|
|
|
Smitfraud:C
|
|
Junior Member
|
3. September 2008 @ 13:17 |
Link to this message
|
|
Hi i have this virus on my computer but i cant revove it, i have read many forums and i dont have the normal problems that the other people have can anyone help me thanks all.
|
|
Advertisement
|
 |
|
|
|
ddp
Moderator
|
3. September 2008 @ 13:41 |
Link to this message
|
|
moved to correct forum as not an all other topics issue.
|
Junior Member
|
3. September 2008 @ 17:00 |
Link to this message
|
|
|
|
ddp
Moderator
|
3. September 2008 @ 18:07 |
Link to this message
|
|
no problem. what anti-virus & anti-spyware programs are you using?
|
Junior Member
|
4. September 2008 @ 22:09 |
Link to this message
|
Hi i am using AVG FREE, but the programme that picked the virus up but couldent remove it was Spybot Search and Destroy. Thanks in advance
|
|
ddp
Moderator
|
4. September 2008 @ 22:12 |
Link to this message
|
which version of spybot as in 1.3, 1.4, 1.5 or 1.6?
|
Junior Member
|
4. September 2008 @ 23:38 |
Link to this message
|
|
I cant remember sorry i uninstalled it.
|
Senior Member
|
5. September 2008 @ 11:38 |
Link to this message
|
Hi AISmoked
Have you run SmitfraudFix? If not, please do the following:
1. Go here and download SmitfraudFix. Extract all the files to your desktop, it will create the folder SmitfraudFix.
2. Restart your computer in Safe Mode. (Press F8 at boot, select "Safe Mode" and press Enter)
3. Open the folder Smitfraudfix on your desktop and double-click on smitfraudfix.cmd. "Enter your Choice: (1,2,3,4,L,Q):" Select option 2. Wait for process to finish. (If prompted for: Registry cleaning - Do you want to clean the registry? Press Y, for Yes).
4. It will check if your wininet.dll file is damaged, if so it will ask you to "Replace Infected File?" Press Y as Yes and press Enter.
Best Regards :D
Life is but a dream; you dont feel any pain unless you want to or you fall off the bed.
Success is relative; the more success the more relatives.
A computer once beat me at chess, but it was no match for me at kickboxing.
To be or not to be; thats a dumb question.
|
Junior Member
|
5. September 2008 @ 14:28 |
Link to this message
|
Alright m8 this is any of the information that mentioned infections i dont know what it means
!!!Attention, following keys are not inevitably infected!!!
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, following keys are not inevitably infected!!!
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, following keys are not inevitably infected!!!
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
!!!Attention, following keys are not inevitably infected!!!
AntiXPVSTFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="avgrsstx.dll"
"LoadAppInit_DLLs"=dword:00000001
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
And at the end it said this ...................
»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End
|
Junior Member
|
6. September 2008 @ 08:31 |
Link to this message
|
|
what does this mean
|
Senior Member
|
6. September 2008 @ 09:05 |
Link to this message
|
Hey AISmoked
Your log from SmitfraudFix is clean. It simply states that it ran a series of antimalware applications and they all reported back clean, except for one false positive which we will not have to worry about.
Now, please download Combofix.
With Combofix, at the download window, please rename it to Combo-fix(.exe) before downloading it.
Please disable all security programs, such as antiviruses, antispywares, and firewalls.
Also disable your internet connection.
? Run Combo-Fix.exe and follow the prompts.
**Understand that things like your system clock changing and your desktop disappearing might happen. Do not worry, because all will be restored later.
? Wait for the scan to be completed.
? If it requires a reboot, please do it.
? After the scan has completed entirely, please post the log here. The log will be located at C:\ComboFix(.txt)
Do not click on the Comobofix window, as it may cause it to stall.
Best Regards :D
Life is but a dream; you dont feel any pain unless you want to or you fall off the bed.
Success is relative; the more success the more relatives.
A computer once beat me at chess, but it was no match for me at kickboxing.
To be or not to be; thats a dumb question.
|
Junior Member
|
6. September 2008 @ 15:50 |
Link to this message
|
Sorry i didnt disable internet and antivirus. Does this still mean anything to you
ComboFix 08-09-05.02 - davie boy! 2008-09-06 20:41:48.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.184 [GMT 1:00]
Running from: C:\Documents and Settings\davie boy!\My Documents\Combo-Fix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-08-06 to 2008-09-06 )))))))))))))))))))))))))))))))
.
2008-09-05 19:41 . 2008-09-05 19:41 754 --a------ C:\WINDOWS\WORDPAD.INI
2008-09-05 13:27 . 2008-09-05 13:27 268 --ah----- C:\sqmdata08.sqm
2008-09-04 17:54 . 2008-09-04 17:54 268 --ah----- C:\sqmdata07.sqm
2008-09-04 17:54 . 2008-09-04 17:54 244 --ah----- C:\sqmnoopt07.sqm
2008-09-04 14:03 . 2008-09-04 14:03 <DIR> d-------- C:\WINDOWS\SQL9_KB948109_ENU
2008-09-04 13:48 . 2008-09-04 13:48 <DIR> d-------- C:\Program Files\MSXML 6.0
2008-09-04 12:48 . 2008-09-04 12:48 268 --ah----- C:\sqmdata06.sqm
2008-09-04 12:48 . 2008-09-04 12:48 244 --ah----- C:\sqmnoopt06.sqm
2008-09-04 01:49 . 2008-09-04 01:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-09-04 01:23 . 2008-09-04 01:23 <DIR> d-------- C:\WINDOWS\Sun
2008-09-03 23:27 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-09-03 23:26 . 2008-09-03 23:27 <DIR> d-------- C:\Program Files\Java
2008-09-03 23:25 . 2008-09-03 23:25 <DIR> d-------- C:\Program Files\Common Files\Java
2008-09-03 21:43 . 2008-09-03 21:43 <DIR> d-------- C:\Program Files\NOS
2008-09-03 20:39 . 2008-09-05 19:39 <DIR> d-------- C:\Program Files\Microsoft SQL Server
2008-09-03 01:26 . 2008-09-03 01:26 34 --------- C:\WINDOWS\system32\oeminfo.ini
2008-09-02 21:21 . 2008-09-03 01:05 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2008-09-02 21:11 . 2008-09-02 21:11 <DIR> d-------- C:\Program Files\Sierra
2008-09-02 14:33 . 2008-09-02 14:33 280 --ah----- C:\sqmdata05.sqm
2008-09-02 14:33 . 2008-09-02 14:33 244 --ah----- C:\sqmnoopt05.sqm
2008-09-02 14:26 . 2008-09-02 14:26 <DIR> d-------- C:\Documents and Settings\princess tommo\Application Data\TuneUp Software
2008-09-02 14:14 . 2008-09-02 14:14 <DIR> d-------- C:\Documents and Settings\Administrator
2008-09-02 13:35 . 2008-09-02 13:35 132 --a------ C:\WINDOWS\wininit.ini
2008-09-02 12:02 . 2008-09-04 01:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-02 11:15 . 2008-09-02 11:16 <DIR> d-------- C:\Program Files\Easy DVD CD Burner
2008-09-02 00:40 . 2008-09-02 00:40 5,862 --a------ C:\WINDOWS\system32\ntent_y.xml
2008-09-02 00:40 . 2008-09-02 00:40 5,862 --a------ C:\WINDOWS\system32\ntent_m.xml
2008-09-02 00:40 . 2008-09-02 00:40 1,574 --a------ C:\WINDOWS\system32\ntent_ie.xml
2008-09-02 00:37 . 2008-09-02 00:37 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\agi
2008-09-02 00:37 . 2008-09-02 00:37 <DIR> d-------- C:\Documents and Settings\davie boy!\Application Data\agi
2008-09-02 00:37 . 2008-09-02 00:37 2,117,632 --a------ C:\WINDOWS\system32\python25.dll
2008-09-02 00:37 . 2008-09-02 00:37 327,680 --a------ C:\WINDOWS\system32\pythoncom25.dll
2008-09-02 00:37 . 2008-09-02 00:37 102,400 --a------ C:\WINDOWS\system32\pywintypes25.dll
2008-09-01 23:40 . 2007-04-10 14:46 1,966,696 --a------ C:\WINDOWS\system32\drivers\VX3000.sys
2008-09-01 23:39 . 2008-09-01 23:39 <DIR> d-------- C:\WINDOWS\system32\drivers\umdf
2008-09-01 23:39 . 2008-09-01 23:40 <DIR> d-------- C:\Program Files\Microsoft LifeCam
2008-09-01 21:49 . 2008-09-01 21:49 <DIR> d-------- C:\Documents and Settings\princess tommo\Contacts
2008-08-30 22:46 . 2008-08-30 22:46 <DIR> d-------- C:\Program Files\DivX
2008-08-30 18:32 . 2008-08-30 18:32 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-08-30 13:47 . 2008-08-30 13:47 <DIR> d-------- C:\Program Files\Corel
2008-08-30 13:47 . 2008-08-30 13:50 <DIR> d-------- C:\Program Files\Common Files\Corel
2008-08-30 02:44 . 2008-08-30 13:54 <DIR> d-------- C:\Documents and Settings\davie boy!\Application Data\Corel
2008-08-30 02:44 . 2008-08-30 13:59 88 -r-hs---- C:\WINDOWS\system32\BE3F4CEBE2.sys
2008-08-30 02:43 . 2008-08-30 02:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Corel
2008-08-29 17:15 . 2008-08-29 22:07 <DIR> d-------- C:\temp
2008-08-29 16:03 . 2008-09-05 22:08 2,828 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-08-29 02:59 . 2008-08-29 02:59 0 --a------ C:\WINDOWS\nsreg.dat
2008-08-28 01:33 . 2008-08-28 01:33 <DIR> d-------- C:\Program Files\DAEMON Tools
2008-08-28 01:33 . 2008-08-28 01:33 223,128 --a------ C:\WINDOWS\system32\drivers\dtscsi.sys
2008-08-28 01:07 . 2008-08-28 01:07 664,064 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-08-28 01:07 . 2008-08-28 01:07 96,384 --a------ C:\WINDOWS\system32\drivers\sptd3981.sys
2008-08-27 22:15 . 2008-08-27 22:15 <DIR> d-------- C:\Program Files\Paint.NET
2008-08-27 21:41 . 2005-10-29 05:12 29,384 --a------ C:\WINDOWS\system32\mdimon.dll
2008-08-27 21:40 . 2008-08-27 21:40 <DIR> d-------- C:\Program Files\MSBuild
2008-08-27 21:39 . 2008-09-05 19:36 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-08-27 21:39 . 2008-08-27 21:39 <DIR> d-------- C:\Program Files\Microsoft Works
2008-08-27 21:37 . 2008-08-27 21:40 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-08-27 21:37 . 2008-08-27 21:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-08-27 21:37 . 2008-08-27 21:37 376 --a------ C:\WINDOWS\ODBC.INI
2008-08-27 21:36 . 2008-08-27 21:36 <DIR> dr-h----- C:\MSOCache
2008-08-27 21:08 . 2008-09-02 14:16 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-08-26 02:59 . 2008-09-03 01:22 2,328,704 --a------ C:\WINDOWS\system32\TUKernel.exe
2008-08-26 02:54 . 2008-09-03 01:21 <DIR> d--h----- C:\WINDOWS\Icons
2008-08-26 00:40 . 2008-05-29 09:28 28,416 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-08-26 00:39 . 2008-09-01 00:31 <DIR> d-------- C:\Program Files\TuneUp Utilities 2008
2008-08-26 00:39 . 2008-08-26 00:39 <DIR> d-------- C:\Documents and Settings\davie boy!\Application Data\TuneUp Software
2008-08-26 00:39 . 2008-08-26 00:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-08-26 00:39 . 2008-09-01 00:30 355,584 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-08-25 14:26 . 2008-08-25 14:26 <DIR> d-------- C:\Program Files\CCleaner
2008-08-24 22:22 . 2008-08-25 14:20 814 --a------ C:\WINDOWS\ARPR.INI
2008-08-23 04:43 . 2008-08-23 04:44 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-08-23 04:42 . 2008-09-03 21:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NOS
2008-08-22 00:05 . 2008-08-22 00:32 292 --a------ C:\WINDOWS\system\cmicnfg.ini
2008-08-21 18:18 . 2008-08-21 18:18 <DIR> d-------- C:\WINDOWS\Virtual Villagers - The Secret City
2008-08-21 18:06 . 2008-04-13 19:45 26,368 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-08-21 18:01 . 2008-08-21 18:01 268 --ah----- C:\sqmdata04.sqm
2008-08-21 18:01 . 2008-08-21 18:01 244 --ah----- C:\sqmnoopt04.sqm
2008-08-21 15:19 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll
2008-08-21 15:19 . 2008-07-18 22:07 210,976 --a------ C:\WINDOWS\system32\muweb.dll
2008-08-21 15:19 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-08-21 11:34 . 2008-08-21 11:34 268 --ah----- C:\sqmdata03.sqm
2008-08-21 11:34 . 2008-08-21 11:34 244 --ah----- C:\sqmnoopt03.sqm
2008-08-21 11:27 . 2008-08-23 02:09 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2008-08-21 11:24 . 2008-08-21 11:24 268 --ah----- C:\sqmdata02.sqm
2008-08-21 11:24 . 2008-08-21 11:24 244 --ah----- C:\sqmnoopt02.sqm
2008-08-21 03:36 . 2008-08-21 03:36 268 --ah----- C:\sqmdata01.sqm
2008-08-21 03:36 . 2008-08-21 03:36 244 --ah----- C:\sqmnoopt01.sqm
2008-08-21 00:09 . 2008-08-21 00:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TheRace_dev
2008-08-21 00:01 . 2008-08-21 00:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Slapdash Games
2008-08-20 23:53 . 2008-08-20 23:53 268 --ah----- C:\sqmdata00.sqm
2008-08-20 23:53 . 2008-08-20 23:53 244 --ah----- C:\sqmnoopt00.sqm
2008-08-20 23:05 . 2008-09-02 22:38 <DIR> d-------- C:\Documents and Settings\davie boy!\Contacts
2008-08-20 23:04 . 2008-09-01 23:40 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-08-20 22:59 . 2008-08-20 23:04 <DIR> d-------- C:\Program Files\Windows Live
2008-08-20 22:59 . 2008-08-20 23:04 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-08-20 22:58 . 2008-08-23 16:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-08-20 22:37 . 2008-08-20 22:37 26 --a------ C:\WINDOWS\dvdSanta.INI
2008-08-20 22:32 . 2008-08-20 22:32 <DIR> d-------- C:\TempDVD
2008-08-20 18:38 . 2008-08-20 18:38 <DIR> d-------- C:\Program Files\Any Video Converter
2008-08-20 18:38 . 2008-08-27 14:55 <DIR> d-------- C:\Documents and Settings\davie boy!\Application Data\Any Video Converter
2008-08-20 18:32 . 2008-08-20 18:33 <DIR> d-------- C:\Documents and Settings\davie boy!\Application Data\Any DVD Converter Professional
2008-08-20 16:22 . 2008-08-20 16:23 <DIR> d-------- C:\Documents and Settings\davie boy!\Application Data\Media Player Classic
2008-08-20 12:13 . 2008-08-20 12:13 <DIR> d-------- C:\Documents and Settings\princess tommo\Saved Games
2008-08-20 01:42 . 2008-08-20 02:00 <DIR> d-------- C:\Documents and Settings\davie boy!\Application Data\ForgottenRiddles2
2008-08-20 01:22 . 2008-08-20 01:22 <DIR> d-------- C:\Documents and Settings\davie boy!\Saved Games
2008-08-20 01:04 . 2008-09-02 11:16 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-20 00:13 . 2006-03-22 13:53 337,320 --a------ C:\WINDOWS\difxapi.dll
2008-08-20 00:13 . 2006-04-28 01:56 49,152 --a------ C:\WINDOWS\InstFunc.exe
2008-08-20 00:13 . 2008-06-27 06:53 12,288 --a------ C:\WINDOWS\InstFunc.dll
2008-08-19 23:56 . 2008-07-04 07:34 860,160 --a------ C:\WINDOWS\system32\lameACM.acm
2008-08-19 23:56 . 2008-01-10 13:15 755,027 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-08-19 23:56 . 2004-01-25 17:18 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-08-19 23:56 . 2007-09-04 17:56 164,352 --a------ C:\WINDOWS\system32\unrar.dll
2008-08-19 23:56 . 2008-01-10 13:16 159,839 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-08-19 23:56 . 2007-09-21 01:52 118,784 --a------ C:\WINDOWS\system32\ac3acm.acm
2008-08-19 23:56 . 2007-10-03 16:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml
2008-08-19 23:56 . 2008-07-30 20:09 38 --a------ C:\WINDOWS\avisplitter.ini
2008-08-19 23:55 . 2008-08-19 23:56 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2008-08-19 23:55 . 2004-01-11 23:00 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2008-08-19 23:55 . 2008-06-12 19:36 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-08-19 23:55 . 2007-07-10 17:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-08-19 23:21 . 2008-09-06 18:46 <DIR> d-------- C:\Documents and Settings\davie boy!\Application Data\uTorrent
2008-08-19 23:19 . 2008-08-19 23:22 <DIR> d-------- C:\Documents and Settings\davie boy!\Application Data\AVGTOOLBAR
2008-08-19 23:15 . 2008-09-04 14:50 <DIR> d--h----- C:\$AVG8.VAULT$
2008-08-19 22:11 . 2008-09-06 00:02 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-02 22:58 88,576 ----a-w C:\WINDOWS\system32\AntiXPVSTFix.exe
2008-09-02 15:51 86,528 ----a-w C:\WINDOWS\system32\VACFix.exe
2008-08-28 21:36 82,432 ----a-w C:\WINDOWS\system32\IEDFix.C.exe
2008-08-19 23:59 0 ----a-w C:\Program Files\temp01
2008-08-19 21:01 1,609 ----a-w C:\Program Files\INSTALL.LOG
2008-08-19 20:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2008-08-19 19:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-08-19 18:44 --------- d-----w C:\Program Files\microsoft frontpage
2008-08-18 11:19 82,432 ----a-w C:\WINDOWS\system32\404Fix.exe
2008-07-25 08:36 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-07-23 16:50 9,464 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-07-23 16:50 9,336 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-07-23 16:50 43,528 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
2008-07-23 16:50 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-07-23 16:50 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2008-07-23 16:50 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2008-07-23 16:50 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2008-07-23 16:48 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-07-23 16:48 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-07-23 16:46 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-07-18 21:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 21:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 21:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 21:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 21:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 21:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 21:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 21:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-07 20:26 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-27 06:19 1,571,001 ----a-w C:\WINDOWS\system32\sisgl.dll
2008-06-27 06:02 3,467,264 ----a-w C:\WINDOWS\system32\sisgrv.dll
2008-06-27 05:54 9,728 ----a-w C:\WINDOWS\system32\SiSPIns2.dll
2008-06-27 05:53 49,152 ----a-w C:\WINDOWS\system32\SiSBase.dll
2008-06-27 05:53 258,048 ----a-w C:\WINDOWS\system32\SiSParse.dll
2008-06-27 05:53 172,032 ----a-w C:\WINDOWS\system32\SiSInst.dll
2008-06-24 16:43 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 16:57 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:46 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2003-08-19 01:04 1,024,512 ----a-w C:\Program Files\zeropop.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-08-29 1235736]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 15360]
C:\Documents and Settings\princess tommo\Start Menu\Programs\Startup\
0pop.lnk - C:\Program Files\zeropop.exe [2003-08-19 1024512]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="C:\\Documents and Settings\\All Users\\Application Data\\TuneUp Software\\TuneUp Utilities\\WinStyler\\tu_logonui.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\WINDOWS\\system32\\mmc.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\dxdiag.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-08-29 97928]
R2 avg8emc;AVG Free8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-08-29 875288]
R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-29 231704]
R2 AvgTdiX;AVG Free8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-08-19 76040]
R2 MSCamSvc;MSCamSvc;c:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 271720]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 Aldebaran;Aldebaran - Storage Filter Drivers;C:\WINDOWS\system32\Drivers\Aldebaran.sys [ ]
S3 getPlus(R) Helper;getPlus(R) Helper;C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
S3 s125bus;Sony Ericsson Device 125 driver (WDM);C:\WINDOWS\system32\DRIVERS\s125bus.sys [2007-04-24 83336]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-09-01 355584]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-Cmaudio - cmicnfg.cpl
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\davie boy!\Application Data\Mozilla\Firefox\Profiles\jjhskzfs.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.co.uk/
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-06 20:44:07
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-09-06 20:46:14
ComboFix-quarantined-files.txt 2008-09-06 19:46:09
Pre-Run: 51,696,246,784 bytes free
Post-Run: 51,820,003,328 bytes free
254 --- E O F --- 2008-09-04 12:55:26
|
Senior Member
|
7. September 2008 @ 02:34 |
Link to this message
|
|
Hey aismoked
you look pretty clean to me. Does your computer still have any more problems?
Best Regards :D
Life is but a dream; you dont feel any pain unless you want to or you fall off the bed.
Success is relative; the more success the more relatives.
A computer once beat me at chess, but it was no match for me at kickboxing.
To be or not to be; thats a dumb question.
|
|
Advertisement
|
|
|
Junior Member
|
7. September 2008 @ 13:24 |
Link to this message
|
No, thanks m8 comp is runnin smoothly now
|
|
