Unsolved

This post is more than 5 years old

4 Posts

558

January 29th, 2008 17:00

Outerinfo problems!

Hi,

If anyone could please help I'd be so grateful as Outerinfo pop ups are driving me mad!
 
Many thanks in advance
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:00:47, on 29/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Documents and Settings\Matt\Local Settings\Temp\{F06FD48A-A0E6-44F4-8456-45339B1584FD}\{49C090F0-4D03-4DD2-87BA-BF6AA53B9735}\AutoConnect.exe
C:\WINDOWS\system32\wltray.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\UBIQUIO Skype DECT\USBPhone4Skype.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\TWF0dA\command.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\mrofinu572.exe
C:\WINDOWS\system32\40424A4B4949484.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SCURIT~1\chkdsk.exe
C:\Program Files\Network Monitor\netmon.exe
C:\Program Files\Dot1XCfg\Dot1XCfg.exe
C:\Program Files\Router\Router.exe
C:\Documents and Settings\Matt\Application Data\Microsoft\Windows\rayiou.exe
C:\Program Files\Words\Words.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\SMART Board Software\SMARTBoardService.exe
C:\Program Files\SMART Board Software\SMARTBoardTools.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\SMART Board Software\Aware.exe
C:\Program Files\SMART Board Software\Marker.exe
C:\Program Files\Common Files\SMART Technologies Inc\SMART Product Update\SmartProductUpdate.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\??sks\c?rss.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&client=dell-inc&channel=uk
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [AutoConnect] "C:\Documents and Settings\Matt\Local Settings\Temp\{F06FD48A-A0E6-44F4-8456-45339B1584FD}\{49C090F0-4D03-4DD2-87BA-BF6AA53B9735}\AutoConnect.exe" BCMALL
O4 - HKLM\..\Run: [wltray.exe] C:\WINDOWS\system32\wltray.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [USBPhone4Skype] C:\Program Files\UBIQUIO Skype DECT\USBPhone4Skype.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu572.exe 61A847B5BBF728173599284503996897C881250221C8670836AC4FA7C8833201749139
O4 - HKLM\..\Run: [01030B0C0A0A090B1] 40424A4B4949484.exe
O4 - HKLM\..\Run: [BM3f81555f] Rundll32.exe "C:\WINDOWS\system32\olbqtukp.dll",s
O4 - HKLM\..\Run: [3cb266c3] rundll32.exe "C:\WINDOWS\system32\flmsgixm.dll",b
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Sen] "C:\WINDOWS\SCURIT~1\chkdsk.exe" -vt yazb
O4 - HKCU\..\Run: [Vcp] "C:\Program Files\??sks\c?rss.exe"
O4 - HKCU\..\Run: [Dot1XCfg] C:\Program Files\Dot1XCfg\Dot1XCfg.exe
O4 - HKCU\..\Run: [Router] C:\Program Files\Router\Router.exe
O4 - HKCU\..\Run: [WinTouch] C:\Documents and Settings\Matt\Application Data\WinTouch\WinTouch.exe
O4 - HKCU\..\Run: [SfKg6w] C:\Documents and Settings\Matt\Application Data\Microsoft\Windows\rayiou.exe
O4 - HKCU\..\Run: [Words] C:\Program Files\Words\Words.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: SMART Board Tools.lnk = C:\Program Files\SMART Board Software\SMARTBoardTools.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://www.bang-olufsen.com/InstallObjs/setup.exe
O16 - DPF: {556EEC63-31E2-47C3-BF29-DFF799D2FE04} (Remote Access ActiveX Client) - https://secure.logmein.com/activex/RACtrl.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://static.photobox.co.uk/sg/common/uploader_uni.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\TWF0dA\command.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service:   (Network Monitor) - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SMART Board Service - SMART Technologies Inc. - C:\Program Files\SMART Board Software\SMARTBoardService.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
O24 - Desktop Component 0: (no name) - http://upload.wikimedia.org/wikipedia/en/3/36/Watford.gif
O24 - Desktop Component 1: (no name) - http://www2.vebra.com/parkheath/rickmansworth/sales/ecimage0/dickinsonsquare1.jpg
--
End of file - 12551 bytes

3.3K Posts

January 30th, 2008 02:00

Message Edited by 1972vet on 02-27-2008 12:22 PM

4 Posts

January 31st, 2008 19:00

(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_CMDSERVICE
-------\LEGACY_NETWORK_MONITOR
-------\cmdService
-------\Network Monitor

(((((((((((((((((((((((((   Files Created from 2007-12-28 to 2008-01-30  )))))))))))))))))))))))))))))))
.
2008-01-28 19:33 . 2008-01-28 19:33 230 --a------ C:\WINDOWS\system32\spupdsvc.inf
2008-01-27 19:35 . 2008-01-27 19:35   d-------- C:\WINDOWS\system32\ADAFB7B8B6B6B5B
2008-01-27 19:35 . 2007-12-14 12:40 120,832 --a------ C:\WINDOWS\system32\40424A4B4949484.exe
2008-01-26 14:55 . 2008-01-26 14:55   d-------- C:\Program Files\Dot1XCfg
2008-01-26 14:52 . 2008-01-26 14:52   d-------- C:\WINDOWS\system32\nGpxx01
2008-01-26 14:52 . 2008-01-26 14:52   d-------- C:\temp\gTiis19
2008-01-26 14:52 . 2008-01-26 14:52   d-------- C:\temp\cXzz9
2008-01-22 19:29 . 2008-01-22 19:29 68,160 --a------ C:\WINDOWS\system32\olbqtukp.dll
2008-01-21 19:21 . 2008-01-23 19:21 49 --a------ C:\WINDOWS\BM3f81555f.xml
2008-01-15 19:38 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\vgwwgqvw.dll
2008-01-15 19:38 . 2008-01-14 21:11 3,257 --a------ C:\WINDOWS\system32\vgwwgqvw.xml
2008-01-14 21:32 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\fltaolct.dll
2008-01-14 21:32 . 2008-01-14 21:11 3,257 --a------ C:\WINDOWS\system32\fltaolct.xml
2008-01-13 22:00 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\adyfbnlr.dll
2008-01-13 22:00 . 2008-01-14 21:11 3,257 --a------ C:\WINDOWS\system32\adyfbnlr.xml
2008-01-13 18:44 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\rcuhvtdu.dll
2008-01-13 18:44 . 2008-01-13 21:59 3,352 --a------ C:\WINDOWS\system32\rcuhvtdu.xml
2008-01-13 17:07 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\pnpgnmxg.dll
2008-01-13 17:07 . 2008-01-13 17:27 3,257 --a------ C:\WINDOWS\system32\pnpgnmxg.xml
2008-01-13 13:16 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\ggnjftfr.dll
2008-01-13 13:16 . 2008-01-13 13:08 3,257 --a------ C:\WINDOWS\system32\ggnjftfr.xml
2008-01-13 06:52 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\vutblabs.dll
2008-01-13 06:52 . 2008-01-13 13:08 3,257 --a------ C:\WINDOWS\system32\vutblabs.xml
2008-01-12 19:45 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\qjuayqqw.dll
2008-01-12 19:45 . 2008-01-13 06:49 3,257 --a------ C:\WINDOWS\system32\qjuayqqw.xml
2008-01-12 12:06 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\ctptcjuz.dll
2008-01-12 12:06 . 2008-01-12 17:38 3,257 --a------ C:\WINDOWS\system32\ctptcjuz.xml
2008-01-11 21:36 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\cyrrrtdb.dll
2008-01-11 21:36 . 2008-01-12 08:44 3,258 --a------ C:\WINDOWS\system32\cyrrrtdb.xml
2008-01-11 06:29 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\ngvvtwcs.dll
2008-01-11 06:29 . 2008-01-11 19:49 3,258 --a------ C:\WINDOWS\system32\ngvvtwcs.xml
2008-01-10 21:30 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\ezsgsosa.dll
2008-01-10 21:30 . 2008-01-10 21:29 3,351 --a------ C:\WINDOWS\system32\ezsgsosa.xml
2008-01-10 09:26 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\eielhjjm.dll
2008-01-10 09:26 . 2008-01-10 21:29 3,351 --a------ C:\WINDOWS\system32\eielhjjm.xml
2008-01-09 21:06 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\jchpzkqo.dll
2008-01-09 21:06 . 2008-01-09 14:43 3,258 --a------ C:\WINDOWS\system32\jchpzkqo.xml
2008-01-09 19:09 . 2008-01-10 19:09 1,614 --ahs---- C:\WINDOWS\system32\vayubemw.ini
2008-01-09 14:47 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\lxaljynv.dll
2008-01-09 14:47 . 2008-01-09 14:43 3,258 --a------ C:\WINDOWS\system32\lxaljynv.xml
2008-01-08 21:26 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\eyrtlcnj.dll
2008-01-08 21:26 . 2008-01-09 14:43 3,258 --a------ C:\WINDOWS\system32\eyrtlcnj.xml
2008-01-07 22:17 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\suahtykh.dll
2008-01-07 22:17 . 2008-01-08 21:18 3,258 --a------ C:\WINDOWS\system32\suahtykh.xml
2008-01-07 20:00 . 2008-01-07 20:00   d-------- C:\Program Files\Opera
2008-01-06 21:13 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\vrojifvo.dll
2008-01-06 21:13 . 2008-01-07 19:54 3,351 --a------ C:\WINDOWS\system32\vrojifvo.xml
2008-01-05 21:21 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\ffaofmjz.dll
2008-01-05 21:21 . 2008-01-06 21:09 3,257 --a------ C:\WINDOWS\system32\ffaofmjz.xml
2008-01-05 14:22 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\gfttvfzi.dll
2008-01-05 14:22 . 2008-01-05 20:13 3,352 --a------ C:\WINDOWS\system32\gfttvfzi.xml
2007-12-29 12:22 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\jcytyuzo.dll
2007-12-29 12:22 . 2008-01-05 14:04 3,352 --a------ C:\WINDOWS\system32\jcytyuzo.xml
2007-12-29 09:28 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\wfqhpeug.dll
2007-12-29 09:28 . 2007-12-29 10:59 3,257 --a------ C:\WINDOWS\system32\wfqhpeug.xml
2007-12-28 22:39 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\dcnkmrte.dll
2007-12-28 22:39 . 2007-12-29 09:17 3,257 --a------ C:\WINDOWS\system32\dcnkmrte.xml
2007-12-28 19:50 . 2007-12-28 19:51   d-------- C:\Program Files\iTunes
2007-12-28 19:46 . 2008-01-30 06:51 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-28 19:46 . 2007-12-28 19:46 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-28 19:44 . 2007-12-28 19:44   d-------- C:\Program Files\Apple Software Update
2007-12-28 19:43 . 2007-12-28 19:43   d-------- C:\Program Files\Common Files\Apple
2007-12-28 19:43 . 2007-12-28 19:43   d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-12-28 19:08 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\dkjpcntc.dll
2007-12-28 19:08 . 2007-12-28 22:29 3,257 --a------ C:\WINDOWS\system32\dkjpcntc.xml
2007-12-28 07:37 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\gjjquoon.dll
2007-12-28 07:37 . 2007-12-28 19:07 3,257 --a------ C:\WINDOWS\system32\gjjquoon.xml
2007-12-26 07:28 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\uhnccswx.dll
2007-12-26 07:28 . 2007-12-27 21:13 3,351 --a------ C:\WINDOWS\system32\uhnccswx.xml
2007-12-25 08:01 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\phildiul.dll
2007-12-25 08:01 . 2007-12-26 07:25 2,411 --a------ C:\WINDOWS\system32\phildiul.xml
2007-12-24 22:11 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\xdzbzrvy.dll
2007-12-24 22:11 . 2007-12-24 21:02 2,506 --a------ C:\WINDOWS\system32\xdzbzrvy.xml
2007-12-24 21:02 . 2007-12-24 21:02 98,368 --a------ C:\WINDOWS\system32\oelcjtmx.dll
2007-12-24 21:02 . 2007-12-24 21:02 2,506 --a------ C:\WINDOWS\system32\oelcjtmx.xml
2007-12-24 21:02 . 2008-01-30 06:51 22 --a------ C:\WINDOWS\pskt.ini
2007-12-21 20:51 . 2007-12-21 20:51   d-------- C:\Program Files\Lavasoft
2007-12-21 20:51 . 2007-12-21 20:51   d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-12-21 19:58 . 2007-12-21 19:58   d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-12-15 20:30 . 2007-12-16 19:40 714 --ahs---- C:\WINDOWS\system32\llccwpki.ini
2007-12-13 20:37 . 2007-12-13 20:37   d--h----- C:\Program Files\Uninstall Information
2007-12-13 20:32 . 2007-10-10 23:55 6,065,664 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-12-13 20:32 . 2007-10-10 23:55 459,264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-12-13 20:32 . 2007-10-10 23:55 383,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-12-13 20:32 . 2007-10-10 23:55 267,776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-12-13 20:32 . 2007-10-10 23:55 63,488 --------- C:\WINDOWS\system32\dllcache\icardie.dll
2007-12-13 20:32 . 2007-10-10 23:55 52,224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-12-13 20:32 . 2007-10-10 10:59 13,824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-12-12 09:42 . 2007-12-12 09:42   d-------- C:\Documents and Settings\Matt\Application Data\Grisoft
2007-12-12 09:42 . 2007-12-12 09:42   d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-12 09:42 . 2007-05-30 12:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-12-12 09:35 . 2007-12-12 09:35   d-------- C:\Program Files\Trend Micro
2007-12-12 08:46 . 2007-12-12 08:46   d-------- C:\Program Files\Common Files\Scanner
2007-12-12 07:37 . 2007-12-12 08:22   d-------- C:\Program Files\Bonjour
2007-12-12 07:29 . 2007-12-12 07:29   d-------- C:\Program Files\Common Files\Macrovision Shared
2007-12-11 11:45 . 2007-12-12 10:34   d-------- C:\WINDOWS\system32\xc7
2007-12-11 11:45 . 2007-12-21 21:00   d-------- C:\WINDOWS\system32\pip5
2007-12-11 11:45 . 2007-12-11 11:45   d-------- C:\WINDOWS\system32\daSgo01
2007-12-11 11:45 . 2007-12-11 11:45 39,936 --a------ C:\WINDOWS\system32\ddcddde.dll
2007-12-11 10:57 . 2007-12-11 10:57 65,536 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-30 06:43 --------- d-----w C:\Documents and Settings\Matt\Application Data\Skype
2007-12-28 19:50 --------- d-----w C:\Program Files\iPod
2007-12-28 19:48 --------- d-----w C:\Program Files\QuickTime
2007-12-28 19:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-12-12 15:23 --------- d-----w C:\Program Files\Macromedia
2007-12-12 08:45 --------- d-----w C:\Program Files\Yahoo!
2007-12-12 07:37 --------- d-----w C:\Program Files\Common Files\Adobe
2007-12-01 07:49 --------- d-----w C:\Program Files\LogMeIn Backup
2007-11-14 07:26 450,560 ----a-w C:\WINDOWS\system32\dllcache\jscript.dll
2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-11-07 09:26 721,920 ------w C:\WINDOWS\system32\dllcache\lsasrv.dll
2007-10-30 17:20 360,064 ------w C:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-30 09:55 3,065,856 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:43 1,287,680 ------w C:\WINDOWS\system32\dllcache\quartz.dll
2007-10-27 17:40 227,328 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-27 17:40 227,328 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll
2007-10-26 03:34 8,460,288 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-11 05:57 96,256 ----a-w C:\WINDOWS\system32\dllcache\inseng.dll
2007-10-11 05:57 666,112 ----a-w C:\WINDOWS\system32\wininet.dll
2007-10-11 05:57 666,112 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-10-11 05:57 617,984 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-10-11 05:57 55,808 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-10-11 05:57 532,480 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
2007-10-11 05:57 474,112 ------w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-10-11 05:57 449,024 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-10-11 05:57 39,424 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
2007-10-11 05:57 357,888 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-10-11 05:57 251,904 ----a-w C:\WINDOWS\system32\dllcache\iepeers.dll
2007-10-11 05:57 205,824 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-10-11 05:57 16,384 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-10-11 05:57 151,040 ------w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-10-11 05:57 146,432 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2007-10-11 05:57 1,498,112 ------w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-10-11 05:57 1,054,208 ------w C:\WINDOWS\system32\dllcache\danim.dll
2007-10-11 05:57 1,024,000 ------w C:\WINDOWS\system32\dllcache\browseui.dll
2007-10-10 10:48 18,432 ----a-w C:\WINDOWS\system32\dllcache\iedw.exe
2006-10-03 19:15 56 --sh--r C:\WINDOWS\system32\26372AB22B.sys
2006-10-29 20:55 88 --sh--r C:\WINDOWS\system32\2BB22A3726.sys
2006-10-29 20:55 6,580 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
 

4 Posts

January 31st, 2008 19:00

ComboFix 08-01-30.5 - Matt 2008-01-30  6:34:10.1 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1033.18.109 [GMT 0:00]
Running from: C:\Documents and Settings\Matt\Desktop\ComboFix.exe
 * Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Matt\Application Data\WinTouch\WinTouch.exe
C:\WINDOWS\system32\awvvt.dll
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt
C:\Documents and Settings\Matt\Application Data\CURITY~1
C:\Documents and Settings\Matt\Application Data\WinTouch\wintouch.cfg
C:\Documents and Settings\Matt\Application Data\WinTouch\WinTouch.exe
C:\Documents and Settings\Matt\Application Data\WinTouch\WTUninstaller.exe
C:\Documents and Settings\NetworkService\Application Data\NetMon
C:\Documents and Settings\NetworkService\Application Data\NetMon\domains.txt
C:\Documents and Settings\NetworkService\Application Data\NetMon\log.txt
C:\Program Files\inetget2
C:\Program Files\inetget2\install_words.exe
C:\Program Files\network monitor
C:\Program Files\network monitor\netmon.exe
C:\Program Files\Online Services\meno455101.dll
C:\Program Files\Router
C:\Program Files\Router\Router.exe
C:\Program Files\Router\UnInstall.exe
C:\Program Files\sks~1
C:\Program Files\Temporary
C:\Program Files\WinAble
C:\Program Files\Words
C:\Program Files\Words\list.txt
C:\Program Files\Words\UnInstall.exe
C:\Program Files\Words\Words.exe
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\Temp\bkR11
C:\Temp\bkR11\ftCa.log
C:\WINDOWS\b104.exe
C:\WINDOWS\b116.exe
C:\WINDOWS\b122.exe
C:\WINDOWS\b138.exe
C:\WINDOWS\b143.exe
C:\WINDOWS\b149.exe
C:\WINDOWS\b151.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\dobe~1
C:\WINDOWS\mrofinu572.exe
C:\WINDOWS\system32\aduhksbo.ini
C:\WINDOWS\system32\amcdhpbn.dll
C:\WINDOWS\system32\ascswnhi.dll
C:\WINDOWS\system32\asemcerd.ini
C:\WINDOWS\system32\atmtd.dll
C:\WINDOWS\system32\atmtd.dll._
C:\WINDOWS\system32\avyynuor.dll
C:\WINDOWS\system32\awvvt.dll
C:\WINDOWS\system32\cxmvltxn.ini
C:\WINDOWS\system32\daicquwx.ini
C:\WINDOWS\system32\ddcbcdc.dll
C:\WINDOWS\system32\dwvtbgou.dll
C:\WINDOWS\system32\ewohcdlc.dll
C:\WINDOWS\system32\flmsgixm.dll
C:\WINDOWS\system32\fucipucy.ini
C:\WINDOWS\system32\ggkjwtfg.ini
C:\WINDOWS\system32\gjoatspu.dll
C:\WINDOWS\system32\gmekrlok.ini
C:\WINDOWS\system32\guytojol.ini
C:\WINDOWS\system32\gwooopnc.ini
C:\WINDOWS\system32\hwnusupb.dll
C:\WINDOWS\system32\iateordf.dll
C:\WINDOWS\system32\igonnwmg.ini
C:\WINDOWS\system32\ihtubmkg.ini
C:\WINDOWS\system32\iluqmbly.dll
C:\WINDOWS\system32\isthrjhc.dll
C:\WINDOWS\system32\iteeslgq.dll
C:\WINDOWS\system32\jkmgstda.ini
C:\WINDOWS\system32\kffpxxxu.ini
C:\WINDOWS\system32\kstmyaao.ini
C:\WINDOWS\system32\lapqnaue.ini
C:\WINDOWS\system32\lojotyug.dll
C:\WINDOWS\system32\lsgfbyue.dll
C:\WINDOWS\system32\mbagilck.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mwiotkll.ini
C:\WINDOWS\system32\mxhmbcwp.ini
C:\WINDOWS\system32\mxigsmlf.ini
C:\WINDOWS\system32\myjuqfui.ini
C:\WINDOWS\system32\natlslcu.ini
C:\WINDOWS\system32\ngfxpafl.dll
C:\WINDOWS\system32\nmosaryu.ini
C:\WINDOWS\system32\npennuvi.dll
C:\WINDOWS\system32\obskhuda.dll
C:\WINDOWS\system32\oijaxeet.ini
C:\WINDOWS\system32\ojeagsmu.dll
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\psebwsxm.ini
C:\WINDOWS\system32\ptciruvt.ini
C:\WINDOWS\system32\pwcbmhxm.dll
C:\WINDOWS\system32\qbebafyi.ini
C:\WINDOWS\system32\raogrvqf.ini
C:\WINDOWS\system32\rmpgpono.dll
C:\WINDOWS\system32\rounyyva.ini
C:\WINDOWS\system32\sgyshfpy.ini
C:\WINDOWS\system32\snxxaagp.ini
C:\WINDOWS\system32\tagscrcg.ini
C:\WINDOWS\system32\tpldkxdy.ini
C:\WINDOWS\system32\tqvxtvvn.ini
C:\WINDOWS\system32\tvvwa.ini
C:\WINDOWS\system32\tvvwa.ini2
C:\WINDOWS\system32\ulighlxf.ini
C:\WINDOWS\system32\uogbtvwd.ini
C:\WINDOWS\system32\uxxxpffk.dll
C:\WINDOWS\system32\uyrgcvfk.ini
C:\WINDOWS\system32\viaudhro.dll
C:\WINDOWS\system32\vjikiqnq.ini
C:\WINDOWS\system32\vurvlwyl.ini
C:\WINDOWS\system32\wqskkhxr.dll
C:\WINDOWS\system32\wuvqtnnx.ini
C:\WINDOWS\system32\wytcglrp.ini
C:\WINDOWS\system32\xaglfnki.ini
C:\WINDOWS\system32\xcvbwdny.ini
C:\WINDOWS\system32\xnntqvuw.dll
C:\WINDOWS\system32\ydftnffk.ini
C:\WINDOWS\system32\ykuisclr.ini
C:\WINDOWS\system32\ytkxdaew.ini
C:\WINDOWS\TWF0dA\
C:\WINDOWS\TWF0dA\\asappsrv.dll
C:\WINDOWS\TWF0dA\\command.exe
C:\WINDOWS\TWF0dA\\nqIXxE.vbs
C:\WINDOWS\TWF0dA\command.exe
C:\WINDOWS\uninstall_nmon.vbs
.

4 Posts

January 31st, 2008 19:00

And finally... Sorry no. characters was too many

Thanks again
 
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{34F77F8E-56C2-4D4D-A289-A58460264126}]
   C:\Program Files\Messenger\quzake.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5CA226C3-B37C-4698-BFFF-DD4057AEBA64}]
   C:\Program Files\Online Services\meno4444.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9FE3E81E-B872-4078-B406-549D268926B3}]
   C:\Program Files\Online Services\meno83122.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B285004D-6D02-4212-91FC-B8F47B68C254}]
2007-12-11 11:45 39936 --a------ C:\WINDOWS\system32\ddcddde.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E58FDA65-66A9-4F2D-D826-3BE6758E58C0}]
   C:\WINDOWS\system32\ybbgj.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ModemOnHold"="C:\Program Files\NetWaiting\netWaiting.exe" [2003-09-10 01:24 20480]
"DellSupport"="C:\Program Files\Dell Support\DSAgnt.exe" [2004-07-19 06:51 306688]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 16:24 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-07 08:33 68856]
"Dot1XCfg"="C:\Program Files\Dot1XCfg\Dot1XCfg.exe" [2008-01-26 14:55 61440]
"Router"="C:\Program Files\Router\Router.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"01030B0C0A0A090B1"="40424A4B4949484.exe" [2007-12-14 12:40 120832 C:\WINDOWS\system32\40424A4B4949484.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [2003-11-19 16:48 32881]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 15:30 282624 C:\WINDOWS\stsystra.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 10:48 761947]
"Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [2006-04-06 13:58 1032192]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 13:43 45056]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 19:29 49152]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 00:02 86016]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-12-06 00:05 127035]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 09:44 249856]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 09:44 81920]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2006-06-21 14:55 26112]
"MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [2005-07-12 18:05 1117184]
"AutoConnect"="C:\Documents and Settings\Matt\Local Settings\Temp\{F06FD48A-A0E6-44F4-8456-45339B1584FD}\{49C090F0-4D03-4DD2-87BA-BF6AA53B9735}\AutoConnect.exe" [2005-05-26 08:53 28672]
"wltray.exe"="C:\WINDOWS\system32\wltray.exe" [2005-06-08 16:32 778318]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-05-01 08:28 667718]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-05-01 08:28 602182]
"USBPhone4Skype"="C:\Program Files\UBIQUIO Skype DECT\USBPhone4Skype.exe" [2006-08-14 16:12 208896]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 09:25 6731312]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 10:56 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 12:10 267048]
"BM3f81555f"="C:\WINDOWS\system32\olbqtukp.dll" [2008-01-22 19:29 68160]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 04:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-07 08:33 68856]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2006-06-21 14:46:19 24576]
SMART Board Tools.lnk - C:\Program Files\SMART Board Software\SMARTBoardTools.exe [2006-09-18 04:53:26 3395584]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{B285004D-6D02-4212-91FC-B8F47B68C254}"= C:\WINDOWS\system32\ddcddde.dll [2007-12-11 11:45 39936]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddcddde]
ddcddde.dll 2007-12-11 11:45 39936 C:\WINDOWS\system32\ddcddde.dll
S3 sonypvs1;Sony Digital Imaging Video2;C:\WINDOWS\system32\DRIVERS\sonypvs1.sys [2002-10-15 21:41]
.
Contents of the 'Scheduled Tasks' folder
"2008-01-17 09:39:04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-30 06:51:37
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\SMART Board Software\SMARTBoardService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\40424A4B4949484.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Documents and Settings\Matt\Local Settings\Temp\{F06FD48A-A0E6-44F4-8456-45339B1584FD}\{49C090F0-4D03-4DD2-87BA-BF6AA53B9735}\AutoConnect.exe
C:\WINDOWS\system32\wltray.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\UBIQUIO Skype DECT\USBPhone4Skype.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Dot1XCfg\Dot1XCfg.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SMART Board Software\SMARTBoardTools.exe
C:\Program Files\SMART Board Software\Aware.exe
C:\Program Files\SMART Board Software\Marker.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\SMART Technologies Inc\SMART Product Update\SmartProductUpdate.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2008-01-30  6:56:43 - machine was rebooted
ComboFix-quarantined-files.txt  2008-01-30 06:56:29
.
2008-01-29 18:57:55 --- E O F --- 

3.3K Posts

January 31st, 2008 23:00

Message Edited by 1972vet on 02-27-2008 12:22 PM
No Events found!

Top