Commy report

View previous topic View next topic Go down

Commy report

Post by mandrews on Wed Apr 13, 2011 5:23 am

ComboFix 11-04-12.01 - musicmatt 04/12/2011 23:07:39.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1789.579 [GMT -4:00]
Running from: c:\users\musicmatt\Desktop\CommyFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
F:\autorun.inf
F:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-03-13 to 2011-04-13 )))))))))))))))))))))))))))))))
.
.
2011-04-13 03:26 . 2011-04-13 03:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-13 03:10 . 2011-04-13 03:10 1307647 ----a-w- c:\programdata\SPLE0CC.tmp
2011-04-13 02:46 . 2011-04-13 02:46 3425131 ----a-w- c:\programdata\SPL5D71.tmp
2011-04-12 18:47 . 2011-04-12 18:47 -------- d-----w- c:\users\musicmatt\AppData\Roaming\SumatraPDF
2011-04-12 17:54 . 2011-04-12 17:54 -------- d-----w- c:\program files\Unlocker
2011-04-12 10:50 . 2011-04-12 10:50 -------- d-----w- c:\users\musicmatt\.thumbnails
2011-04-12 10:33 . 2011-04-12 10:58 -------- d-----w- c:\users\musicmatt\.gimp-2.6
2011-04-12 10:33 . 2011-04-12 10:33 -------- d-----w- c:\program files\GIMP-2.0
2011-04-12 07:35 . 2011-04-12 20:34 -------- d-----w- c:\programdata\NOS
2011-04-12 07:35 . 2011-04-12 20:32 -------- d-----w- c:\program files\NOS
2011-04-12 07:24 . 2011-03-15 04:05 6792528 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8517F4D9-5DB9-4730-AD5F-F7127AC06983}\mpengine.dll
2011-04-12 07:14 . 2011-04-12 07:39 -------- d-----w- c:\users\musicmatt\AppData\Local\NOS
2011-04-12 05:42 . 2011-04-12 05:42 -------- d-----w- C:\EGIS_Drive
2011-04-12 05:09 . 2011-04-12 05:09 -------- d-----w- c:\program files\LTCM Client
2011-04-12 02:19 . 2011-04-12 02:19 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2011-04-12 02:19 . 2011-04-12 02:19 -------- d-----w- c:\program files\DVDVideoSoft
2011-04-11 01:32 . 2011-04-12 05:34 -------- d-----w- c:\users\musicmatt\AppData\Roaming\GRLevel3
2011-04-11 01:23 . 2011-04-11 01:23 -------- d-----w- c:\program files\GRLevelX
2011-04-08 19:28 . 2011-04-08 19:28 -------- d-----w- c:\program files\Coupons
2011-04-08 17:15 . 2011-04-08 17:15 -------- d-----w- c:\windows\Sun
2011-04-08 17:08 . 2011-04-08 17:08 -------- d-----w- c:\program files\freecordertoolbar
2011-04-08 17:07 . 2011-04-12 02:16 -------- d-----w- c:\users\musicmatt\AppData\Local\FLVService
2011-04-08 17:07 . 2011-04-12 11:01 -------- d-----w- c:\program files\Freecorder 5
2011-04-08 17:07 . 2011-04-08 17:07 -------- d-----w- c:\windows\Freecorder
2011-04-08 14:29 . 2011-04-08 14:40 -------- d-----w- c:\users\musicmatt\AppData\Roaming\Tether
2011-04-08 14:28 . 2009-01-09 20:18 27136 ----a-w- c:\windows\system32\drivers\RimSerial.sys
2011-04-08 14:27 . 2011-04-08 14:27 -------- d-----w- c:\program files\Research In Motion
2011-04-08 14:27 . 2011-04-08 14:27 -------- d-----w- c:\program files\Common Files\Research In Motion
2011-04-08 14:25 . 2010-05-18 14:53 45608 ----a-w- c:\windows\system32\drivers\qrkis.sys
2011-04-08 14:23 . 2011-04-12 11:01 -------- d-----w- c:\program files\Tether
2011-04-01 19:25 . 2006-11-29 08:05 1645320 ----a-w- c:\windows\system32\gdiplus.dll
2011-04-01 19:25 . 2007-05-17 17:53 434176 ----a-w- c:\windows\system32\lxdehcp.dll
2011-04-01 19:25 . 2007-05-17 17:52 348160 ----a-w- c:\windows\system32\lxdeinst.dll
2011-04-01 19:25 . 2011-04-01 19:27 -------- d-----w- c:\program files\Lexmark 4800 Series
2011-04-01 19:25 . 2007-05-26 00:42 113664 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\lxdedrpp.dll
2011-04-01 18:46 . 2011-04-01 19:03 -------- d-----w- c:\users\musicmatt\AppData\Roaming\Lexmark Productivity Studio
2011-03-31 07:01 . 2011-03-31 07:01 -------- d-----w- c:\program files\MSXML 4.0
2011-03-30 00:45 . 2001-10-28 20:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2011-03-30 00:45 . 1998-06-24 04:00 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2011-03-30 00:45 . 1998-07-06 04:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2011-03-29 23:33 . 2003-04-18 20:29 82432 ----a-w- c:\windows\system32\msxml4r.dll
2011-03-29 23:33 . 2009-11-25 22:40 307200 ----a-w- c:\windows\system32\Mp3Ctrl.dll
2011-03-29 23:33 . 2009-09-26 15:00 580096 ----a-w- c:\windows\system32\lame.exe
2011-03-29 23:33 . 2009-09-26 15:00 496640 ----a-w- c:\windows\system32\lame_enc.dll
2011-03-29 23:33 . 2009-07-23 21:28 86016 ----a-w- c:\windows\system32\akrip32.dll
2011-03-29 23:33 . 2009-07-23 21:28 131176 ----a-w- c:\windows\system32\mp3gain.exe
2011-03-29 23:33 . 2011-03-29 23:33 -------- d-----w- c:\program files\Zortam Mp3 Media Studio
2011-03-29 20:57 . 2011-03-29 20:57 -------- d-----w- c:\windows\system32\config\systemprofile\{4a452778-f0bb-4a38-940c-1cc99117d899}
2011-03-29 20:54 . 2011-03-29 20:55 -------- d-----w- c:\windows\system32\config\systemprofile\{f48ced33-c68e-430f-80ed-9a2ea4ef228f}
2011-03-29 20:30 . 2011-03-29 20:30 1144608 ----a-w- c:\programdata\SPLB730.tmp
