1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Trojan help please

Discussion in 'Virus & Other Malware Removal' started by rookey, Mar 27, 2008.

Thread Status:
Not open for further replies.
  1. rookey

    rookey Thread Starter

    Joined:
    Mar 26, 2008
    Messages:
    1
    Hi there, my computer has issus big issus it says i've been infected by trojandownloader.xs i've tried everything but i can't the softwares i've got can't seem to pick it up
    can any one help
    i've been on other forms it says i have a to a log with that program and there it is
    Regards Rookey

    ComboFix 08-03-25.4 - Compaq_Owner 2008-03-27 11:07:48.1 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.502 [GMT 0:00]
    Running from: C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\system32\mkghj.dll
    C:\WINDOWS\system32\sysmwwod.dll
    D:\Autorun.inf

    .
    ((((((((((((((((((((((((( Files Created from 2008-02-27 to 2008-03-27 )))))))))))))))))))))))))))))))
    .

    2008-03-27 10:44 . 2008-03-27 10:44 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\TrojanHunter
    2008-03-26 21:14 . 2008-03-26 21:38 <DIR> d-------- C:\Program Files\TrojanHunter 5.0
    2008-03-26 17:37 . 2008-03-06 21:32 23,904 --a------ C:\WINDOWS\system32\drivers\COH_Mon.sys
    2008-03-26 17:37 . 2008-03-06 21:32 10,537 --a------ C:\WINDOWS\system32\drivers\COH_Mon.cat
    2008-03-26 17:37 . 2008-03-06 21:32 706 --a------ C:\WINDOWS\system32\drivers\COH_Mon.inf
    2008-03-26 17:23 . 2008-03-26 17:28 <DIR> d-------- C:\Program Files\ACE-HIGH MP3 WAV WMA OGG Converter
    2008-03-26 17:23 . 2002-11-13 11:14 1,703,936 --a------ C:\WINDOWS\system32\NCTAudioFile.dll
    2008-03-26 17:23 . 2002-06-13 13:50 376,832 --a------ C:\WINDOWS\system32\actskin4.ocx
    2008-03-26 17:23 . 2002-11-06 15:12 360,448 --a------ C:\WINDOWS\system32\NCTWMAFile.dll
    2008-03-26 17:23 . 2002-09-06 11:36 233,472 --a------ C:\WINDOWS\system32\lame_enc.dll
    2008-03-26 17:23 . 2000-12-06 00:00 209,608 --a------ C:\WINDOWS\system32\Tabctl32.ocx
    2008-03-26 17:23 . 2001-08-08 21:00 40,960 --a------ C:\WINDOWS\system32\DGPNorm.ocx
    2008-03-26 16:03 . 2008-03-26 16:03 <DIR> d-------- C:\Program Files\LimeWire
    2008-03-26 15:44 . 2008-03-26 15:44 94,208 --a------ C:\WINDOWS\system32\rmtkpkbg.exe
    2008-03-26 14:21 . 2008-03-26 14:21 <DIR> d-------- C:\Program Files\Uniblue
    2008-03-26 14:00 . 2005-08-25 18:18 118,784 --a------ C:\WINDOWS\system32\MSSTDFMT.DLL
    2008-03-26 14:00 . 2005-08-25 18:19 115,920 --a------ C:\WINDOWS\system32\MSINET.OCX
    2008-03-26 13:10 . 2008-03-26 13:10 1,024 --a------ C:\WINDOWS\system32\drivers\D8205E69-ACF2-40F0-8C3E-FA1A9E44CD63.cxv
    2008-03-26 13:03 . 2008-03-26 13:03 <DIR> d-------- C:\Program Files\Common Files\iS3
    2008-03-26 13:03 . 2008-03-26 14:00 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\STOPzilla!
    2008-03-26 12:51 . 2006-11-05 12:27 991,232 --a------ C:\WINDOWS\system32\VchReg.dll
    2008-03-26 12:51 . 2008-03-26 15:48 63 --a------ C:\WINDOWS\system\SYSRegC.dll
    2008-03-26 12:45 . 2008-03-26 12:45 16 --a------ C:\WINDOWS\system32\coh.cache
    2008-03-26 12:40 . 2008-03-26 13:20 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\uTorrent
    2008-03-26 12:27 . 2008-03-26 12:27 147 --a------ C:\WINDOWS\system32\SDRemoveDB.db
    2008-03-26 12:26 . 2008-03-26 12:26 63 --a------ C:\WINDOWS\system\SysSD.dll
    2008-03-26 11:11 . 2008-03-26 15:30 115,000 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
    2008-03-26 11:11 . 2008-03-26 15:30 48,776 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
    2008-03-26 11:11 . 2008-03-26 15:30 8,014 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
    2008-03-26 11:11 . 2008-03-26 15:30 806 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
    2008-03-26 11:10 . 2008-03-26 15:30 <DIR> d-------- C:\Program Files\Symantec
    2008-03-25 20:17 . 2008-03-25 20:17 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\TuneUp Software
    2008-03-25 19:45 . 2008-03-26 11:09 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
    2008-03-25 19:45 . 2008-03-25 19:45 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\SUPERAntiSpyware.com
    2008-03-25 19:45 . 2008-03-25 19:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2008-03-25 17:49 . 2008-03-26 14:34 <DIR> d-------- C:\WINDOWS\CAVTemp
    2008-03-25 17:19 . 2008-03-26 15:10 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-03-25 17:19 . 2008-03-26 15:10 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\CallingID
    2008-03-25 17:13 . 2008-03-26 15:43 <DIR> d-------- C:\WINDOWS\rnapxs
    2008-03-25 16:11 . 2008-03-25 16:11 8,627 --a------ C:\WINDOWS\system32\PAV_FOG.OPC
    2008-03-25 16:08 . 2008-03-25 16:08 102 --a------ C:\WINDOWS\system32\UserRequest_1206461317.tmp
    2008-03-25 15:34 . 2008-03-25 15:34 98,304 --a------ C:\WINDOWS\system32\bmrkbehm.exe
    2008-03-25 15:26 . 2008-02-15 10:21 12,608 --a------ C:\WINDOWS\system32\drivers\TfKbMon.sys
    2008-03-25 15:23 . 2008-03-25 15:23 <DIR> d-------- C:\Program Files\Common Files\PC Tools
    2008-03-25 15:23 . 2008-03-25 15:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Tools
    2008-03-25 13:05 . 2008-03-25 13:06 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\PC-Cleaner
    2008-03-25 13:04 . 2008-03-25 13:04 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Desktopvirii
    2008-03-25 13:04 . 2008-03-25 13:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\dizmhkfq
    2008-03-25 13:04 . 2008-03-25 13:04 4,096 --a------ C:\Documents and Settings\Compaq_Owner\DesktopTrojan.Win32.BlackBird.exe
    2008-03-25 13:04 . 2008-03-25 13:04 4,096 --a------ C:\Documents and Settings\Compaq_Owner\DesktopFWebdEditor.exe
    2008-03-25 13:04 . 2008-03-25 13:04 4,096 --a------ C:\Documents and Settings\Compaq_Owner\Desktopfwebd.exe
    2008-03-25 13:04 . 2008-03-25 13:04 4,096 --a------ C:\Documents and Settings\Compaq_Owner\Desktopfkwp2.0.exe
    2008-03-25 13:04 . 2008-03-25 13:04 4,096 --a------ C:\Documents and Settings\Compaq_Owner\Desktopfkwp1.5.exe
    2008-03-25 13:04 . 2008-03-25 13:04 4,096 --a------ C:\Documents and Settings\Compaq_Owner\Desktopfilemanagerclient.exe
    2008-03-25 13:04 . 2008-03-25 13:04 4,096 --a------ C:\Documents and Settings\Compaq_Owner\DesktopEditorFKWP2.0.exe
    2008-03-25 13:04 . 2008-03-25 13:04 4,096 --a------ C:\Documents and Settings\Compaq_Owner\DesktopEditorFKWP1.5.exe
    2008-03-23 15:44 . 2008-03-23 15:44 <DIR> d-------- C:\Program Files\Common Files\PCSuite
    2008-03-23 15:44 . 2008-03-23 15:44 <DIR> d-------- C:\Program Files\Common Files\Nokia
    2008-03-22 12:39 . 2008-03-22 12:44 37,888 --a------ C:\WINDOWS\system32\rar.exe
    2008-03-17 12:23 . 2008-03-17 12:23 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Template
    2008-03-17 12:22 . 2008-03-17 12:22 0 --a------ C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
    2008-03-16 22:06 . 2008-03-16 22:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Backup
    2008-03-16 21:58 . 2008-03-16 21:58 84 --a------ C:\Scans.dat
    2008-03-16 21:45 . 2008-03-16 21:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\sentinel
    2008-03-16 21:36 . 2008-03-25 17:47 <DIR> d-------- C:\Program Files\Common Files\Panda Software
    2008-03-16 18:01 . 2003-10-22 16:54 81,920 --a------ C:\WINDOWS\system32\W32n50.dll
    2008-03-16 18:01 . 2003-08-14 23:23 69,632 --a------ C:\WINDOWS\system32\MCCDevice.dll
    2008-03-16 18:01 . 2003-10-22 16:54 17,162 --a------ C:\WINDOWS\system32\Pcandis5.sys
    2008-03-16 18:01 . 2003-10-22 16:54 16,848 --a------ C:\WINDOWS\system32\Pcandis4.sys
    2008-03-16 18:01 . 2003-10-22 16:54 16,073 --a------ C:\WINDOWS\system32\Pcandis3.vxd
    2008-03-16 18:01 . 2003-07-17 22:16 6,048 --a------ C:\WINDOWS\system32\mcc16.dll
    2008-03-16 18:01 . 2003-12-12 22:27 2,050 --a------ C:\WINDOWS\system32\ClientSyncLoaderDriver.htm
    2008-03-16 18:01 . 2003-12-12 22:27 1,064 --a------ C:\WINDOWS\system32\ClientSyncLoader.htm
    2008-03-12 21:04 . 2008-03-12 21:04 <DIR> d-------- C:\WINDOWS\Drivers
    2008-03-12 21:04 . 2008-03-16 18:01 <DIR> d-------- C:\Program Files\Common Files\Motive
    2008-03-12 21:00 . 2004-02-09 17:06 15,360 -ra------ C:\WINDOWS\system32\drivers\NetMotCM.sys
    2008-03-08 15:30 . 2008-03-08 15:30 <DIR> d-------- C:\Program Files\Illustrate
    2008-03-08 15:30 . 2008-03-08 15:30 <DIR> d-------- C:\Documents and Settings\Compaq_Owner\Application Data\AccurateRip
    2008-03-08 15:30 . 2008-03-08 15:29 4,230,520 --a------ C:\WINDOWS\system32\SpoonUninstall.exe
    2008-03-06 21:05 . 2008-03-26 14:04 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-03-27 11:05 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2008-03-27 10:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
    2008-03-26 23:28 --------- d-----w C:\Program Files\Norton 360
    2008-03-26 17:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2008-03-26 16:49 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\NCH Swift Sound
    2008-03-26 16:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
    2008-03-26 16:29 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\LimeWire
    2008-03-26 15:18 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-03-26 15:11 --------- d-----w C:\Program Files\Common Files\InstallShield
    2008-03-26 14:30 --------- d-----w C:\Program Files\BitComet
    2008-03-25 15:58 --------- d-----w C:\Program Files\Google
    2008-03-25 14:18 --------- d-----w C:\Program Files\Common Files\Adobe
    2008-03-23 15:44 --------- d-----w C:\Program Files\Nokia
    2008-03-23 15:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
    2008-03-16 21:40 --------- d-----w C:\Program Files\ESET
    2008-03-16 20:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\F-Secure
    2008-03-14 12:00 --------- d-----w C:\Program Files\Driving Theory Test Express
    2008-03-10 02:44 --------- d-----w C:\Program Files\Windows Live
    2008-03-10 02:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-03-07 16:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Software rule flag owns
    2008-03-06 21:53 --------- d-----w C:\Program Files\DietMP3
    2008-02-28 14:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avg7
    2008-02-26 21:49 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\PC Suite
    2008-02-26 17:34 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
    2008-02-26 17:31 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
    2008-02-26 16:01 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\Ahead
    2008-02-24 20:10 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\F-Secure
    2008-02-24 14:49 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\BearShare
    2008-02-20 18:36 --------- d-----w C:\Program Files\2 Pic
    2008-02-17 23:50 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\Nokia
    2008-02-16 13:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\fssg
    2008-02-12 17:33 --------- d-----w C:\Program Files\DIFX
    2008-02-12 17:32 --------- d-----w C:\Program Files\PC Connectivity Solution
    2008-02-03 16:47 --------- d-----w C:\Program Files\Vista Drive Icon
    2008-02-03 16:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
    2008-01-29 21:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems
    2008-01-29 21:04 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
    2008-01-11 05:53 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
    .

    ------- Sigcheck -------

    2007-06-13 10:23 975360 9784e0719124e4a23989aef9e7ca02d6 C:\WINDOWS\explorer.exe
    2007-06-13 11:26 1033216 7712df0cdde3a5ac89843e61cd5b3658 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
    2004-08-04 05:00 974336 a5c1f2cf7c31874e66478910b43d6513 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
    2007-06-13 10:23 975360 9784e0719124e4a23989aef9e7ca02d6 C:\WINDOWS\system32\dllcache\explorer.exe
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00 15360]
    "zyiozevp"="C:\WINDOWS\system32\bmrkbehm.exe" [2008-03-25 15:34 98304]
    "cvzxxgwl"="C:\WINDOWS\system32\rmtkpkbg.exe" [2008-03-26 15:44 94208]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 16:04 52736]
    "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-08 03:05 344064]
    "KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 23:44 61440]
    "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 20:43 233472]
    "AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 20:47 57344 C:\WINDOWS\ALCXMNTR.EXE]
    "PS2"="C:\WINDOWS\system32\ps2.exe" [2004-10-25 22:17 90112]
    "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2005-05-11 00:50 253952]
    "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]
    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-11-27 23:29 185632]
    "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]
    "DrvIcon"="C:\Program Files\Vista Drive Icon\DrvIcon.exe" [2007-07-04 19:59 45056]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-10 05:59 115816]
    "THGuard"="C:\Program Files\TrojanHunter 5.0\THGuard.exe" [2008-03-25 19:08 1047712]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336]

    C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\
    RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 22:05:02 630784]
    UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe [2006-05-21 07:43:08 180224]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    Uniblue Powersuite.lnk - C:\Program Files\Uniblue\PowerSuite\PowerSuite.exe [2008-03-26 14:21:50 2783504]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
    "k7gHAIttTw"= C:\Documents and Settings\All Users\Application Data\dizmhkfq\bcdqfkfw.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
    "Windows Printing Driver"= WinSpooler.exe

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
    "C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
    "C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
    "C:\\Program Files\\uTorrent\\uTorrent.exe"=
    "C:\\Program Files\\Driving Theory Test Express\\unins000.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Mozilla Firefox\\firefox.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "26531:TCP"= 26531:TCP:BitComet 26531 TCP
    "26531:UDP"= 26531:UDP:BitComet 26531 UDP

    R3 PID_0920;Logitech QuickCam Express(PID_0920);C:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2003-09-16 17:41]
    S3 se59bus;Sony Ericsson Device 089 driver (WDM);C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 20:07]
    S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 20:07]
    S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 20:07]
    S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 20:08]
    S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS);C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 20:06]
    S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 20:09]
    S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM);C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 20:06]
    S3 usbprint;Microsoft USB PRINTER Class;C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 23:01]

    *Newly Created Service* - COMHOST
    .
    Contents of the 'Scheduled Tasks' folder
    "2008-03-26 15:20:30 C:\WINDOWS\Tasks\Uniblue SpyEraser.job"
    - C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-27 11:09:25
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2008-03-27 11:10:04
    ComboFix-quarantined-files.txt 2008-03-27 11:09:47
    .
    2008-03-26 15:53:11 --- E O F ---
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/697553

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice