stall.
  • 0

#3
commanderdevin
Posted 27 April 2008 - 09:04 AM

commanderdevin

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
the problems I am having are... I just did a repair installation of windows xp home. And now when i go and install Sp2 it doesnt install. It says i have it on windows update site and it says i dont on my comp. Also as I play some games my whole screen just turns into lines and the comp freezes.
  • 0

#4
commanderdevin
Posted 27 April 2008 - 09:25 AM

commanderdevin

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
heres my combo log


ComboFix 08-04-26.3 - Doug 2008-04-27 11:16:49.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1033.18.648 [GMT -4:00]
Running from: C:\Documents and Settings\Doug\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\salesmonitor
C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007
C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007\Data\Abbr
C:\Documents and Settings\All Users\Application Data\winantispyware 2007\Data\ProductCode
C:\Documents and Settings\Doug\Application Data\.#
C:\Documents and Settings\Doug\Application Data\WinAntiSpyware 2007
C:\Documents and Settings\Doug\Application Data\WinAntiSpyware 2007\Logs\update.log
C:\Documents and Settings\Doug\Local Settings\Temporary Internet Files\ijjistarter_verinfo.dat
C:\Documents and Settings\Doug\Local Settings\Temporary Internet Files\ijjistarter2.exe
C:\Documents and Settings\Tara\Application Data\ASKS~1
C:\Documents and Settings\Tara\Application Data\DOBE~1
C:\Documents and Settings\Tara\Application Data\RACLE~1
C:\Documents and Settings\Tara\Application Data\WinTouch
C:\Documents and Settings\Tara\Application Data\WinTouch\config.cfg.38f51a92d1022a3d3be278d9d34a5df1
C:\Documents and Settings\Tara\Application Data\WinTouch\config.cfg.454c0cb2f3b562a0ec48a6b9822931e8
C:\Documents and Settings\Tara\Application Data\WinTouch\config.cfg.5f59ba5624d19e9e60c607bd10097312
C:\Documents and Settings\Tara\Application Data\WinTouch\wintouch.cfg
C:\Program Files\Common Files\crosof~1
C:\Program Files\Common Files\crosof~1\??crosoft\
C:\Program Files\Common Files\mbols~1
C:\Program Files\Common Files\winantispyware 2007
C:\Program Files\Common Files\winantispyware 2007\err.log
C:\Program Files\Common Files\wnsxs~1
C:\Program Files\outerinfo
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\racle~1
C:\WINDOWS\sks~1
C:\WINDOWS\system32\crosof~1.net
C:\WINDOWS\system32\nod32se.exe
C:\WINDOWS\system32\winivstr.exe
C:\WINDOWS\system32\wnstssu32.exe
C:\WINDOWS\ymbols~1

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_FOPN


((((((((((((((((((((((((( Files Created from 2008-03-27 to 2008-04-27 )))))))))))))))))))))))))))))))
.

2008-04-27 11:16 . 2008-04-27 11:16 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG
2008-04-27 10:59 . 2008-04-27 10:59 <DIR> d-------- C:\Documents and Settings\Doug\Application Data\Malwarebytes
2008-04-27 10:58 . 2008-04-27 10:58 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-27 10:58 . 2008-04-27 10:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-27 09:51 . 2008-04-27 09:51 <DIR> d-------- C:\Program Files\Intel
2008-04-26 08:48 . 2005-08-31 21:49 16,384 --a------ C:\WINDOWS\system32\linkinfo.dll
2008-04-26 08:21 . 2005-10-20 18:33 991,232 --a------ C:\WINDOWS\system32\esent.dll
2008-04-26 08:13 . 2004-07-01 18:08 361,984 --a--c--- C:\WINDOWS\system32\dllcache\qmgr.dll
2008-04-26 08:13 . 2004-07-01 18:08 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
2008-04-26 08:13 . 2004-07-01 18:08 331,776 --a--c--- C:\WINDOWS\system32\dllcache\winhttp.dll
2008-04-26 08:13 . 2004-07-01 18:08 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2008-04-26 08:13 . 2004-07-01 18:08 17,408 --a--c--- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
2008-04-26 08:13 . 2004-07-01 18:08 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
2008-04-26 08:13 . 2004-07-01 18:08 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
2008-04-26 07:54 . 2008-04-26 07:54 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-26 07:17 . 1998-09-24 23:18 607,744 --------- C:\WINDOWS\system32\Decslib.dll
2008-04-26 07:16 . 1999-03-07 18:53 28,252 --------- C:\WINDOWS\corelpf.lrs
2008-04-26 07:15 . 2008-04-26 07:15 <DIR> d-------- C:\WINDOWS\Profiles
2008-04-26 07:15 . 2008-04-26 07:16 <DIR> d-------- C:\Program Files\Corel
2008-04-26 07:15 . 1999-04-14 15:43 245,760 --------- C:\WINDOWS\system32\Sccomp91.dll
2008-04-26 07:15 . 1999-04-14 15:43 225,280 --------- C:\WINDOWS\system32\Scint91.dll
2008-04-26 07:15 . 1999-04-14 15:43 110,592 --------- C:\WINDOWS\system32\Sccres91.dll
2008-04-26 07:04 . 2008-04-26 07:04 <DIR> d-------- C:\Documents and Settings\Doug\WINDOWS
2008-04-26 07:04 . 2008-04-26 07:04 106 --a------ C:\WINDOWS\MSREGUSR.INI
2008-04-26 07:03 . 2008-04-26 07:03 <DIR> d-------- C:\Program Files\Broderbund
2008-04-26 06:56 . 2008-04-26 06:56 67 --a------ C:\WINDOWS\DVDRegionFree.INI
2008-04-26 06:44 . 2008-04-26 06:44 0 --a------ C:\statistics.xml
2008-04-26 06:42 . 2008-04-26 06:42 <DIR> d-------- C:\Program Files\iSofter
2008-04-25 16:08 . 2008-04-25 16:09 <DIR> d-------- C:\Documents and Settings\Doug\dwhelper
2008-04-23 22:32 . 2008-04-23 22:32 <DIR> d-------- C:\Documents and Settings\Tara\Application Data\Symantec
2008-04-23 22:31 . 2008-04-23 22:31 <DIR> d-------- C:\Program Files\Symantec
2008-04-23 22:31 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-04-23 15:25 . 2004-08-03 14:04 185,624 --a------ C:\WINDOWS\system32\iuengine.dll
2008-04-23 15:25 . 2004-08-03 14:04 185,624 --a--c--- C:\WINDOWS\system32\dllcache\iuengine.dll
2008-04-23 15:18 . 2003-03-31 08:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-04-23 15:17 . 2002-05-14 12:08 20,540 --a--c--- C:\WINDOWS\system32\dllcache\admin.dll
2008-04-23 15:14 . 2003-03-31 08:00 397,312 --a------ C:\WINDOWS\system32\mspaint.exe
2008-04-23 15:13 . 2001-08-17 22:37 117,248 --a------ C:\WINDOWS\system32\ksproxy.ax
2008-04-23 15:13 . 2001-08-17 22:36 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2008-04-23 12:51 . 2008-04-23 12:52 1,422,510 --a------ C:\SDFix.exe
2008-04-21 15:19 . 2008-04-21 15:26 690 --a------ C:\Documents and Settings\Doug\Application Data\waver_2.95.dat
2008-04-21 15:18 . 2008-04-21 15:18 4 --a------ C:\WINDOWS\system32\qwolt.pdg
2008-04-21 15:09 . 2008-04-21 15:31 <DIR> d-------- C:\Program Files\SmartWAVConverter Pro
