Security Tool

View previous topic View next topic Go down

Security Tool

Post by Lavender on Tue Dec 22, 2009 3:33 am

This security tool has taken over my computer. I was able to temporarily stop it with stopzilla. But after it scanned my pc it wanted me to pay for removal. Is there any way to scan, identify, and remove this thing without cost?


Michael.

Lavender
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2009-12-22
OS OS : vista
Points Points : 25458
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Security Tool

Post by Dr Jay on Tue Dec 22, 2009 3:49 am

Please download ComboFix from [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]


Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found [You must be registered and logged in to see this link.]
  • Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13719
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302143
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Security Tool

Post by Lavender on Fri Dec 25, 2009 2:54 am

ComboFix 09-12-24.02 - The Lavenders 12/24/2009 20:30:31.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2045.1150 [GMT -6:00]
Running from: c:\users\The Lavenders\Documents\New Folder\commy.exe1.exe
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1400113804-1914402855-3429530994-500
c:\$recycle.bin\S-1-5-21-1745912168-3853139608-2999260509-500
c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\program files\FunWebProducts
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\users\The Lavenders\AppData\Roaming\.#
c:\users\The Lavenders\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.lnk
c:\windows\COUPON~1.OCX
c:\windows\CouponPrinter.ocx

.
((((((((((((((((((((((((( Files Created from 2009-11-25 to 2009-12-25 )))))))))))))))))))))))))))))))
.

2009-12-25 02:37 . 2009-12-25 02:37 -------- d-----w- c:\users\The Lavenders\AppData\Local\temp
2009-12-25 02:37 . 2009-12-25 02:37 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
2009-12-25 02:37 . 2009-12-25 02:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-25 02:37 . 2009-12-25 02:37 -------- d-----w- c:\users\Sarah L\AppData\Local\temp
2009-12-24 01:35 . 2009-12-24 01:35 33982 ----a-r- c:\users\The Lavenders\AppData\Roaming\Microsoft\Installer\{3CB4A7B0-007D-4722-AF1D-891B53E04606}\_DC7EBA8B521231D0160AB2.exe
2009-12-24 01:35 . 2009-12-24 01:35 33982 ----a-r- c:\users\The Lavenders\AppData\Roaming\Microsoft\Installer\{3CB4A7B0-007D-4722-AF1D-891B53E04606}\_9767AAD380EB35C76F7F05.exe
2009-12-24 01:35 . 2009-12-24 01:35 33982 ----a-r- c:\users\The Lavenders\AppData\Roaming\Microsoft\Installer\{3CB4A7B0-007D-4722-AF1D-891B53E04606}\_6FEFF9B68218417F98F549.exe
2009-12-24 01:35 . 2009-12-24 01:35 -------- d-----w- c:\programdata\Napster
2009-12-24 01:35 . 2009-12-24 01:35 -------- d-----w- c:\program files\Napster
2009-12-24 00:39 . 2009-12-24 00:39 -------- d-----w- c:\users\The Lavenders\AppData\Roaming\eMusic
2009-12-24 00:39 . 2009-12-24 00:39 -------- d-----w- c:\users\The Lavenders\AppData\Local\eMusic
2009-12-24 00:39 . 2009-12-24 00:39 -------- d-----w- c:\program files\eMusic Download Manager
2009-12-22 03:36 . 2009-12-22 03:36 -------- d-----w- c:\programdata\HP Product Assistant
2009-12-22 03:33 . 2009-12-22 03:37 77354 ----a-w- c:\windows\hpqins05.dat
2009-12-22 01:46 . 2009-12-22 01:58 -------- d-----w- c:\programdata\SITEguard
2009-12-22 01:43 . 2009-12-22 01:46 -------- d-----w- c:\program files\STOPzilla!
2009-12-22 01:43 . 2009-12-22 01:43 -------- d-----w- c:\program files\Common Files\iS3
2009-12-22 01:43 . 2009-12-25 02:37 -------- d-----w- c:\programdata\STOPzilla!
2009-12-21 17:52 . 2009-12-21 17:52 545424 ----a-r- c:\windows\system32\SZComp5.dll
2009-12-21 17:52 . 2009-12-21 17:52 438928 ----a-r- c:\windows\system32\SZBase5.dll
2009-12-21 17:44 . 2009-12-21 17:44 17408 ----a-r- c:\windows\system32\SZIO5.dll
2009-12-21 16:36 . 2009-12-22 01:48 -------- d-----w- c:\programdata\66039024
2009-12-14 16:24 . 2009-12-14 16:24 163600 ----a-r- c:\windows\system32\drivers\SZKGFS.sys
2009-12-10 22:11 . 2009-12-10 22:11 126976 ----a-r- c:\windows\system32\IS3HTUI5.dll
2009-12-10 22:11 . 2009-12-10 22:11 393216 ----a-r- c:\windows\system32\IS3DBA5.dll
2009-12-10 22:09 . 2009-12-10 22:09 385024 ----a-r- c:\windows\system32\IS3UI5.dll
2009-12-10 22:09 . 2009-12-10 22:09 61440 ----a-r- c:\windows\system32\IS3Hks5.dll
2009-12-10 22:08 . 2009-12-10 22:08 23040 ----a-r- c:\windows\system32\IS3XDat5.dll
2009-12-10 22:06 . 2009-12-10 22:06 225280 ----a-r- c:\windows\system32\IS3Win325.dll
2009-12-10 22:06 . 2009-12-10 22:06 94208 ----a-r- c:\windows\system32\IS3Inet5.dll
2009-12-10 22:05 . 2009-12-10 22:05 94208 ----a-r- c:\windows\system32\IS3Svc5.dll
2009-12-10 22:02 . 2009-12-10 22:02 729088 ----a-r- c:\windows\system32\IS3Base5.dll
2009-12-10 03:12 . 2009-12-10 03:12 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-12-10 03:12 . 2009-12-10 03:12 -------- d-----w- c:\program files\DivX
2009-12-10 01:53 . 2009-12-10 01:53 -------- d-----w- c:\users\The Lavenders\AppData\Roaming\vlc
2009-12-10 01:51 . 2009-12-10 01:51 -------- d-----w- c:\users\The Lavenders\AppData\Local\Graboid_Inc
2009-12-10 01:51 . 2009-12-10 01:51 -------- d-----w- c:\users\The Lavenders\AppData\Roaming\MozillaControl
2009-12-10 01:51 . 2009-12-10 01:51 -------- d-----w- c:\users\The Lavenders\AppData\Local\Graboid
2009-12-10 01:51 . 2009-12-10 01:51 -------- d-----w- c:\program files\Mozilla ActiveX Control v1.7.12
2009-12-10 01:51 . 2009-12-10 01:51 -------- d-----w- c:\program files\VideoLAN
2009-12-10 01:49 . 2009-12-10 01:51 -------- d-----w- c:\program files\Graboid
2009-12-09 09:05 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-09 09:05 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-12-09 09:05 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-08 21:52 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2009-12-07 22:59 . 2009-12-07 22:59 61328 ----a-r- c:\windows\system32\drivers\SZKG.sys
2009-12-07 22:59 . 2009-12-07 22:59 61328 ----a-r- c:\windows\system32\drivers\is3srv.sys
2009-11-25 09:01 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-25 09:01 . 2009-11-25 09:01 -------- d-----w- c:\program files\MSXML 4.0

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-25 02:30 . 2009-12-25 02:17 2048 ----a-w- c:\windows\system32\drivers\kgpcpy.cfg
2009-12-25 02:18 . 2007-05-28 05:41 67735 ----a-w- c:\programdata\nvModes.dat
2009-12-25 02:15 . 2007-05-28 05:36 -------- d-----w- c:\programdata\NVIDIA
2009-12-24 03:39 . 2009-01-30 23:03 1 ----a-w- c:\users\The Lavenders\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-12-22 22:33 . 2008-09-17 10:52 9450 ----a-w- c:\users\The Lavenders\AppData\Roaming\wklnhst.dat
2009-12-22 19:08 . 2008-09-11 03:06 85808 ----a-w- c:\users\The Lavenders\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-22 10:28 . 2009-01-28 21:46 -------- d-----w- c:\programdata\HP
2009-12-22 03:37 . 2009-10-05 21:15 -------- d-----w- c:\users\The Lavenders\AppData\Roaming\HpUpdate
2009-12-22 01:46 . 2007-08-27 14:58 -------- d-----w- c:\program files\Google
2009-12-19 17:49 . 2009-01-21 01:51 -------- d-----w- c:\users\The Lavenders\AppData\Roaming\PlayFirst
2009-12-19 17:49 . 2009-01-21 01:51 -------- d-----w- c:\programdata\PlayFirst
2009-12-19 17:49 . 2009-01-20 22:52 -------- d-----w- c:\program files\Shockwave.com
2009-12-09 09:24 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-11-21 06:40 . 2009-12-08 21:55 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-08 21:55 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34 . 2009-12-08 21:55 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59 . 2009-12-08 21:55 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-21 04:35 . 2009-11-21 04:35 -------- d-----w- c:\programdata\GoBit Games
2009-11-20 21:22 . 2009-11-20 21:22 -------- d-----w- c:\programdata\NannyMania
2009-11-17 09:56 . 2009-11-17 09:56 -------- d-----w- c:\program files\Windows Portable Devices
2009-11-17 09:56 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-17 09:56 . 2009-11-17 09:56 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-11-17 09:56 . 2009-11-17 09:56 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-10 09:32 . 2008-12-08 01:14 -------- d-----w- c:\program files\AVG
2009-11-03 02:42 . 2009-10-02 23:39 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-08 21:08 . 2009-11-17 09:00 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-10-08 21:08 . 2009-11-17 09:00 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-10-08 21:07 . 2009-11-17 09:00 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-05 21:20 . 2009-10-05 21:19 116839 ----a-w- c:\windows\hpqins00.dat
2009-10-01 01:02 . 2009-11-17 09:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-11-17 09:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02 . 2009-11-17 09:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-11-17 09:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-11-17 09:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-11-17 09:02 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-11-17 09:02 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-11-17 09:02 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-11-17 09:02 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-11-17 09:02 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01 . 2009-11-17 09:02 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-11-17 09:02 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-10-01 01:01 . 2009-11-17 09:02 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys
2009-10-01 01:01 . 2009-11-17 09:02 226816 ----a-w- c:\windows\system32\WpdMtp.dll
2009-10-01 01:01 . 2009-11-17 09:02 61952 ----a-w- c:\windows\system32\WpdMtpUS.dll
2009-10-01 01:01 . 2009-11-17 09:02 33280 ----a-w- c:\windows\system32\WpdConns.dll
2007-08-27 22:33 . 2007-08-27 22:31 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2009-02-04 171448]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-09-29 151552]
"CCUTRAYICON"="c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe" [2006-11-18 182744]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 80896]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-31 136600]
"SigmatelSysTrayApp"="sttray.exe" [2007-02-08 303104]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-8-27 50688]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2007-2-20 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"VistaSp2"=hex(b):4c,b0,d7,62,71,37,ca,01

R0 szkg5;szkg5;c:\windows\System32\drivers\SZKG.sys [12/7/2009 4:59 PM 61328]
R0 szkgfs;szkgfs;c:\windows\System32\drivers\SZKGFS.sys [12/14/2009 10:24 AM 163600]
R2 nmsgopro;GoProto Protocol Driver for NMS;c:\windows\System32\drivers\nmsgopro.sys [9/27/2006 2:37 PM 28672]
R2 nmsunidr;UniDriver for NMS;c:\windows\System32\drivers\nmsunidr.sys [10/19/2006 1:49 PM 7424]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [8/17/2009 12:32 AM 239648]
R3 IntelDH;IntelDH Driver;c:\windows\System32\drivers\IntelDH.sys [8/27/2007 8:53 AM 5504]
S0 is3srv;is3srv;c:\windows\System32\drivers\is3srv.sys [12/7/2009 4:59 PM 61328]
S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [10/29/2006 7:03 AM 208896]
S2 gupdate1ca7946b29d8937;Google Update Service (gupdate1ca7946b29d8937);c:\program files\Google\Update\GoogleUpdate.exe [12/9/2009 9:13 PM 133104]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [8/27/2007 8:58 AM 29744]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc ehstart
rpcss REG_MULTI_SZ RpcSs
DcomLaunch REG_MULTI_SZ PlugPlay DcomLaunch
wdisvc REG_MULTI_SZ WdiServiceHost
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
GPSvcGroup REG_MULTI_SZ GPSvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
LSP: c:\windows\system32\wpclsp.dll
DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - [You must be registered and logged in to see this link.]
DPF: {FCB28D51-A017-46B2-9FB3-F7BFD53B2E42} - [You must be registered and logged in to see this link.]
.
- - - - ORPHANS REMOVED - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)


.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-12-24 20:41:14
ComboFix-quarantined-files.txt 2009-12-25 02:41

Pre-Run: 232,166,592,512 bytes free
Post-Run: 275,308,326,912 bytes free

- - End Of File - - 7F0A473BDF5B69D71396CCF8E2F77184

Lavender
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2009-12-22
OS OS : vista
Points Points : 25458
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Security Tool

Post by Lavender on Fri Dec 25, 2009 2:58 am

Do you know of a free anitvirus or other protection program that is better than avg?

Lavender
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2009-12-22
OS OS : vista
Points Points : 25458
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Security Tool

Post by Dr Jay on Sat Dec 26, 2009 3:04 am

Re-running ComboFix to remove infections:

  1. Close any open browsers.
  2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  3. Open notepad and copy/paste the text in the quotebox below into it:

    Folder::
    c:\programdata\SITEguard
    c:\program files\STOPzilla!
    c:\program files\Common Files\iS3
    c:\programdata\STOPzilla!
    c:\programdata\66039024

    File::
    c:\windows\system32\SZComp5.dll
    c:\windows\system32\SZBase5.dll
    c:\windows\system32\SZIO5.dll
    c:\windows\system32\drivers\SZKGFS.sys
    c:\windows\system32\IS3HTUI5.dll
    c:\windows\system32\IS3DBA5.dll
    c:\windows\system32\IS3UI5.dll
    c:\windows\system32\IS3Hks5.dll
    c:\windows\system32\IS3XDat5.dll
    c:\windows\system32\IS3Win325.dll
    c:\windows\system32\IS3Inet5.dll
    c:\windows\system32\IS3Svc5.dll
    c:\windows\system32\IS3Base5.dll
    c:\windows\system32\drivers\kgpcpy.cfg
  4. Save this as CFScript.txt, in the same location as ComboFix.exe



  5. Referring to the picture above, drag CFScript into ComboFix.exe
  6. When finished, it shall produce a log for you at C:\ComboFix.txt
  7. Please post the contents of the log in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13719
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302143
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Security Tool

Post by Lavender on Sat Dec 26, 2009 4:08 am

ComboFix 09-12-25.03 - The Lavenders 12/25/2009 21:50:30.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2045.1162 [GMT -6:00]
Running from: c:\users\The Lavenders\Desktop\commy.exe1.exe
Command switches used :: c:\users\The Lavenders\Desktop\CFScript.txt - Shortcut.lnk
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2009-11-26 to 2009-12-26 )))))))))))))))))))))))))))))))
.

2009-12-26 03:55 . 2009-12-26 03:56 -------- d-----w- c:\users\The Lavenders\AppData\Local\temp
2009-12-26 03:55 . 2009-12-26 03:55 -------- d-----w- c:\users\Sarah L\AppData\Local\temp
2009-12-26 03:55 . 2009-12-26 03:55 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-12-26 03:55 . 2009-12-26 03:55 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
2009-12-26 03:55 . 2009-12-26 03:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-25 04:21 . 2009-12-25 03:32 3776280 ----a-w- c:\programdata\avg9\update\backup\setup.exe
2009-12-25 04:21 . 2009-12-25 03:32 4043032 ----a-w- c:\programdata\avg9\update\backup\avgui.exe
2009-12-25 04:21 . 2009-12-25 03:32 3967256 ----a-w- c:\programdata\avg9\update\backup\avgcorex.dll
2009-12-25 04:21 . 2009-12-25 03:32 2352920 ----a-w- c:\programdata\avg9\update\backup\avgresf.dll
2009-12-25 04:21 . 2009-12-25 03:32 916248 ----a-w- c:\programdata\avg9\update\backup\avgcfgx.dll
2009-12-25 03:33 . 2009-12-25 03:33 -------- d-----w- C:\$AVG
2009-12-25 03:32 . 2009-12-26 03:26 -------- d-----w- c:\programdata\avg9
2009-12-24 01:35 . 2009-12-24 01:35 33982 ----a-r- c:\users\The Lavenders\AppData\Roaming\Microsoft\Installer\{3CB4A7B0-007D-4722-AF1D-891B53E04606}\_DC7EBA8B521231D0160AB2.exe
2009-12-24 01:35 . 2009-12-24 01:35 33982 ----a-r- c:\users\The Lavenders\AppData\Roaming\Microsoft\Installer\{3CB4A7B0-007D-4722-AF1D-891B53E04606}\_9767AAD380EB35C76F7F05.exe
2009-12-24 01:35 . 2009-12-24 01:35 33982 ----a-r- c:\users\The Lavenders\AppData\Roaming\Microsoft\Installer\{3CB4A7B0-007D-4722-AF1D-891B53E04606}\_6FEFF9B68218417F98F549.exe
2009-12-24 01:35 . 2009-12-24 01:35 -------- d-----w- c:\programdata\Napster
2009-12-24 01:35 . 2009-12-24 01:35 -------- d-----w- c:\program files\Napster
2009-12-24 00:39 . 2009-12-24 00:39 -------- d-----w- c:\users\The Lavenders\AppData\Roaming\eMusic
2009-12-24 00:39 . 2009-12-24 00:39 -------- d-----w- c:\users\The Lavenders\AppData\Local\eMusic
2009-12-24 00:39 . 2009-12-24 00:39 -------- d-----w- c:\program files\eMusic Download Manager
2009-12-22 03:36 . 2009-12-22 03:36 -------- d-----w- c:\programdata\HP Product Assistant
2009-12-22 03:33 . 2009-12-22 03:37 77354 ----a-w- c:\windows\hpqins05.dat
2009-12-22 01:46 . 2009-12-22 01:58 -------- d-----w- c:\programdata\SITEguard
2009-12-22 01:43 . 2009-12-22 01:46 -------- d-----w- c:\program files\STOPzilla!
2009-12-22 01:43 . 2009-12-22 01:43 -------- d-----w- c:\program files\Common Files\iS3
2009-12-22 01:43 . 2009-12-26 03:56 -------- d-----w- c:\programdata\STOPzilla!
2009-12-21 17:52 . 2009-12-21 17:52 545424 ----a-r- c:\windows\system32\SZComp5.dll
2009-12-21 17:52 . 2009-12-21 17:52 438928 ----a-r- c:\windows\system32\SZBase5.dll
2009-12-21 17:44 . 2009-12-21 17:44 17408 ----a-r- c:\windows\system32\SZIO5.dll
2009-12-21 16:36 . 2009-12-22 01:48 -------- d-----w- c:\programdata\66039024
2009-12-14 16:24 . 2009-12-14 16:24 163600 ----a-r- c:\windows\system32\drivers\SZKGFS.sys
2009-12-10 22:11 . 2009-12-10 22:11 126976 ----a-r- c:\windows\system32\IS3HTUI5.dll
2009-12-10 22:11 . 2009-12-10 22:11 393216 ----a-r- c:\windows\system32\IS3DBA5.dll
2009-12-10 22:09 . 2009-12-10 22:09 385024 ----a-r- c:\windows\system32\IS3UI5.dll
2009-12-10 22:09 . 2009-12-10 22:09 61440 ----a-r- c:\windows\system32\IS3Hks5.dll
2009-12-10 22:08 . 2009-12-10 22:08 23040 ----a-r- c:\windows\system32\IS3XDat5.dll
2009-12-10 22:06 . 2009-12-10 22:06 225280 ----a-r- c:\windows\system32\IS3Win325.dll
2009-12-10 22:06 . 2009-12-10 22:06 94208 ----a-r- c:\windows\system32\IS3Inet5.dll
2009-12-10 22:05 . 2009-12-10 22:05 94208 ----a-r- c:\windows\system32\IS3Svc5.dll
2009-12-10 22:02 . 2009-12-10 22:02 729088 ----a-r- c:\windows\system32\IS3Base5.dll
2009-12-10 03:12 . 2009-12-10 03:12 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-12-10 03:12 . 2009-12-10 03:12 -------- d-----w- c:\program files\DivX
2009-12-10 01:53 . 2009-12-10 01:53 -------- d-----w- c:\users\The Lavenders\AppData\Roaming\vlc
2009-12-10 01:51 . 2009-12-10 01:51 -------- d-----w- c:\users\The Lavenders\AppData\Local\Graboid_Inc
2009-12-10 01:51 . 2009-12-10 01:51 -------- d-----w- c:\users\The Lavenders\AppData\Roaming\MozillaControl
2009-12-10 01:51 . 2009-12-10 01:51 -------- d-----w- c:\users\The Lavenders\AppData\Local\Graboid
2009-12-10 01:51 . 2009-12-10 01:51 -------- d-----w- c:\program files\Mozilla ActiveX Control v1.7.12
2009-12-10 01:51 . 2009-12-10 01:51 -------- d-----w- c:\program files\VideoLAN
2009-12-10 01:49 . 2009-12-10 01:51 -------- d-----w- c:\program files\Graboid
2009-12-09 09:05 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-09 09:05 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-12-09 09:05 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-08 21:52 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll
2009-12-07 22:59 . 2009-12-07 22:59 61328 ----a-r- c:\windows\system32\drivers\SZKG.sys
2009-12-07 22:59 . 2009-12-07 22:59 61328 ----a-r- c:\windows\system32\drivers\is3srv.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-26 03:47 . 2009-12-26 03:47 552 ----a-w- c:\windows\system32\drivers\kgpcpy.cfg
2009-12-26 03:34 . 2008-09-17 10:52 9560 ----a-w- c:\users\The Lavenders\AppData\Roaming\wklnhst.dat
2009-12-26 03:30 . 2007-05-28 05:41 67735 ----a-w- c:\programdata\nvModes.dat
2009-12-26 03:28 . 2007-05-28 05:36 -------- d-----w- c:\programdata\NVIDIA
2009-12-24 03:39 . 2009-01-30 23:03 1 ----a-w- c:\users\The Lavenders\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-12-22 19:08 . 2008-09-11 03:06 85808 ----a-w- c:\users\The Lavenders\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-22 10:28 . 2009-01-28 21:46 -------- d-----w- c:\programdata\HP
2009-12-22 03:37 . 2009-10-05 21:15 -------- d-----w- c:\users\The Lavenders\AppData\Roaming\HpUpdate
2009-12-22 01:46 . 2007-08-27 14:58 -------- d-----w- c:\program files\Google
2009-12-19 17:49 . 2009-01-21 01:51 -------- d-----w- c:\users\The Lavenders\AppData\Roaming\PlayFirst
2009-12-19 17:49 . 2009-01-21 01:51 -------- d-----w- c:\programdata\PlayFirst
2009-12-19 17:49 . 2009-01-20 22:52 -------- d-----w- c:\program files\Shockwave.com
2009-12-09 09:24 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-11-25 09:01 . 2009-11-25 09:01 -------- d-----w- c:\program files\MSXML 4.0
2009-11-21 06:40 . 2009-12-08 21:55 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-08 21:55 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34 . 2009-12-08 21:55 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59 . 2009-12-08 21:55 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-21 04:35 . 2009-11-21 04:35 -------- d-----w- c:\programdata\GoBit Games
2009-11-20 21:22 . 2009-11-20 21:22 -------- d-----w- c:\programdata\NannyMania
2009-11-17 09:56 . 2009-11-17 09:56 -------- d-----w- c:\program files\Windows Portable Devices
2009-11-17 09:56 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-17 09:56 . 2009-11-17 09:56 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-11-17 09:56 . 2009-11-17 09:56 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-10 09:32 . 2008-12-08 01:14 -------- d-----w- c:\program files\AVG
2009-11-03 02:42 . 2009-10-02 23:39 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-29 09:17 . 2009-11-25 09:01 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-08 21:08 . 2009-11-17 09:00 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-10-08 21:08 . 2009-11-17 09:00 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-10-08 21:07 . 2009-11-17 09:00 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-05 21:20 . 2009-10-05 21:19 116839 ----a-w- c:\windows\hpqins00.dat
2009-10-01 01:02 . 2009-11-17 09:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02 . 2009-11-17 09:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02 . 2009-11-17 09:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02 . 2009-11-17 09:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02 . 2009-11-17 09:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01 . 2009-11-17 09:02 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01 . 2009-11-17 09:02 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01 . 2009-11-17 09:02 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01 . 2009-11-17 09:02 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01 . 2009-11-17 09:02 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01 . 2009-11-17 09:02 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01 . 2009-11-17 09:02 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-10-01 01:01 . 2009-11-17 09:02 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys
2009-10-01 01:01 . 2009-11-17 09:02 226816 ----a-w- c:\windows\system32\WpdMtp.dll
2009-10-01 01:01 . 2009-11-17 09:02 61952 ----a-w- c:\windows\system32\WpdMtpUS.dll
2009-10-01 01:01 . 2009-11-17 09:02 33280 ----a-w- c:\windows\system32\WpdConns.dll
2007-08-27 22:33 . 2007-08-27 22:31 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((( [You must be registered and logged in to see this link.] )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-08-27 15:05 . 2009-12-26 03:31 62912 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-12-26 03:31 71418 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-09-11 03:03 . 2009-12-26 03:31 13650 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1745912168-3853139608-2999260509-1001_UserData.bin
- 2008-09-11 01:56 . 2009-12-25 02:15 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-09-11 01:56 . 2009-12-25 18:18 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-09-11 01:56 . 2009-12-25 18:18 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-09-11 01:56 . 2009-12-25 02:15 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-09-11 01:56 . 2009-12-25 02:15 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-09-11 01:56 . 2009-12-25 18:18 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-22 04:28 . 2009-12-24 14:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-22 04:28 . 2009-12-25 17:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-22 04:28 . 2009-12-24 14:19 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-22 04:28 . 2009-12-25 17:01 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-22 04:28 . 2009-12-25 17:01 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-22 04:28 . 2009-12-24 14:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-25 02:15 . 2009-12-25 02:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-12-26 03:28 . 2009-12-26 03:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-12-26 03:28 . 2009-12-26 03:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-12-25 02:15 . 2009-12-25 02:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-23 01:28 . 2009-12-25 03:27 157368 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2006-11-02 10:33 . 2009-12-26 03:33 595446 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-12-25 02:21 595446 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-12-25 02:21 101144 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-12-26 03:33 101144 c:\windows\System32\perfc009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2009-02-04 171448]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-09-29 151552]
"CCUTRAYICON"="c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe" [2006-11-18 182744]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 80896]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-31 136600]
"SigmatelSysTrayApp"="sttray.exe" [2007-02-08 303104]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-8-27 50688]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2007-2-20 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"VistaSp2"=hex(b):4c,b0,d7,62,71,37,ca,01

R0 szkg5;szkg5;c:\windows\System32\drivers\SZKG.sys [12/7/2009 4:59 PM 61328]
R0 szkgfs;szkgfs;c:\windows\System32\drivers\SZKGFS.sys [12/14/2009 10:24 AM 163600]
R2 nmsgopro;GoProto Protocol Driver for NMS;c:\windows\System32\drivers\nmsgopro.sys [9/27/2006 2:37 PM 28672]
R2 nmsunidr;UniDriver for NMS;c:\windows\System32\drivers\nmsunidr.sys [10/19/2006 1:49 PM 7424]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [8/17/2009 12:32 AM 239648]
R3 IntelDH;IntelDH Driver;c:\windows\System32\drivers\IntelDH.sys [8/27/2007 8:53 AM 5504]
S0 is3srv;is3srv;c:\windows\System32\drivers\is3srv.sys [12/7/2009 4:59 PM 61328]
S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [10/29/2006 7:03 AM 208896]
S2 gupdate1ca7946b29d8937;Google Update Service (gupdate1ca7946b29d8937);c:\program files\Google\Update\GoogleUpdate.exe [12/9/2009 9:13 PM 133104]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [9/16/2008 5:58 PM 21504]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [8/27/2007 8:58 AM 29744]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
LSP: c:\windows\system32\wpclsp.dll
DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - [You must be registered and logged in to see this link.]
DPF: {FCB28D51-A017-46B2-9FB3-F7BFD53B2E42} - [You must be registered and logged in to see this link.]
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-12-25 21:56
Windows 6.0.6002 Service Pack 2 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-12-25 21:58:26
ComboFix-quarantined-files.txt 2009-12-26 03:58
ComboFix2.txt 2009-12-25 02:41

Pre-Run: 272,992,153,600 bytes free
Post-Run: 272,993,464,320 bytes free

- - End Of File - - CFC84D7D7CE08E67EE1737CE34D47A3D

Lavender
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2009-12-22
OS OS : vista
Points Points : 25458
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Security Tool

Post by Dr Jay on Sat Dec 26, 2009 4:18 am

Please try the script again. It did not work.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13719
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302143
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Security Tool

Post by slowrider1 on Sat Dec 26, 2009 5:29 pm

Moderated Message: Hello, your comment has been removed. Please do not post in another member's topic. If you need help, please read [You must be registered and logged in to see this link.] over and [You must be registered and logged in to see this link.] to open a new topic. ~DragonMaster Jay

slowrider1
Beginner
Beginner

Posts Posts : 1
Joined Joined : 2009-12-26
OS OS : vista
Points Points : 25400
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum