1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Hijack this log

Discussion in 'Virus & Other Malware Removal' started by nath52, Nov 7, 2007.

Thread Status:
Not open for further replies.
  1. nath52

    nath52 Thread Starter

    Joined:
    Nov 4, 2007
    Messages:
    18
    omboFix 07-11-05.2 - Nikita 2007-11-07 20:04:45.4 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.353 [GMT 0:00]
    Running from: C:\Documents and Settings\Nikita\Desktop\ComboFix.exe
    .

    ((((((((((((((((((((((((( Files Created from 2007-10-07 to 2007-11-07 )))))))))))))))))))))))))))))))
    .

    2007-11-06 08:14 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2007-11-05 22:18 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
    2007-11-05 22:18 <DIR> d-------- C:\Documents and Settings\Nikita\Application Data\SUPERAntiSpyware.com
    2007-11-05 22:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2007-11-05 22:16 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2007-11-05 18:42 <DIR> d-------- C:\Documents and Settings\Nikita\Application Data\MSNInstaller
    2007-11-05 07:01 <DIR> d-------- C:\Program Files\Trend Micro
    2007-11-04 17:43 6,058,496 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\ieframe.dll
    2007-11-04 17:43 2,455,488 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\ieapfltr.dat
    2007-11-04 17:43 459,264 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\msfeeds.dll
    2007-11-04 17:43 383,488 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\ieapfltr.dll
    2007-11-04 17:43 267,776 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\iertutil.dll
    2007-11-04 17:43 63,488 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\icardie.dll
    2007-11-04 17:43 52,224 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\msfeedsbs.dll
    2007-11-04 17:43 13,824 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\ieudinit.exe
    2007-10-24 20:38 <DIR> d-------- C:\Documents and Settings\Nikita\Shared
    2007-10-24 20:38 <DIR> d-------- C:\Documents and Settings\Nikita\Incomplete
    2007-10-24 20:38 <DIR> d-------- C:\Documents and Settings\Nikita\Application Data\LimeWire
    2007-10-22 17:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
    2007-10-18 12:04 <DIR> d-------- C:\Program Files\Picasa2
    2007-10-17 12:52 <DIR> d-------- C:\Program Files\eBay
    2007-10-17 12:52 <DIR> d-------- C:\Documents and Settings\All Users\eBay
    2007-10-14 10:38 <DIR> d-------- C:\WINDOWS\__SkypeIEToolbar_Cache
    2007-10-13 14:05 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
    2007-10-13 13:51 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2007-10-12 21:29 90,800 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\se44unic.sys
    2007-10-12 21:29 88,624 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\se44mgmt.sys
    2007-10-12 21:29 86,432 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\se44obex.sys
    2007-10-12 21:29 18,704 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\se44nd5.sys
    2007-10-12 21:29 4,128 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\se44cr.sys
    2007-10-12 21:05 97,088 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\se44mdm.sys
    2007-10-12 21:05 9,360 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\se44mdfl.sys
    2007-10-12 21:05 6,240 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\se44cmnt.sys
    2007-10-12 21:05 6,240 -ra------ C:\WINDOWS\SYSTEM32\DRIVERS\se44cm.sys
    2007-10-12 21:04 <DIR> d-------- C:\Documents and Settings\Nikita\Application Data\Teleca
    2007-10-12 21:02 <DIR> d-------- C:\Documents and Settings\Nikita\Application Data\Sony Ericsson
    2007-10-12 20:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
    2007-10-12 20:54 <DIR> d-------- C:\Program Files\Sony Ericsson
    2007-10-12 20:54 <DIR> d-------- C:\Program Files\Common Files\Teleca Shared
    2007-10-12 20:54 <DIR> d-------- C:\Program Files\Common Files\Sony Ericsson Shared
    2007-10-12 20:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Teleca
    2007-10-12 20:28 <DIR> d-------- C:\Program Files\Apple Software Update
    2007-10-12 20:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
    2007-10-12 10:52 1,044,480 -ra------ C:\WINDOWS\SYSTEM32\roboex32.dll
    2007-10-12 07:38 <DIR> d-------- C:\WINDOWS\SYSTEM32\aliedit
    2007-10-10 01:42 584,192 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\rpcrt4.dll

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-11-07 20:04 --------- d-----w C:\Documents and Settings\Nikita\Application Data\Skype
    2007-11-07 18:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
    2007-11-06 08:22 --------- d-----w C:\Program Files\Spyware Doctor
    2007-11-05 10:04 --------- d-----w C:\Documents and Settings\Nikita\Application Data\SiteAdvisor
    2007-11-04 17:39 --------- d-----w C:\Program Files\Google
    2007-10-28 08:45 --------- d-----w C:\Documents and Settings\NetworkService\Application Data\SiteAdvisor
    2007-10-25 05:24 --------- d-----w C:\Program Files\MyBroker
    2007-10-24 10:31 --------- d-----w C:\Documents and Settings\Nikita\Application Data\Image Zone Express
    2007-10-22 15:49 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2007-10-14 14:06 --------- d-----w C:\Program Files\Java
    2007-10-13 14:57 --------- d-----w C:\Program Files\QuickTime
    2007-10-13 14:03 --------- d-----w C:\Program Files\Norton Security Scan
    2007-10-12 06:15 41,600 ----a-w C:\Documents and Settings\Nikita\Application Data\GDIPFONTCACHEV1.DAT
    2007-10-04 16:11 29,000 ----a-w C:\WINDOWS\system32\drivers\kcom.sys
    2007-10-04 16:10 79,688 ----a-w C:\WINDOWS\system32\drivers\iksyssec.sys
    2007-10-04 16:10 62,280 ----a-w C:\WINDOWS\system32\drivers\iksysflt.sys
    2007-10-04 16:10 41,288 ----a-w C:\WINDOWS\system32\drivers\ikfilesec.sys
    2007-10-01 14:01 75,264 ----a-w C:\WINDOWS\OFLink.dll
    2007-09-28 06:39 --------- d-----w C:\Program Files\Sony
    2007-09-27 22:51 --------- d-----w C:\Documents and Settings\Nikita\Application Data\Sony Corporation
    2007-09-17 20:39 --------- d-----w C:\Program Files\MSECache
    2007-09-14 13:54 --------- d-----w C:\Program Files\Common Files\Skype
    2007-09-14 11:53 --------- d-----w C:\Documents and Settings\Nikita\Application Data\PC Tools
    2007-09-13 18:58 --------- d-----w C:\Documents and Settings\Nikita\Application Data\DisplayTune
    2007-09-13 18:54 --------- d-----w C:\Program Files\Portrait Displays
    2007-09-13 18:54 --------- d-----w C:\Program Files\Common Files\Portrait Displays
    2007-08-22 12:55 474,112 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\shlwapi.dll
    2007-08-22 12:55 151,040 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\cdfview.dll
    2007-08-22 12:55 1,498,112 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\shdocvw.dll
    2007-08-22 12:55 1,054,208 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\danim.dll
    2007-08-22 12:55 1,022,976 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\browseui.dll
    2007-08-21 06:15 683,520 ----a-w C:\WINDOWS\SYSTEM32\inetcomm.dll
    2007-08-21 06:15 683,520 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\inetcomm.dll
    2007-08-20 15:34 3,584,512 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtml.dll
    2007-08-20 10:04 824,832 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\wininet.dll
    2007-08-20 10:04 671,232 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\mstime.dll
    2007-08-20 10:04 477,696 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtmled.dll
    2007-08-20 10:04 44,544 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iernonce.dll
    2007-08-20 10:04 384,512 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iedkcs32.dll
    2007-08-20 10:04 27,648 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\jsproxy.dll
    2007-08-20 10:04 232,960 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\webcheck.dll
    2007-08-20 10:04 230,400 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieaksie.dll
    2007-08-20 10:04 214,528 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtrans.dll
    2007-08-20 10:04 193,024 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msrating.dll
    2007-08-20 10:04 153,088 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieakeng.dll
    2007-08-20 10:04 132,608 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\extmgr.dll
    2007-08-20 10:04 124,928 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\advpack.dll
    2007-08-20 10:04 105,984 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\url.dll
    2007-08-20 10:04 102,400 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\occache.dll
    2007-08-20 10:04 1,152,000 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\urlmon.dll
    2007-08-17 10:21 625,152 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iexplore.exe
    2007-08-17 10:20 63,488 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ie4uinit.exe
    2007-08-17 07:34 161,792 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieakui.dll
    2007-08-13 18:54 413,696 ----a-w C:\WINDOWS\SYSTEM32\vbscript.dll
    2007-08-13 18:54 413,696 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\vbscript.dll
    2007-08-13 18:54 33,792 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\custsat.dll
    2007-08-13 18:54 191,488 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\iepeers.dll
    2007-08-13 18:54 156,160 ----a-w C:\WINDOWS\SYSTEM32\msls31.dll
    2007-08-13 18:54 156,160 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msls31.dll
    2007-08-13 18:45 78,336 ----a-w C:\WINDOWS\SYSTEM32\ieencode.dll
    2007-08-13 18:45 78,336 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieencode.dll
    2007-08-13 18:44 69,120 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\iedw.exe
    2007-08-13 18:44 40,960 ----a-w C:\WINDOWS\SYSTEM32\licmgr10.dll
    2007-08-13 18:44 40,960 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\licmgr10.dll
    2007-08-13 18:42 17,408 ----a-w C:\WINDOWS\SYSTEM32\corpol.dll
    2007-08-13 18:42 17,408 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\corpol.dll
    2007-08-13 18:39 92,672 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\inseng.dll
    2007-08-13 18:39 71,680 ----a-w C:\WINDOWS\SYSTEM32\admparse.dll
    2007-08-13 18:39 71,680 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\admparse.dll
    2007-08-13 18:39 55,296 ----a-w C:\WINDOWS\SYSTEM32\iesetup.dll
    2007-08-13 18:39 55,296 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iesetup.dll
    2007-08-13 18:38 491,520 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\jscript.dll
    2007-08-13 18:36 44,544 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\pngfilt.dll
    2007-08-13 18:36 36,352 ----a-w C:\WINDOWS\SYSTEM32\imgutil.dll
    2007-08-13 18:36 36,352 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\imgutil.dll
    2007-08-13 18:35 346,624 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtmsft.dll
    2007-08-13 18:32 45,568 ----a-w C:\WINDOWS\SYSTEM32\mshta.exe
    2007-08-13 18:32 45,568 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\mshta.exe
    2007-08-13 18:18 60,416 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\hmmapi.dll
    2007-08-13 18:01 48,128 ----a-w C:\WINDOWS\SYSTEM32\mshtmler.dll
    2007-08-13 18:01 48,128 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtmler.dll
    .

    ((((((((((((((((((((((((((((( [email protected]_ 8.31.54.43 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2007-11-06 08:31:25 9,264 ----a-w C:\WINDOWS\SYSTEM32\msqtvcap.dat
    + 2007-11-06 23:53:09 9,264 ----a-w C:\WINDOWS\SYSTEM32\msqtvcap.dat
    - 2007-04-02 14:21:27 139,776 ----a-w C:\WINDOWS\SYSTEM32\swreg.exe
    + 2007-07-22 18:39:27 279,552 ----a-w C:\WINDOWS\SYSTEM32\swreg.exe
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A51D8FA4-C859-473D-9E18-FA0C59D16FA3}]
    2007-10-01 14:01 75264 --a------ C:\WINDOWS\OFLink.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [2004-04-11 20:15]
    "SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-06-30 13:33]
    "IntelMeM"="C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-03 20:12]
    "UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" []
    "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-09-20 09:35]
    "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-09-20 09:32]
    "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-09-20 09:36]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-12-15 10:18]
    "SiteAdvisor"="C:\Program Files\SiteAdvisor\6172\SiteAdv.exe" [2007-01-17 19:24]
    "RegistryMechanic"="" []
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
    "DT HPW"="C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe" [2007-04-25 11:36]
    "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 05:00 C:\WINDOWS\SYSTEM32\BTHPROPS.CPL]
    "TradeManager"="C:\PROGRA~1\Alibaba\TRADEM~1\TradeManager -hideframe" []
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 18:51]
    "winthelp"="C:\WINDOWS\winthelp.exe" [2007-01-18 00:46]
    "My Web Search Bar Search Scope Monitor"="C:\PROGRA~1\MYWEBS~1\bar\3.bin\m3SrchMn.exe" []

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-12 10:15]
    "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2005-11-10 18:09:00]
    Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-09-14 10:52:34]
    NETGEAR WG111T Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111T\wlan111t.exe [2006-09-12 21:17:31]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell ExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxs ervice"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcore service"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
    backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
    backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
    "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
    "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
    "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    "C:\Program Files\QuickTime\QTTask.exe" -atboottime

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
    "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedTouch USB Diagnostics]
    "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
    "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]

    R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);"c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ
    R2 SQLWriter;SQL Server VSS Writer;"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
    R3 AR5523;NETGEAR WG111T USB2.0 Wireless Card Service;C:\WINDOWS\system32\DRIVERS\wg11tnd5.sys
    R3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;\??\C:\WINDOWS\system32\DNINDIS5.SYS
    S3 ATHFMWDL;NETGEAR WG111T bootloader driver;C:\WINDOWS\system32\Drivers\ATHFMWDL.sys
    S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys
    S3 BrSerIf;Brother MFC Serial Port Interface WDM Driver;C:\WINDOWS\system32\Drivers\BrSerIf.sys
    S3 BrUsbSer;Brother MFC USB Serial WDM Driver;C:\WINDOWS\system32\Drivers\BrUsbSer.sys
    S3 PD1170VID;Creative WebCam Notebook;C:\WINDOWS\system32\DRIVERS\p1170vid.sys
    S3 se44bus;Sony Ericsson Device 068 driver (WDM);C:\WINDOWS\system32\DRIVERS\se44bus.sys
    S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se44mdfl.sys
    S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se44mdm.sys
    S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se44mgmt.sys
    S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS);C:\WINDOWS\system32\DRIVERS\se44nd5.sys
    S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se44obex.sys
    S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM);C:\WINDOWS\system32\DRIVERS\se44unic.sys

    .
    Contents of the 'Scheduled Tasks' folder
    "2007-10-12 20:28:16 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2007-06-12 12:31:16 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
    - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
    "2007-02-12 10:44:56 C:\WINDOWS\Tasks\McDefragTask.job"
    - c:\program files\mcafee\mqc\QcConsol.exe
    "2007-02-12 10:44:55 C:\WINDOWS\Tasks\McQcTask.job"
    - c:\program files\mcafee\mqc\QcConsol.exe
    "2007-10-13 13:49:15 C:\WINDOWS\Tasks\Norton Security Scan.job"
    - C:\Program Files\Norton Security Scan\Nss.exe
    .
    **************************************************************************

    catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-11-07 20:08:07
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-11-07 20:09:14
    C:\ComboFix2.txt ... 2007-11-06 17:23
    C:\ComboFix3.txt ... 2007-11-06 09:09
    .
    --- E O F ---
    Nath52
     
  2. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/649086

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice