Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

KearaC

2 Posts

7463

June 2nd, 2008 17:00

ComboFix Log help!

I have a bunch of viruses going at my computer right now, I can't seem to resolve them without them coming right back. I also cannot open up my task manager even after trying regedit. Below is my log from ComboFix, it doesn't all fit please let me know if you need more info! (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-02 18:13 --------- d-----w C:\Documents and Settings\LocalService\Application Data\VMware 2008-06-02 18:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\VMware 2008-06-02 18:10 --------- d-----w C:\Program Files\Common Files\Symantec Shared 2008-06-02 16:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec 2008-06-02 15:49 --------- d-----w C:\Program Files\Viewpoint 2008-06-02 15:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint 2008-06-02 13:17 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF 2008-06-02 13:17 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2008-06-02 13:17 10,671 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT 2008-06-02 13:17 --------- d-----w C:\Program Files\Symantec 2008-05-30 14:13 --------- d-----w C:\Program Files\Norton Security Scan 2008-05-28 15:14 --------- d-----w C:\Program Files\Click'N Design 3D (V5) 2008-05-27 14:34 --------- d-----w C:\Program Files\Roxio 2008-05-15 20:50 --------- d-----w C:\Program Files\Java 2008-05-14 18:01 --------- d-----w C:\Documents and Settings\Keara Cowan\Application Data\PhotoWorks 2008-04-30 19:16 --------- d-----w C:\Documents and Settings\Keara Cowan\Application Data\AdobeUM 2008-04-25 16:37 --------- d-----w C:\Documents and Settings\Keara Cowan\Application Data\ArcSoft 2008-04-25 14:22 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-04-25 14:22 --------- d-----w C:\Program Files\Common Files\ArcSoft 2008-04-25 14:22 --------- d-----w C:\Program Files\ArcSoft 2008-04-18 13:08 --------- d-----w C:\Program Files\Safari 2008-04-18 13:07 --------- d-----w C:\Program Files\Apple Software Update 2008-04-14 00:13 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys 2008-04-14 00:13 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys 2008-04-14 00:13 139,656 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys 2008-04-14 00:13 12,040 ----a-w C:\WINDOWS\system32\drivers\tdpipe.sys 2008-04-14 00:12 3,901 ------w C:\WINDOWS\system32\drivers\siint5.dll 2008-04-14 00:12 11,325 ------w C:\WINDOWS\system32\drivers\vchnt5.dll 2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys 2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys 2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys 2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys 2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys 2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys 2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys 2008-04-13 19:19 146,048 ------w C:\WINDOWS\system32\drivers\portcls.sys 2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-04-13 19:18 52,480 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys 2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys 2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys 2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys 2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys 2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys 2008-04-13 19:15 64,512 ----a-w C:\WINDOWS\system32\drivers\serial.sys 2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys 2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys 2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys 2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys 2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys 2008-04-13 19:00 30,080 ----a-w C:\WINDOWS\system32\drivers\modem.sys 2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys 2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys 2008-04-13 18:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys 2008-04-13 18:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys 2008-04-13 18:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys 2008-04-13 18:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys 2008-04-13 18:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys 2008-04-13 18:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys 2008-04-13 18:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys 2008-04-13 18:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys 2008-04-13 18:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys 2008-04-13 18:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys 2008-04-13 18:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys 2008-04-13 18:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys 2008-04-13 18:56 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys 2008-04-13 18:56 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys 2008-04-13 18:56 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys 2008-04-13 18:55 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys 2008-04-13 18:55 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys 2008-04-13 18:54 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys 2008-04-13 18:53 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys 2008-04-13 18:53 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys 2008-04-13 18:53 36,608 ----a-w C:\WINDOWS\system32\drivers\ip6fw.sys 2008-04-13 18:53 264,832 ----a-w C:\WINDOWS\system32\drivers\http.sys 2008-04-13 18:51 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys 2008-04-13 18:51 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys 2008-04-13 18:51 59,904 ----a-w C:\WINDOWS\system32\drivers\atmarpc.sys 2008-04-13 18:51 55,808 ----a-w C:\WINDOWS\system32\drivers\atmlane.sys 2008-04-13 18:51 101,120 ------w C:\WINDOWS\system32\drivers\bthpan.sys 2008-04-13 18:47 25,856 ----a-w C:\WINDOWS\system32\drivers\usbprint.sys 2008-04-13 18:46 59,136 ------w C:\WINDOWS\system32\drivers\rfcomm.sys 2008-04-13 18:46 37,888 ------w C:\WINDOWS\system32\drivers\bthmodem.sys 2008-04-13 18:46 36,480 ------w C:\WINDOWS\system32\drivers\bthprint.sys 2008-04-13 18:46 273,024 ------w C:\WINDOWS\system32\drivers\bthport.sys 2008-04-13 18:46 25,600 ------w C:\WINDOWS\system32\drivers\hidbth.sys 2008-04-13 18:46 25,344 ----a-w C:\WINDOWS\system32\drivers\sonydcam.sys 2008-04-13 18:46 18,944 ------w C:\WINDOWS\system32\drivers\bthusb.sys 2008-04-13 18:46 17,024 ------w C:\WINDOWS\system32\drivers\bthenum.sys 2008-04-13 18:46 121,984 ------w C:\WINDOWS\system32\drivers\usbvideo.sys 2008-04-13 18:44 81,664 ----a-w C:\WINDOWS\system32\drivers\videoprt.sys 2008-04-13 18:44 799,744 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys 2008-04-13 18:44 20,992 ----a-w C:\WINDOWS\system32\drivers\vga.sys 2008-04-13 18:44 153,344 ----a-w C:\WINDOWS\system32\drivers\dmio.sys 2008-04-13 18:43 14,208 ------w C:\WINDOWS\system32\drivers\wacompen.sys 2008-04-13 18:43 12,672 ------w C:\WINDOWS\system32\drivers\mutohpen.sys 2008-04-13 18:41 8,576 ----a-w C:\WINDOWS\system32\drivers\i2omgmt.sys 2008-04-13 18:41 52,352 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys 2008-04-13 18:41 18,560 ----a-w C:\WINDOWS\system32\drivers\i2omp.sys 2007-03-28 20:48 88 -csh--r C:\WINDOWS\system32\D110F4E116.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] 2007-08-24 23:51 316784 --a------ C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] 2008-01-31 01:51 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= "C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll" [2007-08-24 23:51 316784] [HKEY_CLASSES_ROOT\clsid\{7febefe3-6b19-4349-98d2-ffb09d4b49ca}] [HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1] [HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [2007-08-24 23:51 316784] [HKEY_CLASSES_ROOT\clsid\{7febefe3-6b19-4349-98d2-ffb09d4b49ca}] [HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1] [HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 20:12 15360] "ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-09-11 04:40 218032] "Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [2008-05-09 18:02 1923352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DMXLauncher"="C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe" [2006-11-27 01:07 102400] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-01-31 14:15 51048] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 04:40 86960] "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe" [2006-03-21 21:30 1191936] "ISUSPM Startup"="c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2006-09-11 04:40 218032] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2006-10-23 02:48 40048] "osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2007-08-25 00:53 714608] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-10-04 18:14 81920] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-04 18:14 8491008] "ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [2008-04-10 15:14 1107848] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2008-04-17 19:27 9117696] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-10-24 00:37:56 217194] Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-11-27 13:04:34 110592] Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 02:48:20 40048] Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2007-05-11 00:29:22 738968] Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2006-11-07 20:27:32 24576] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,C:\\WINDOWS\\system32\\vbpdtvdp.exe," [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ scecli scecli [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ExpressPLNRnote.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ExpressPLNRnote.lnk backup=C:\WINDOWS\pss\ExpressPLNRnote.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk backup=C:\WINDOWS\pss\QuickBooks Update Agent.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Service Manager.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk backup=C:\WINDOWS\pss\Service Manager.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^UPS WorldShip Messaging Utility.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\UPS WorldShip Messaging Utility.lnk backup=C:\WINDOWS\pss\UPS WorldShip Messaging Utility.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^UPS WorldShip PLD Reminder Utility.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\UPS WorldShip PLD Reminder Utility.lnk backup=C:\WINDOWS\pss\UPS WorldShip PLD Reminder Utility.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ymetray.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ymetray.lnk backup=C:\WINDOWS\pss\ymetray.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Keara Cowan^Start Menu^Programs^Startup^Picture Motion Browser Media Check Tool.lnk] path=C:\Documents and Settings\Keara Cowan\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk backup=C:\WINDOWS\pss\Picture Motion Browser Media Check Tool.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer] -ra------ 2006-10-23 08:50 71216 C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport] --a------ 2006-07-16 22:29 389120 C:\Program Files\Dell Support\DSAgnt.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EverioService] --------- 2006-11-22 21:10 151552 C:\Program Files\CyberLink\PCM4Everio\EverioService.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] --a--c--- 2006-11-07 20:35 169984 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager] --a------ 2006-09-25 20:52 50736 C:\Program Files\Common Files\AOL\1170097576\ee\AOLSoftware.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] --a------ 2006-07-06 08:15 151552 C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] --a------ 2006-09-11 04:40 218032 C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2008-03-30 10:36 267048 C:\Program Files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NA1Messenger] --a--c--- 2006-12-08 03:15 20480 C:\UPS\WSTD\PolicyMgr\NA1Msgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 10.0] C:\Program Files\Norton Ghost\Agent\GhostTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] --a------ 2007-10-04 18:14 8491008 C:\WINDOWS\system32\NvCpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] --a------ 2007-10-04 18:14 1626112 C:\WINDOWS\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pccguide.exe] C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-03-28 23:37 413696 C:\Program Files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray] --a------ 2006-12-01 15:47 228088 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp] --a--c--- 2006-07-24 11:20 282624 C:\WINDOWS\stsystra.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager] --a------ 2006-10-24 17:10 4662776 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"= "C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"= "C:\\WINDOWS\\system32\\dllhost.exe"= "C:\\Program Files\\America Online 9.0\\waol.exe"= "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\CyberLink\\PCM4Everio\\PCM4Everio.exe"= "C:\\Program Files\\CyberLink\\PCM4Everio\\EverioService.exe"= "C:\\Program Files\\Common Files\\AOL\\1170097576\\ee\\aolsoftware.exe"= "C:\\Program Files\\Yahoo!\\Yahoo! Music Jukebox\\YahooMusicEngine.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"= "C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"= R2 LiveUpdate Notice;LiveUpdate Notice;"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [] R2 MSSQL$UPSWSDBSERVER;MSSQL$UPSWSDBSERVER;C:\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe [2005-05-04 01:04] S3 COH_Mon;COH_Mon;C:\WINDOWS\system32\Drivers\COH_Mon.sys [2008-03-06 21:32] S3 NAL;Nal Service ;C:\WINDOWS\system32\Drivers\iqvw32.sys [2006-06-05 04:39] S3 SQLAgent$UPSWSDBSERVER;SQLAgent$UPSWSDBSERVER;C:\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlagent.EXE [2005-05-03 22:42]
Message Edited by KearaC on 06-02-2008 01:42 PM

Davet50

6 Operator

 • 

14.4K Posts

June 2nd, 2008 17:00

you need to post this in th virus/spyware forum..

Bugbatter

4 Apprentice

 • 

20.5K Posts

June 2nd, 2008 18:00


Never use Combofix unless you have been instructed to do so by a Malware Removal Expert. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.
Please read Combofix's Disclaimer: Photobucket

Here are just two examples of the consequences of using Combofix without supervision.
http://forums.us.dell.com/supportforums/board/message?board.id=si_virus&thread.id=67009
http://forums.cnet.com/5208-6132_102-0.html?forumID=32&threadID=293341&messageID=2763333#2763333

Was this post helpful?

View All

No Events found!

Top