2011-03-29 20:27 . 2011-03-29 20:27 1144608 ----a-w- c:\programdata\SPL47AB.tmp
2011-03-29 20:26 . 2011-03-29 20:26 1144608 ----a-w- c:\programdata\SPLE15D.tmp
2011-03-29 19:01 . 2011-03-29 19:01 -------- d-----w- C:\lexmark
2011-03-26 03:38 . 2011-03-26 03:38 -------- d-----w- c:\program files\Winamp Detect
2011-03-26 03:37 . 2011-04-12 08:32 -------- d-----w- c:\users\musicmatt\AppData\Roaming\Winamp
2011-03-26 03:37 . 2011-03-26 03:38 -------- d-----w- c:\program files\Winamp
2011-03-25 23:28 . 2009-09-04 21:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-03-25 23:28 . 2006-09-28 20:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2011-03-25 11:47 . 2011-03-25 11:47 -------- d-----w- c:\program files\Common Files\Adobe
2011-03-23 10:41 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-03-23 10:41 . 2011-02-22 14:13 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-03-23 10:41 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll
2011-03-21 20:13 . 2011-03-21 20:13 -------- d-----w- c:\users\Public\CyberLink
2011-03-21 20:13 . 2011-03-21 20:13 -------- d-----w- c:\programdata\CyberLink
2011-03-21 20:12 . 2011-03-21 20:12 -------- d-----w- c:\users\musicmatt\AppData\Roaming\CyberLink
2011-03-20 23:56 . 2011-03-21 00:00 53248 ----a-r- c:\users\musicmatt\AppData\Roaming\Microsoft\Installer\{DC33421C-0E1C-470A-BE37-7B7C82677812}\EchoLink_Web_Site._B5759EDEA3D244BBB2AAF1B15E1EC021.exe
2011-03-20 23:56 . 2011-03-21 00:00 53248 ----a-r- c:\users\musicmatt\AppData\Roaming\Microsoft\Installer\{DC33421C-0E1C-470A-BE37-7B7C82677812}\EchoLink_Support.u_B5759EDEA3D244BBB2AAF1B15E1EC021.exe
2011-03-20 23:56 . 2011-03-21 00:00 45056 ----a-r- c:\users\musicmatt\AppData\Roaming\Microsoft\Installer\{DC33421C-0E1C-470A-BE37-7B7C82677812}\EchoLink.chm_B5759EDEA3D244BBB2AAF1B15E1EC021.exe
2011-03-20 23:56 . 2011-03-21 00:00 40960 ----a-r- c:\users\musicmatt\AppData\Roaming\Microsoft\Installer\{DC33421C-0E1C-470A-BE37-7B7C82677812}\EchoLink.exe11_B5759EDEA3D244BBB2AAF1B15E1EC021.exe
2011-03-20 23:56 . 2011-03-21 00:00 40960 ----a-r- c:\users\musicmatt\AppData\Roaming\Microsoft\Installer\{DC33421C-0E1C-470A-BE37-7B7C82677812}\EchoLink.exe1_B5759EDEA3D244BBB2AAF1B15E1EC021.exe
2011-03-20 23:56 . 2011-03-21 00:00 40960 ----a-r- c:\users\musicmatt\AppData\Roaming\Microsoft\Installer\{DC33421C-0E1C-470A-BE37-7B7C82677812}\ARPPRODUCTICON.exe
2011-03-20 23:56 . 2011-03-20 23:56 -------- d-----w- c:\program files\K1RFD
2011-03-14 17:44 . 2011-03-14 17:44 -------- d-----w- c:\program files\Common Files\Java
2011-03-14 09:20 . 2011-03-14 09:20 -------- d-----w- c:\program files\FoxTabMP4Converter
2011-03-14 07:56 . 2011-03-14 07:56 -------- d-----w- c:\program files\Windows Portable Devices
2011-03-14 07:38 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2011-03-14 07:38 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-03-14 07:38 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2011-03-14 07:32 . 2009-09-25 01:33 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2011-03-14 07:32 . 2009-09-25 02:07 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2011-03-14 07:32 . 2009-09-25 02:10 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2011-03-14 07:32 . 2009-09-25 01:33 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2011-03-14 07:32 . 2009-09-25 02:04 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2011-03-14 07:32 . 2009-09-25 01:32 252928 ----a-w- c:\windows\system32\dxdiag.exe
2011-03-14 07:32 . 2009-09-25 01:31 519680 ----a-w- c:\windows\system32\d3d11.dll
2011-03-14 07:19 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-03-14 07:19 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-03-14 07:19 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2011-03-14 07:02 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-18 18:32 . 2011-02-14 22:05 71072 ----a-w- c:\windows\CouponPrinter.ocx
2011-03-04 19:44 . 2011-01-17 01:27 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys
2011-02-03 01:40 . 2011-01-17 20:08 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 22:11 . 2011-01-17 14:19 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-20 16:37 . 2011-03-14 01:32 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-20 16:08 . 2011-03-14 01:32 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:08 . 2011-03-14 01:32 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:08 . 2011-03-14 01:32 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:08 . 2011-03-14 01:32 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08 . 2011-03-14 01:32 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:07 . 2011-03-14 01:32 37376 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:07 . 2011-03-14 01:32 258048 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:07 . 2011-03-14 01:32 586240 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:06 . 2011-03-14 01:32 2873344 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:06 . 2011-03-14 01:32 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04 . 2011-03-14 01:32 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 16:04 . 2011-03-14 01:32 98816 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 14:28 . 2011-03-14 01:32 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 14:27 . 2011-03-14 01:32 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:26 . 2011-03-14 01:32 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25 . 2011-03-14 01:32 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:24 . 2011-03-14 01:32 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15 . 2011-03-14 01:32 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14 . 2011-03-14 01:32 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14 . 2011-03-14 01:32 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:14 . 2011-03-14 01:32 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:12 . 2011-03-14 01:32 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:11 . 2011-03-14 01:32 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 13:47 . 2011-03-14 01:32 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-01-18 07:36 . 2011-01-18 06:15 669002 ----a-w- c:\windows\unins000.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 17:51 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}]
2011-03-16 11:59 81920 ----a-w- c:\program files\freecordertoolbar\vmntemplateX.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 17:51 3911776 ----a-w- c:\program files\uTorrentBar\tbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
"{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}"= "c:\program files\freecordertoolbar\vmntemplateX.dll" [2011-03-16 81920]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{70dd86e8-b5bc-4e4a-9d5c-b6234c24323c}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-01-03 07:00 39472 ----a-w- c:\acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Google Update"="c:\users\musicmatt\AppData\Local\Google\Update\GoogleUpdate.exe" [2011-01-16 136176]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-08 4853760]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-07 102400]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2008-01-22 81920]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-10-11 62760]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-01-03 521776]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-01-07 858632]
"Acer Assist Launcher"="c:\program files\Acer\Acer Assist\launcher.exe" [2007-11-19 1261568]
"Acer Product Registration"="c:\program files\Acer\Acer Registration\ACE1.exe" [2007-11-26 3387392]
"ContentTransferWMDetector.exe"="c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe" [2008-07-11 423200]
"Realtime Audio Engine"="mmrtkrnl.exe" [2003-09-13 53248]
"Skytel"="Skytel.exe" [2007-11-21 1826816]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"lxdemon.exe"="c:\program files\Lexmark 4800 Series\lxdemon.exe" [2007-06-11 455600]
"lxdeamon"="c:\program files\Lexmark 4800 Series\lxdeamon.exe" [2007-06-01 20480]
"Freecorder FLV Service"="c:\program files\Freecorder 5\FLVSrvc.exe" [2011-03-24 167936]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2008-3-29 535336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
R2 lxdeCATSCustConnectService;lxdeCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\lxdeserv.exe [2007-05-29 99248]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe [2008-01-21 21504]
R3 qrkis;Tether Miniport;c:\windows\system32\DRIVERS\qrkis.sys [2010-05-18 45608]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2006-09-19 80744]
S0 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2007-04-03 39680]
S0 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sd.sys [2007-04-03 35712]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2010-06-09 11352]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2010-04-22 22104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 lxde_device;lxde_device;c:\windows\system32\lxdecoms.exe [2007-05-29 598960]
S2 Tether;Tether;c:\program files\Tether\TBService.exe [2010-09-21 52664]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-03 19984]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-880227785-1377843364-700853731-1003Core.job
- c:\users\musicmatt\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-16 20:57]
.
2011-04-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-880227785-1377843364-700853731-1003UA.job
- c:\users\musicmatt\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-16 20:57]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {E7FC0445-53E8-4DE0-8BD6-E22182383273} = 208.67.222.222,208.67.220.220
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-04-12 23:26
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-04-12 23:29:51
ComboFix-quarantined-files.txt 2011-04-13 03:29
ComboFix2.txt 2011-04-12 22:59
.
Pre-Run: 35,053,842,432 bytes free
Post-Run: 34,925,559,808 bytes free
.
- - End Of File - - F1E9B4828F1DD245256DFA7F8562E003

mandrews
Novice
Novice

Posts Posts : 20
Joined Joined : 2011-02-07
OS OS : Greer, South Carolina
Points Points : 21522
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Commy report

Post by mandrews on Wed Apr 13, 2011 5:28 am

I had a problem loading adobe x kept getting access denied tried uninstalling kept getting error tried the fix posted kept getting error the i found kaspersky had corrupt files tried to repair got errors from that.

mandrews
Novice
Novice

Posts Posts : 20
Joined Joined : 2011-02-07
OS OS : Greer, South Carolina
Points Points : 21522
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Commy report

Post by Dr Jay on Wed Apr 13, 2011 5:53 am

Scan for malware

Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.].
Alternate link: [You must be registered and logged in to see this link.].
(Note: if you already have the program installed, just follow the directions. No need to re-download or re-install!)

Double Click mbam-setup.exe to install the application.

(Note: if you already have the program installed, open Malwarebytes from the Start Menu or Desktop shortcut, click the Update tab, and click Check for Updates, before doing the scan as instructed below!)

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If you are prompted to restart, please allow it to restart your computer. Failure to do this, will cause the infection to still be active on the computer.
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • The log can also be found at C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Copy and paste the entire report in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13717
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302127
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Commy report

Post by mandrews on Thu Apr 21, 2011 3:32 am

Nothing found during scan, and I still can not open adobe reader x, but i can use a pdf reader from portable apps.

mandrews
Novice
Novice

Posts Posts : 20
Joined Joined : 2011-02-07
OS OS : Greer, South Carolina
Points Points : 21522
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Commy report

Post by Dr Jay on Fri Apr 22, 2011 4:01 am

ESET Online Scan

Please run a free online scan with the [You must be registered and logged in to see this link.]
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13717
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302127
# Likes # Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum