Jump to content

tommyscouse

Members
  • Content Count

    108
  • Joined

  • Last visited

About tommyscouse

  • Rank
    Member
  1. still saying i have the latest drivers?? ive been to speedtest.net and done the sped test the results as follows---- with erthnet cable.. download=0.25 upload=0.38 ping=67ms wireless...download=0.25 upload=0.38 ping=89ms not sure what these meen? the site tells me i should be able to download a mp3 song in 3 minutes???? i dont think so more like 30 minutes?? im really pulling my hair out now also on the pcpitstop ping test all results came back grey 2000 ?
  2. cheers, downloaded them at work so will take home and try.
  3. done that it says the best driver software for my device is already installed??? my laptop is acer aspire 5735, using wireless wifi link 5100
  4. sorry to sound thick...how do i do that... laptop tellin me all drivers are up to date.. but not sure if that means my netwok divers???
  5. Having swapped my laptop with xp to one with vista basic, my internet seems to be extremley slow. im on virgin and wondered if there were any settings on my router to help?? my router is netgear DG834g v4 . For eg downloading an update for itunes or nokia pc suite takes over 40 mins??? surley this is right.. i never had this problem on my xp laptop. ive updated my router firmware but still no joy
  6. Got a brand new acer laptop, with vista basic, it tells me network connected but 90% of time IE just brings the usuall message up cannot connect/find site!!!!! really really annoying, my router is a netgear one, im on virgin.. never ever ever had this problem with my old laptop with xp a month ago.. The problem seems to be IE as ive downloaded the new google browser and it works ok ish but its only the beta version so. when i click on my network it shows a green line running from router to network and then from network to web, but then it dies and a cross come on from network to web.. is my router buggered... i give up its doing my head in,, brand new laptop and cant use correctly
  7. hi just installed my netgear router supplied by virgin, wirless works fine and is quite quick. but how do i secure it?? ive gone to router sign in and changed the name and enabled wep? but then the wirless goes off.. im usually ok with computers but i cannot seem to grasp this at all. CAN SOMEONE PLEASE PLEASE PLEASE talk me through it in very very very easy to understand terms thanks in advance tommy
  8. juliet pc working fine at the minute, thank you for your help... "will you marry me?"" lol im going to keep using avg and will install commodo firewall. all this mess started because the pc was the secretarys and she didnt have anything to protect and never mentioned that the pc was infected. once again thank you
  9. i right click start button click explore but cannot see the above file link?
  10. I HAVE JUST SCANNED WITH AVG, IT FOUND TO GENERIC TROJANS,I HEALED THEM SCANNED AGAIN AND IT SAID ALL CLEAR?
  11. kapersky log (doesnt look very good) KASPERSKY ONLINE SCANNER REPORT Tuesday, April 15, 2008 8:54:37 AM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 15/04/2008 Kaspersky Anti-Virus database records: 705714 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ Scan Statistics: Total number of scanned objects: 43444 Number of viruses found: 14 Number of infected objects: 26 Number of suspicious objects: 0 Duration of the scan process: 00:42:15 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\LocalService\Application Data\AVG7\l_000107.log Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT.LOG Object is locked skipped C:\Documents and Settings\Sam Robinson\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Sam Robinson\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Sam Robinson\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Sam Robinson\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Sam Robinson\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Sam Robinson\ntuser.dat Object is locked skipped C:\Documents and Settings\Sam Robinson\NTUSER.DAT.LOG Object is locked skipped C:\QooBox\Quarantine\C\WINDOWS\system32\crkocecr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.mju skipped C:\QooBox\Quarantine\C\WINDOWS\system32\nnnmjhhi.dll.vir Infected: Packed.Win32.Monder.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\solycnbg.dll.vir Infected: Packed.Win32.Monder.gen skipped C:\QooBox\Quarantine\C\WINDOWS\system32\vrkvjrch.dll.vir Infected: Packed.Win32.Monder.gen skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP13\A0000405.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.mju skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP13\A0000406.dll Infected: Packed.Win32.Monder.gen skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP14\change.log Object is locked skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP4\A0000088.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.aq skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP4\A0000089.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ad skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP4\A0000090.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.an skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP4\A0000091.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.at skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP4\A0000092.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP4\A0000093.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.af skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP4\A0000094.SCR Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP4\A0000095.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ax skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP4\A0000096.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP4\A0000097.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP4\A0000098.scr Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP4\A0000099.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP4\A0000100.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.v skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP4\A0000101.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.w skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP4\A0000102.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bd skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP4\A0000103.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ab skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP4\A0000104.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP9\A0000277.dll Infected: Packed.Win32.Monder.gen skipped C:\System Volume Information\_restore{A55E0F2E-558E-457B-B29E-359707F2AE0C}\RP9\A0000278.dll Infected: Packed.Win32.Monder.gen skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb Object is locked skipped C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log Object is locked skipped C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb Object is locked skipped C:\WINDOWS\SoftwareDistribution\EventCache\{3BA6152A-6AE3-4D39-9049-8A909B1B6CC9}.bin Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edbtmp.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\drivers\etc\hosts.msn Infected: Trojan.Win32.Qhost skipped C:\WINDOWS\system32\LogFiles\HTTPERR\httperr1.log Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed.
  12. it will not find the above windows path? i tried three times!! shall i carry on from were i left off yesterday? i had got to the the cleanmgr, select drive c bit. running ok at the min but, we shall see
  13. run cleanmgr, i now have to leave it till tomoz so will carry on in morning. thank you
  14. new hijack log with internet disabled ComboFix 08-04-13.3 - Sam Robinson 2008-04-14 15:37:04.2 - NTFSx86 Running from: C:\Documents and Settings\Sam Robinson\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\Sam Robinson\Desktop\cfscript.txt * Created a new restore point FILE :: C:\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe C:\WINDOWS\system32\awtrpoNe.dll C:\WINDOWS\system32\crkocecr.dll c:\windows\system32\fvdonarl.exe C:\WINDOWS\system32\nnnmjhhi.dll . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\DriveCleaner 2006 Free C:\Program Files\DriveCleaner 2006 Free\UDCShell.dll C:\WINDOWS\system32\crkocecr.dll C:\WINDOWS\system32\EOoVyJlm.ini C:\WINDOWS\system32\EOoVyJlm.ini2 C:\WINDOWS\system32\mlJyVoOE.dll C:\WINDOWS\system32\nnnmjhhi.dll . ((((((((((((((((((((((((( Files Created from 2008-03-14 to 2008-04-14 ))))))))))))))))))))))))))))))) . 2008-04-11 14:49 . 2008-04-11 14:49 <DIR> d-------- C:\Program Files\Trend Micro 2008-04-11 10:31 . 2008-04-11 10:37 <DIR> d-------- C:\Documents and Settings\Sam Robinson\.housecall6.6 2008-04-11 10:21 . 2008-04-11 10:21 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS 2008-04-11 10:18 . 2008-04-11 10:18 <DIR> d-------- C:\Program Files\Sophos 2008-04-11 08:47 . 2008-04-11 08:47 <DIR> d-------- C:\Program Files\SpywareBlaster 2008-04-11 08:47 . 2005-08-25 18:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX 2008-04-11 06:45 . 2008-04-11 06:45 <DIR> d-------- C:\Program Files\Lavasoft 2008-04-11 06:45 . 2008-04-11 06:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-04-11 06:44 . 2008-04-11 06:44 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-04-11 06:43 . 2008-04-11 06:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BOC425 2008-04-11 06:43 . 2007-11-26 10:38 238,848 --a------ C:\WINDOWS\UNBOC.EXE 2008-04-11 06:43 . 2007-05-08 17:01 208,896 --a------ C:\WINDOWS\CMDLIC.DLL 2008-04-11 06:43 . 2004-08-04 13:00 22,528 --a------ C:\WINDOWS\system32\wsock32.dlb 2008-04-11 06:42 . 2008-04-14 15:44 7,280 --a------ C:\WINDOWS\BOC425.INI 2008-04-10 16:38 . 2008-04-10 16:38 1,374 --a------ C:\WINDOWS\system32\wpa.bak 2008-04-10 16:06 . 2004-08-04 13:00 2,178,131 --a--c--- C:\WINDOWS\system32\dllcache\shvlres.dll 2008-04-10 16:05 . 2004-08-04 13:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll 2008-04-10 16:04 . 2004-08-04 13:00 1,817,687 --a--c--- C:\WINDOWS\system32\dllcache\bckgres.dll 2008-04-10 16:00 . 2008-04-10 16:00 749 -rah----- C:\WINDOWS\WindowsShell.Manifest 2008-04-10 16:00 . 2008-04-10 16:00 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest 2008-04-10 16:00 . 2008-04-10 16:00 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest 2008-04-10 16:00 . 2008-04-10 16:00 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest 2008-04-10 16:00 . 2008-04-10 16:00 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest 2008-04-10 15:50 . 2004-08-04 13:00 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll 2008-04-10 15:50 . 2004-08-04 13:00 24,661 --a--c--- C:\WINDOWS\system32\dllcache\spxcoins.dll 2008-04-10 15:50 . 2004-08-04 13:00 13,312 --a------ C:\WINDOWS\system32\irclass.dll 2008-04-10 15:50 . 2004-08-04 13:00 13,312 --a--c--- C:\WINDOWS\system32\dllcache\irclass.dll 2008-04-10 15:50 . 2008-04-10 15:50 34 --a------ C:\WINDOWS\system\oeminfo.ini 2008-04-10 10:17 . 2008-04-11 06:42 <DIR> d-------- C:\Program Files\COMODO 2008-04-10 10:17 . 2008-04-10 14:24 <DIR> d-------- C:\Documents and Settings\Sam Robinson\Application Data\Comodo 2008-04-10 10:17 . 2008-04-10 14:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\comodo 2008-04-10 06:46 . 2008-04-10 15:12 18,823 --a------ C:\WINDOWS\setupapi.old 2008-04-09 16:47 . 2008-04-09 16:47 183 --a------ C:\WINDOWS\wininit.ini 2008-04-09 15:32 . 2008-04-09 15:32 <DIR> d-------- C:\Program Files\IObit 2008-04-09 13:25 . 2008-04-09 13:27 100,427 --a------ C:\WINDOWS\hpdj9300.his 2008-04-09 13:25 . 2008-04-09 13:27 7,965 --a------ C:\WINDOWS\hpdj9300.ini 2008-04-09 12:59 . 2008-04-10 15:07 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-04-09 12:59 . 2008-04-10 15:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-04-09 08:50 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys 2008-03-28 11:17 . 2008-03-28 11:23 <DIR> d-------- C:\WINDOWS\SxsCaPendDel . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-14 07:00 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7 2008-04-14 06:34 --------- d-----w C:\Program Files\Google 2008-04-11 06:05 --------- d-----w C:\Documents and Settings\Sam Robinson\Application Data\AVG7 2008-04-11 05:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\AVG7 2008-04-10 14:08 --------- d-----w C:\Program Files\BigFix 2008-04-09 09:02 --------- d-----w C:\Program Files\Java 2008-04-09 06:52 --------- d-----w C:\Program Files\MSN Games 2008-04-09 06:51 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-04-09 06:51 --------- d-----w C:\Program Files\Common Files\Sage SBD 2008-04-09 06:51 --------- d-----w C:\Program Files\Common Files\Sage Line50 2008-03-28 10:17 --------- d-----w C:\Program Files\MSN Messenger 2008-02-21 12:26 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-02-21 11:26 --------- d-----w C:\Documents and Settings\Sam Robinson\Application Data\Flood Light Games 2008-02-21 11:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Flood Light Games 2007-03-02 11:53 309 ----a-w C:\Documents and Settings\Sam Robinson\Application Data\bbbconfig.dat 2006-05-09 12:54 774,144 -c--a-w C:\Program Files\RngInterstitial.dll 2006-02-02 15:13 1,030 -csha-w C:\WINDOWS\system\nodemgr.sys 2002-04-16 11:27 5 --sha-w C:\WINDOWS\system32\CdI5T.drv . ((((((((((((((((((((((((((((( [email protected]_10.17.26.26 ))))))))))))))))))))))))))))))))))))))))) . - 2008-04-14 09:15:11 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-04-14 14:44:04 2,048 --s-a-w C:\WINDOWS\bootstat.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 13:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BOC-425"="C:\PROGRA~1\Comodo\CBOClean\BOC425.exe" [2007-11-26 10:38 342272] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-25 09:12 219136] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [ ] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveSearch"= 1 (0x1) [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Sonic CinePlayer Quick Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Sonic CinePlayer Quick Launch.lnk backup=C:\WINDOWS\pss\Sonic CinePlayer Quick Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Utility Tray.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Utility Tray.lnk backup=C:\WINDOWS\pss\Utility Tray.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC] --a------ 2008-01-02 09:52 579072 C:\PROGRA~1\Grisoft\AVG7\avgcc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BM9ff45059] C:\WINDOWS\system32\solycnbg.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BOC-425] --a------ 2007-11-26 10:38 342272 C:\PROGRA~1\Comodo\CBOClean\BOC425.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BullGuard 5.0] C:\Program Files\BullGuard Software\BullGuard 5.0\bullguard.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] --a------ 2004-08-04 13:00 15360 C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fvdonarl] c:\windows\system32\fvdonarl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --------- 2004-10-13 17:24 1694208 C:\Program Files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Protect] --a------ 2005-02-04 11:58 1011712 C:\WINDOWS\system32\SHVRTF.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc] --a------ 2005-03-01 16:52 1695744 C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSPower] --a------ 2005-05-26 03:01 49152 C:\WINDOWS\system32\SiSPower.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiSUSBRG] --a------ 2002-07-12 11:15 106496 C:\WINDOWS\SiSUSBrg.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX] --a------ 2004-09-23 13:41 860160 C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] --a------ 2004-10-14 10:11 1388544 C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2008-02-22 04:25 144784 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"= "C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"= R1 Cinemsup;Cinemsup;C:\WINDOWS\system32\drivers\Cinemsup.sys [2003-12-19 03:00] S3 MEMSWEEP2;MEMSWEEP2;C:\WINDOWS\system32\B88.tmp [] . Contents of the 'Scheduled Tasks' folder "2008-04-14 14:20:02 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE . ************************************************************************** catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-14 15:44:36 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2] "ImagePath"="\??\C:\WINDOWS\system32\B88.tmp" . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\COMODO\CBOClean\BOCore.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe . ************************************************************************** . Completion time: 2008-04-14 15:45:51 - machine was rebooted ComboFix-quarantined-files.txt 2008-04-14 14:45:48 ComboFix2.txt 2008-04-14 09:18:16 Pre-Run: 148,273,115,136 bytes free Post-Run: 148,294,864,896 bytes free . 2008-04-14 14:01:29 --- E O F ---
×
×
  • Create New...