2008-04-20 08:22 . 2008-04-25 15:39 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-04-20 08:22 . 2008-04-20 08:22 1,409 --a------ C:\WINDOWS\QTFont.for
2008-04-17 16:06 . 2008-04-17 16:06 <DIR> d-------- C:\Program Files\Deskshare
2008-04-17 15:34 . 2005-01-28 13:44 819,200 --a--c--- C:\WINDOWS\system32\dllcache\setup_wm.exe
2008-04-17 15:34 . 2005-01-28 13:44 20,480 --a------ C:\WINDOWS\system32\wmpui.dll
2008-04-17 15:34 . 2005-01-28 13:44 20,480 --a------ C:\WINDOWS\system32\wmpcore.dll
2008-04-17 15:34 . 2005-01-28 13:44 20,480 --a------ C:\WINDOWS\system32\wmpcd.dll
2008-04-17 15:34 . 2005-01-28 13:44 20,480 --a------ C:\WINDOWS\system32\wmp.ocx
2008-04-17 15:34 . 2005-01-28 13:44 20,480 --a--c--- C:\WINDOWS\system32\dllcache\wmpui.dll
2008-04-17 15:34 . 2005-01-28 13:44 20,480 --a--c--- C:\WINDOWS\system32\dllcache\wmpcore.dll
2008-04-17 15:34 . 2005-01-28 13:44 20,480 --a--c--- C:\WINDOWS\system32\dllcache\wmpcd.dll
2008-04-17 15:34 . 2005-01-28 13:44 20,480 --a--c--- C:\WINDOWS\system32\dllcache\wmp.ocx
2008-04-17 06:35 . 2008-04-17 06:35 <DIR> d-------- C:\my documents
2008-04-17 06:32 . 2008-04-17 06:32 <DIR> d-------- C:\WINDOWS\desktop
2008-04-15 17:39 . 2004-07-09 04:26 52,096 --a------ C:\WINDOWS\system32\drivers\msdv.sys
2008-04-15 17:39 . 2002-12-12 00:14 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys
2008-04-15 15:58 . 2008-04-15 15:58 <DIR> d-------- C:\ijji
2008-04-15 06:58 . 2008-04-26 06:55 28 --a------ C:\WINDOWS\v2d.INI
2008-04-15 06:55 . 2008-04-15 15:07 <DIR> d-------- C:\v2d
2008-04-15 06:54 . 2008-04-26 06:58 <DIR> d-------- C:\Program Files\Total Video2DVD Author
2008-04-14 15:34 . 2008-04-14 15:34 <DIR> d-------- C:\Program Files\Sonic Foundry
2008-04-14 15:34 . 2008-04-14 15:34 <DIR> d-------- C:\Program Files\Pure Motion
2008-04-14 15:34 . 2008-04-14 16:46 <DIR> d-------- C:\Program Files\DebugMode
2008-04-14 15:27 . 2002-12-20 13:06 3,366,912 --a--c--- C:\WINDOWS\system32\dllcache\moviemk.exe
2008-04-13 17:49 . 2008-04-13 17:50 <DIR> d-------- C:\Documents and Settings\Doug\Application Data\OfficeUpdate12
2008-04-13 17:49 . 2008-04-13 17:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-04-13 13:01 . 2008-04-23 15:17 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb
2008-04-13 13:01 . 2008-04-23 15:17 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb
2008-04-13 13:00 . 2004-07-01 18:08 361,984 --a------ C:\WINDOWS\system32\qmgr.dll
2008-04-13 12:57 . 2007-07-30 19:19 1,712,984 --a------ C:\WINDOWS\system32\wuaueng.dll
2008-04-13 12:57 . 2004-08-03 14:07 1,081,112 --a--c--- C:\WINDOWS\system32\dllcache\wuaueng.dll
2008-04-13 12:57 . 2003-03-31 08:00 157,184 --a------ C:\WINDOWS\system32\clipbrd.exe
2008-04-13 12:57 . 2003-03-31 08:00 123,904 --a------ C:\WINDOWS\system32\rdshost.exe
2008-04-13 12:57 . 2003-03-31 08:00 105,472 --a------ C:\WINDOWS\system32\rdpclip.exe
2008-04-13 12:57 . 2003-03-31 08:00 98,816 --a--c--- C:\WINDOWS\system32\dllcache\clipbrd.exe
2008-04-13 12:57 . 2003-03-31 08:00 61,952 --a--c--- C:\WINDOWS\system32\dllcache\rdshost.exe
2008-04-13 12:57 . 2003-03-31 08:00 44,032 --a--c--- C:\WINDOWS\system32\dllcache\rdpclip.exe
2008-04-13 12:48 . 2003-03-31 08:00 1,086,182 -ra------ C:\WINDOWS\SET5A.tmp
2008-04-13 12:48 . 2003-03-31 08:00 13,608 -ra------ C:\WINDOWS\SET66.tmp
2008-04-12 14:22 . 2008-04-12 14:23 <DIR> d-------- C:\Program Files\Panda Security
2008-04-12 14:22 . 2008-04-25 17:57 1,966 --a------ C:\WINDOWS\mozver.dat
2008-04-12 13:58 . 2008-04-13 12:18 <DIR> d-------- C:\VideoOutput
2008-04-12 13:49 . 2008-04-12 13:49 <DIR> d-------- C:\Program Files\GPL MPEG Decoder
2008-04-12 13:45 . 2008-04-12 13:45 <DIR> d-------- C:\Program Files\Cucusoft
2008-04-12 13:45 . 2008-04-12 13:46 <DIR> d-------- C:\ConverterOutput
2008-04-12 13:45 . 2004-10-12 14:40 2,255,360 --a------ C:\WINDOWS\system32\libavcodec.dll
2008-04-12 13:45 . 2004-10-12 14:46 1,761,280 --a------ C:\WINDOWS\system32\ffdshow.ax
2008-04-12 13:45 . 2004-10-05 16:16 395,776 --a------ C:\WINDOWS\system32\libmplayer.dll
2008-04-12 13:45 . 2004-10-12 14:42 262,144 --a------ C:\WINDOWS\system32\TomsMoComp_ff.dll
2008-04-12 13:45 . 2004-10-04 01:50 112,640 --a------ C:\WINDOWS\system32\libmpeg2_ff.dll
2008-04-12 13:26 . 2008-04-12 13:31 26 --a------ C:\WINDOWS\dvdSanta.INI
2008-04-12 13:24 . 2008-04-12 13:24 <DIR> d-------- C:\TempDVD
2008-04-12 13:24 . 2008-04-12 13:59 <DIR> d-------- C:\Program Files\dvdSanta
2008-04-11 17:25 . 2008-04-11 17:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-04-11 15:32 . 2002-02-20 12:00 331,776 --------- C:\WINDOWS\system32\CTMEDENG.DLL
2008-04-11 15:32 . 2001-03-30 02:00 62,976 --a------ C:\WINDOWS\system32\CTDetres.dll
2008-04-11 15:32 . 1998-09-17 01:52 17,350 --a------ C:\WINDOWS\system32\CTDetect.hlp
2008-04-11 15:32 . 1998-09-17 01:52 641 --a------ C:\WINDOWS\system32\CTDetect.cnt
2008-04-10 20:08 . 2008-04-23 15:21 <DIR> d-------- C:\WINDOWS\nview
2008-04-10 20:08 . 2007-12-05 02:53 356,352 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2008-04-10 19:30 . 2007-06-21 18:59 58,776 --a------ C:\WINDOWS\system32\ijjiPlugin2.dll
2008-04-10 19:29 . 2008-04-10 19:29 <DIR> d-------- C:\Program Files\NHN USA
2008-04-10 19:29 . 2008-01-16 18:25 679,936 --a------ C:\WINDOWS\system32\ijjiSetup.exe
2008-04-10 19:25 . 2008-04-10 19:25 <DIR> d-------- C:\Program Files\Common Files\INCA Shared
2008-04-10 19:25 . 2003-07-19 02:17 5,174 --a------ C:\WINDOWS\system32\nppt9x.vxd
2008-04-10 19:25 . 2005-01-02 17:43 4,682 --a------ C:\WINDOWS\system32\npptNT2.sys
2008-04-10 18:52 . 2008-04-15 15:37 <DIR> d--h----- C:\Documents and Settings\Doug\Application Data\ijjigame
2008-04-10 17:36 . 2005-07-26 00:30 1,179,136 --a--c--- C:\WINDOWS\system32\dllcache\comsvcs.dll
2008-04-10 17:27 . 2003-03-31 08:00 1,086,182 -ra------ C:\WINDOWS\SET91.tmp
2008-04-10 17:27 . 2003-03-31 08:00 13,608 -ra------ C:\WINDOWS\SET9D.tmp
2008-04-10 16:34 . 2008-04-27 10:14 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2008-04-10 15:32 . 2008-04-10 15:45 <DIR> d-------- C:\4c01b3925f8687e616ef31c345
2008-04-10 11:19 . 2008-04-10 11:19 15,648 --a------ C:\WINDOWS\system32\drivers\NSDriver.sys
2008-04-10 11:19 . 2008-04-10 11:19 15,648 --a------ C:\WINDOWS\system32\drivers\Awrtrd.sys
2008-04-10 11:19 . 2008-04-10 11:19 12,832 --a------ C:\WINDOWS\system32\drivers\Awrtpd.sys
2008-04-09 06:14 . 2003-03-31 08:00 1,267,712 --a--c--- C:\WINDOWS\system32\dllcache\cimwin32.dll
2008-04-09 06:10 . 2002-08-29 01:50 24,960 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-04-09 06:06 . 2003-03-31 08:00 1,086,182 -ra------ C:\WINDOWS\SET56.tmp
2008-04-09 06:06 . 2003-03-31 08:00 13,608 -ra------ C:\WINDOWS\SET62.tmp
2008-04-09 06:03 . 2002-08-29 01:48 14,208 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-04-09 06:02 . 2002-08-29 01:27 56,576 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2008-04-09 05:58 . 2002-08-29 03:46 38,024 --a------ C:\WINDOWS\system32\drivers\termdd.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-26 11:18 --------- d-----w C:\Documents and Settings\Doug\Application Data\Corel
2008-04-26 11:04 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-24 02:46 --------- d-----w C:\Program Files\Common Files\LogiShrd
2008-04-24 02:32 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-04-24 02:29 163,644 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2008-04-23 17:55 13,144 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-04-23 17:52 --------- d-----w C:\Program Files\Lavasoft
2008-04-23 17:52 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-04-23 17:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-04-16 21:21 --------- d-----w C:\Program Files\Datel
2008-04-15 19:58 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-13 15:17 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-04-13 15:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-11 20:47 --------- d-----w C:\Program Files\Yahoo!
2008-04-10 19:12 --------- d-----w C:\Program Files\Microsoft Games
2008-04-10 10:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-04-03 20:15 --------- d-----w C:\Program Files\Windows Live
2008-04-03 20:15 --------- d-----w C:\Program Files\Sansa
2008-04-03 20:15 --------- d-----w C:\Program Files\DivX
2008-04-03 20:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-04-03 20:13 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-04-03 20:13 --------- d-----w C:\Program Files\MSN Messenger
2008-04-03 20:12 --------- d-----w C:\Program Files\Google
2008-04-02 18:10 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-04-02 18:09 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-03-28 20:26 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-17 18:49 524,288 ----a-w C:\WINDOWS\opuc.dll
2008-03-16 18:27 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-03-16 18:26 22,328 ----a-w C:\Documents and Settings\Doug\Application Data\PnkBstrK.sys
2008-03-14 23:29 --------- d-----w C:\Documents and Settings\Doug\Application Data\Image Zone Express
2008-03-13 23:06 41,296 ----a-w C:\WINDOWS\system32\xfcodec.dll
2008-03-11 23:31 --------- d-----w C:\Program Files\Common Files\AOL
2008-03-07 15:05 --------- d-----w C:\Program Files\Coupons
2008-03-05 20:30 97,288 ------w C:\DSETUP.dll
2008-03-05 20:30 527,880 ------w C:\DXSETUP.exe
2008-03-05 20:30 1,694,728 ------w C:\dsetup32.dll
2008-03-05 20:03 479,752 ----a-w C:\WINDOWS\system32\XAudio2_0.dll
2008-03-05 20:03 238,088 ----a-w C:\WINDOWS\system32\xactengine3_0.dll
2008-03-05 20:00 25,608 ----a-w C:\WINDOWS\system32\X3DAudio1_3.dll
2008-03-05 19:56 3,786,760 ----a-w C:\WINDOWS\system32\D3DX9_37.dll
2008-03-05 19:56 1,420,824 ----a-w C:\WINDOWS\system32\D3DCompiler_37.dll
2008-02-24 14:33 380 ----a-w C:\Program Files\TSClient.log
2008-02-12 22:10 107,008 ----a-w C:\WINDOWS\system32\CTsvcCDA.EXE
2008-02-12 21:50 4,512 ----a-w C:\WINDOWS\system32\tmp.reg
2008-02-09 04:55 85,504 ----a-w C:\WINDOWS\system32\VACFix.exe
2008-02-08 15:37 82,432 ----a-w C:\WINDOWS\system32\IEDFix.exe
2008-02-06 03:07 462,864 ----a-w C:\WINDOWS\system32\d3dx10_37.dll
2008-02-04 22:23 693,792 ----a-w C:\WINDOWS\system32\OGACheckControl.DLL
2007-10-31 21:08 15,780 ----a-w C:\Program Files\unins000.dat
2007-10-26 19:42 81,920 ----a-w C:\Documents and Settings\Doug\Application Data\ezpinst.exe
2007-09-20 10:37 47,360 ----a-w C:\Documents and Settings\Doug\Application Data\pcouffin.sys
2007-06-13 10:23 22,040 ---h--w C:\Documents and Settings\Tara\Application Data\aon.dat
2007-06-13 10:23 22,040 ---h--w C:\Documents and Settings\Doug\Application Data\aon.dat
2007-06-13 10:23 22,040 ---h--w C:\Documents and Settings\Devin\Application Data\aon.dat
2004-06-03 11:52 15,360 ----a-w C:\Program Files\KeyPress.dll
2003-04-17 15:06 172,032 ----a-w C:\Program Files\hvdi.dll
2003-04-17 13:56 151,552 ----a-w C:\Program Files\libspeex.dll
2003-04-14 07:00 71,680 ----a-w C:\Program Files\unins000.exe
2003-02-25 18:32 1,364 ----a-w C:\Program Files\clicense.txt
.

------- Sigcheck -------

2004-08-04 02:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ip6fw.sys
2004-08-04 02:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
"EasyLinkAdvisor"="C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" [2007-03-15 18:16 454784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2007-12-05 01:41 8523776]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe]
"CTSysVol"="C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe" [2003-09-17 10:43 122880]
"P17Helper"="P17.dll" [2004-06-10 12:51 60928 C:\WINDOWS\system32\P17.dll]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2007-12-05 01:41 81920]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2003-03-31 08:00 100352]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Messenger"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\rundll32.exe"=
"C:\\Program Files\\NetMeeting\\conf.exe"=
"C:\\WINDOWS\\system32\\rtcshare.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Java\\jre1.6.0_04\\bin\\javaw.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=

R1 gcvcd;gcvcd;C:\WINDOWS\System32\drivers\gcvcd.sys [2004-09-27 11:23]
R1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys [2007-09-09 11:29]
R2 BCMNTIO;BCMNTIO;C:\PROGRA~1\CheckIt\DIAGNO~1\BCMNTIO.sys [2004-03-05 17:09]
R2 MAPMEM;MAPMEM;C:\PROGRA~1\CheckIt\DIAGNO~1\MAPMEM.sys [2004-03-05 17:09]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 17:38]
S3 dump_wmimmc;dump_wmimmc;C:\ijji\ENGLISH\U_SF\GameGuard\dump_wmimmc.sys []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{287f32db-7a59-11dc-8cd4-001111c39325}]
\Shell\AutoRun\command - G:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{87b6565e-95d5-11dc-8d3b-001111c39325}]
\Shell\AutoRun\command - F:\autorun.exe


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A6CBBD4-E3C9-C738-E422-F9FE869A435E}]
C:\Program Files\drivers\msmsrs.exe s
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-27 11:22:21
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 14

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\tsd32.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Corel\Graphics9\Register\Remind32.exe
.
**************************************************************************
.
Completion time: 2008-04-27 11:25:14 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-27 15:25:10

Pre-Run: 53,496,406,016 bytes free
Post-Run: 54,191,165,440 bytes free

336 --- E O F --- 2008-04-27 13:51:48
  • 0

#5
greyknight17
Posted 27 April 2008 - 05:05 PM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
It looks like you have SP1 installed already. Go with SP2.

Open up your Notepad editor (Start->Run, type in notepad and click OK). Copy and paste the text into the quotebox below:

File::
C:\WINDOWS\SET5A.tmp
C:\WINDOWS\SET66.tmp
C:\WINDOWS\SET91.tmp
C:\WINDOWS\SET9D.tmp
C:\WINDOWS\SET56.tmp
C:\WINDOWS\SET62.tmp
C:\Documents and Settings\Tara\Application Data\aon.dat
C:\Documents and Settings\Doug\Application Data\aon.dat
C:\Documents and Settings\Devin\Application Data\aon.dat
Folder::
C:\Program Files\drivers\
C:\4c01b3925f8687e616ef31c345
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A6CBBD4-E3C9-C738-E422-F9FE869A435E}]

Save this as CFScript.txt in the same location as the ComboFix.exe tool.
Drag the CFScript.txt into ComboFix.exe
Follow the prompts. When finished, it shall produce a log for you. Post that log in your next reply.

Note: Do not click on combofix's window while it's running. That may cause it to stall.

How is the computer running so far?
  • 0

#6
greyknight17
Posted 04 May 2008 - 11:43 AM

greyknight17

    Malware Expert

  • Visiting Consultant
  • 16,560 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP