combofix - notepad

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by armani83, May 30, 2007.

  1. armani83

    armani83 Regular member

    Joined:
    May 2, 2007
    Messages:
    145
    Likes Received:
    0
    Trophy Points:
    26
    "Jenni" - 2007-05-30 11:16:29 Service Pack 2
    ComboFix 07-05.27.V - Running from: "C:\Program Files\Mozilla Firefox\"


    ((((((((((((((((((((((((((((((( Files Created from 2007-04-28 to 2007-05-30 ))))))))))))))))))))))))))))))))))


    2007-05-30 09:17 <DIR> d-------- C:\Microprose
    2007-05-30 00:20 29,704 --a------ C:\WINDOWS\system32\uxtuneup.dll
    2007-05-30 00:20 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2007-05-30 00:10 <DIR> d-------- C:\Program Files\TuneUp Utilities 2007
    2007-05-29 22:20 <DIR> d-------- C:\DOCUME~1\Jenni\APPLIC~1\TuneUp Software
    2007-05-29 22:19 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
    2007-05-29 21:22 218,112 --a------ C:\scanner.exe.exe
    2007-05-27 17:54 538 --a------ C:\WINDOWS\system32\tmp.reg
    2007-05-27 17:48 <DIR> d-------- C:\VundoFix Backups
    2007-05-23 01:50 <DIR> d-------- C:\Program Files\QuickTime Alternative
    2007-05-23 01:50 <DIR> d-------- C:\Program Files\Media Player Classic
    2007-05-23 01:50 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    2007-05-21 23:46 <DIR> d-------- C:\Program Files\uTorrent
    2007-05-21 23:46 <DIR> d-------- C:\DOCUME~1\Jenni\APPLIC~1\uTorrent
    2007-05-13 19:09 <DIR> d-------- C:\DOCUME~1\Jenni\APPLIC~1\MusicIP
    2007-05-11 00:09 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic
    2007-05-10 23:56 96,374 --a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\firstlsp.reg.dat
    2007-05-09 19:08 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2007-05-07 15:30 <DIR> d-------- C:\Program Files\eMule
    2007-04-27 11:21 63,488 --a------ C:\WINDOWS\system32\unam4ie.exe
    2007-04-27 11:21 38,160 --a------ C:\WINDOWS\system32\LMRTREND.dll
    2007-04-27 11:21 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
    2007-04-27 11:21 182,032 --a------ C:\WINDOWS\system32\dxtmsft3.dll
    2007-04-27 11:20 4,608 --a------ C:\WINDOWS\system32\w95inf32.dll
    2007-04-27 11:20 315,904 --a------ C:\WINDOWS\IsUninst.exe
    2007-04-27 11:20 2,272 --a------ C:\WINDOWS\system32\w95inf16.dll
    2007-04-27 11:20 194,320 --a------ C:\WINDOWS\system32\qcut.dll
    2007-04-27 11:20 10,240 --a------ C:\WINDOWS\system32\vidx16.dll
    2007-04-27 11:20 <DIR> d-------- C:\Documents and Settings\Jenni\WINDOWS
    2007-04-27 11:20 <DIR> d-------- C:\DOCUME~1\Jenni\WINDOWS
    2007-04-27 00:18 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
    2007-04-27 00:16 <DIR> d-------- C:\Program Files\MSBuild
    2007-04-27 00:16 <DIR> d-------- C:\Program Files\Microsoft Works
    2007-04-27 00:14 <DIR> d-------- C:\Program Files\Microsoft.NET
    2007-04-27 00:11 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
    2007-04-27 00:10 <DIR> d-------- C:\WINDOWS\SHELLNEW
    2007-04-27 00:09 <DIR> dr-h----- C:\MSOCache
    2007-04-27 00:09 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    2007-04-24 12:46 720,896 --a------ C:\WINDOWS\iun6002ev.exe
    2007-04-24 12:46 <DIR> d-------- C:\Program Files\Bejeweled 2 Deluxe
    2007-04-24 00:49 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
    2007-04-23 12:49 <DIR> d-------- C:\Program Files\xlt
    2007-04-22 22:51 <DIR> d-------- C:\Program Files\Shockwave.com
    2007-04-21 00:03 118,784 --a------ C:\WINDOWS\system32\MSSTDFMT.DLL
    2007-04-21 00:03 <DIR> d-------- C:\Program Files\SpywareBlaster
    2007-04-20 23:51 <DIR> d-------- C:\Program Files\ToniArts
    2007-04-19 15:32 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
    2007-04-19 15:32 737,280 --a------ C:\WINDOWS\iun6002.exe
    2007-04-19 15:32 <DIR> d-------- C:\Program Files\FireTune
    2007-04-18 19:19 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
    2007-04-18 19:19 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
    2007-04-18 19:19 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
    2007-04-18 19:19 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
    2007-04-18 19:19 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
    2007-04-18 19:19 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
    2007-04-18 19:19 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
    2007-04-18 19:18 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
    2007-04-18 19:13 7,734 --a------ C:\WINDOWS\system32\Repository.reg
    2007-04-18 19:13 527,136 --a------ C:\WINDOWS\system32\LVUI2RC.dll
    2007-04-18 19:13 487,328 --a------ C:\WINDOWS\system32\drivers\LV561AV.SYS
    2007-04-18 19:13 40,352 --a------ C:\WINDOWS\system32\drivers\LVUSBSta.sys
    2007-04-18 19:13 348,160 --a------ C:\WINDOWS\system\msvcr71.dll
    2007-04-18 19:13 264,992 --a------ C:\WINDOWS\system32\lvcodec2.dll
    2007-04-18 19:13 211,744 --a------ C:\WINDOWS\system32\LVUI2.dll
    2007-04-18 19:13 121,632 --a------ C:\WINDOWS\system32\lvcoinst.dll
    2007-04-18 19:12 <DIR> d-------- C:\Program Files\Common Files\Logishrd
    2007-04-18 19:12 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
    2007-04-17 21:11 <DIR> d-------- C:\Program Files\CCleaner
    2007-04-12 22:08 262,144 --a------ C:\DOCUME~1\ALLUSE~1\ntuser.dat
    2007-04-11 23:46 <DIR> d-------- C:\WINDOWS\pss
    2007-04-11 22:30 <DIR> d-------- C:\DOCUME~1\Jenni\APPLIC~1\DivX
    2007-04-11 22:29 116,472 --------- C:\WINDOWS\system32\pxcpyi64.exe
    2007-04-10 20:24 <DIR> d-------- C:\Downloads
    2007-04-08 19:46 <DIR> d-------- C:\DOCUME~1\Jenni\APPLIC~1\vlc
    2007-04-08 19:45 <DIR> d-------- C:\Program Files\VideoLAN
    2007-04-06 20:38 <DIR> d-------- C:\Program Files\Nero
    2007-04-06 20:38 <DIR> d-------- C:\Program Files\Common Files\Ahead
    2007-04-02 20:04 <DIR> d-------- C:\DOCUME~1\Jenni\APPLIC~1\Leadertech
    2007-04-02 20:00 <DIR> d-------- C:\Program Files\Executive Software
    2007-04-02 19:43 <DIR> d-------- C:\DOCUME~1\Jenni\APPLIC~1\AdobeAUM
    2007-04-02 19:42 <DIR> d-------- C:\WINDOWS\Downloaded Installations
    2007-04-01 14:24 75,512 --a------ C:\WINDOWS\zllsputility.exe
    2007-04-01 14:24 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
    2007-04-01 14:24 1,087,216 --a------ C:\WINDOWS\system32\zpeng24.dll


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

    2007-05-29 18:58:07 -------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-05-29 11:31:38 -------- d-----w C:\Program Files\Windows Live Safety Center
    2007-05-19 10:48:43 -------- d-----w C:\Program Files\Winamp
    2007-05-17 20:09:40 31 ----a-w C:\WINDOWS\popcinfo.dat
    2007-04-22 19:51:39 -------- d-----w C:\Program Files\Google
    2007-04-22 19:43:53 1,289 ----a-w C:\WINDOWS\mozver.dat
    2007-04-21 21:17:42 -------- d-----w C:\DOCUME~1\Jenni\APPLIC~1\Ahead
    2007-04-18 16:14:15 -------- d-----w C:\Program Files\Common Files\Logitech
    2007-04-18 16:12:57 -------- d-----w C:\Program Files\Logitech
    2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
    2007-04-01 11:26:26 4,212 ---h--w C:\WINDOWS\system32\zllictbl.dat
    2007-03-28 08:46:51 -------- d-----w C:\DOCUME~1\Jenni\APPLIC~1\Zylom
    2007-03-27 07:55:31 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
    2007-03-17 13:45:03 292,864 ----a-w C:\WINDOWS\system32\winsrv.dll
    2007-03-08 15:48:36 578,048 ----a-w C:\WINDOWS\system32\user32.dll
    2007-03-08 15:48:36 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
    2007-03-08 15:48:36 282,112 ----a-w C:\WINDOWS\system32\gdi32.dll
    2007-03-08 13:49:49 1,843,968 ----a-w C:\WINDOWS\system32\win32k.sys
    2007-03-07 23:51:00 129,784 ------w C:\WINDOWS\system32\pxafs.dll


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
    {72853161-30C5-4D22-B7F9-0BBC1D38A37E}=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 00:48]
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
    {9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 21:33]
    {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}=C:\Program Files\Windows Live Toolbar\msntb.dll [2006-09-27 18:45]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 00:02]
    "avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 10:35]
    "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 17:41]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56]
    "TuneUp MemOptimizer"="C:\Program Files\TuneUp Utilities 2007\MemOptimizer.exe" [2007-04-26 21:50]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2006-09-28 17:13]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [2006-10-27 00:48]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
    "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
    "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
    C:\Program Files\Winamp\winampa.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "TapiSrv"=3 (0x3)
    "SCardSvr"=3 (0x3)

    HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*
    UxTuneUp

    *Newly Created Service* -PROCEXP90

    Contents of the 'Scheduled Tasks' folder
    2007-05-29 21:20:51 C:\WINDOWS\tasks\1-Click Maintenance.job
    2007-05-30 07:49:01 C:\WINDOWS\tasks\Tarkistetaan Windows Live -työkalurivin päivitykset.job

    ********************************************************************

    catchme 0.3.681 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-05-30 11:19:00
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0


    ********************************************************************

    Completion time: 2007-05-30 11:19:54

    --- E O F ---
     
    armani83, May 30, 2007
    #1
  2. Auttaja

    Auttaja Guest

    Turha viesti, tän ketjun voi poistaa.
     
    Auttaja, May 30, 2007
    #2

Share This Page