Bullguard Antivirus Forum Download A Free Copy Of Bullguard Antivirus Software
Free Antivirus Forum - Learn about antivirus, firewalls and personal security Free Antivirus Forum - Learn about antivirus, firewalls and personal security
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Posting my logs
   
BullGuard Antivirus Forum > General Security > Spyware > Posting my logs  
Forum Quick Jump
 
New Topic Locked Topic Printable version of : Posting my logs
[ << Previous Thread | Next Thread >> ]

faizal_q
New Member


Date Joined Aug 2008
Total Posts : 5
  		   Posted 8-3-2008 11:29 (GMT +1)    Quote: Posting my logsAlert an admin about: Posting my logs
Thanks a million for helping me to fix my computer, i was almost going to format my laptop thinking i won't be able to fix this until i searched on google and came to your forum.I am really thankful to you.
 
Hijack This Log
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:04:07, on 03/08/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\atievxx.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Hijack This\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1216684783819
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour Service - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7125 bytes
 
ComboFix Log
 
ComboFix 08-08-01.05 - Qureshi 2008-08-03 10:41:50.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.196 [GMT 1:00]
Running from: C:\Documents and Settings\Qureshi\Desktop\ComboFix.exe
 * Created a new restore point
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
(((((((((((((((((((((((((   Files Created from 2008-07-03 to 2008-08-03  )))))))))))))))))))))))))))))))
.
2008-08-03 00:12 . 2008-08-03 00:12 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-08-03 00:12 . 2008-08-03 00:12 <DIR> d-------- C:\Documents and Settings\Qureshi\Application Data\SUPERAntiSpyware.com
2008-08-03 00:12 . 2008-08-03 00:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-08-03 00:11 . 2008-08-03 00:11 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-02 17:49 . 2008-08-02 17:49 <DIR> d-------- C:\Program Files\CCleaner
2008-08-02 10:25 . 2008-08-02 10:28 <DIR> d-------- C:\Documents and Settings\Qureshi\Contacts
2008-08-02 00:08 . 2008-08-02 00:08 268 --ah----- C:\sqmdata00.sqm
2008-08-02 00:08 . 2008-08-02 00:08 244 --ah----- C:\sqmnoopt00.sqm
2008-08-01 23:40 . 2008-08-01 23:41 <DIR> d-------- C:\Program Files\MSN Messenger
2008-08-01 21:02 . 2008-08-01 21:02 96,559 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-08-01 21:02 . 2008-08-01 21:02 87,855 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-08-01 20:59 . 2008-08-01 20:59 <DIR> d-------- C:\Program Files\Kaspersky Lab
2008-08-01 20:59 . 2008-08-03 10:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-08-01 01:10 . 2008-08-01 01:10 <DIR> d-------- C:\Program Files\Softwin
2008-08-01 01:08 . 2008-08-01 01:10 <DIR> d-------- C:\Program Files\Common Files\Softwin
2008-07-31 01:31 . 2008-08-03 10:49 1,666,592 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-07-31 01:31 . 2008-08-03 10:49 253,984 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-07-31 01:31 . 2008-08-03 10:49 14,100 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-07-31 01:31 . 2008-08-03 10:49 1,948 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2008-07-31 01:15 . 2008-07-31 01:30 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-07-31 01:14 . 2004-04-27 04:40 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2008-07-31 01:13 . 2008-07-31 01:13 <DIR> d-------- C:\Program Files\Zone Labs
2008-07-31 01:11 . 2008-07-31 23:50 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-07-31 00:43 . 2008-04-13 19:45 26,112 --a------ C:\WINDOWS\system32\drivers\usbser.sys
2008-07-31 00:43 . 2008-04-13 19:45 26,112 --a--c--- C:\WINDOWS\system32\dllcache\usbser.sys
2008-07-31 00:43 . 2008-07-31 00:43 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-07-31 00:43 . 2008-07-31 00:43 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-07-30 23:44 . 2008-07-31 00:44 <DIR> d-------- C:\Documents and Settings\Qureshi\Application Data\PC Suite
2008-07-30 23:44 . 2008-07-31 01:05 <DIR> d-------- C:\Documents and Settings\Qureshi\Application Data\Nokia
2008-07-30 23:44 . 2008-07-30 23:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-07-30 23:38 . 2008-07-30 23:38 <DIR> d-------- C:\Program Files\DIFX
2008-07-30 23:38 . 2008-07-30 23:39 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2008-07-30 23:38 . 2008-07-30 23:38 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-07-30 23:38 . 2007-09-17 15:53 21,632 --a------ C:\WINDOWS\system32\drivers\pccsmcfd.sys
2008-07-30 23:37 . 2008-07-30 23:37 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2008-07-30 23:37 . 2008-05-07 07:39 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll
2008-07-30 23:37 . 2008-05-07 07:38 659,968 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-07-30 23:37 . 2008-05-07 07:38 20,864 --a------ C:\WINDOWS\system32\drivers\ccdcmbo.sys
2008-07-30 23:37 . 2008-05-07 07:38 17,536 --a------ C:\WINDOWS\system32\drivers\ccdcmb.sys
2008-07-30 23:37 . 2008-06-06 09:24 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2008-07-30 23:36 . 2008-07-30 23:38 <DIR> d-------- C:\Program Files\Nokia
2008-07-30 23:36 . 2008-05-07 07:38 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-07-30 23:34 . 2008-07-30 23:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Installations
2008-07-29 20:21 . 2008-07-29 20:21 218,376 --a------ C:\WINDOWS\system32\klogon.dll
2008-07-29 20:20 . 2008-07-29 20:20 24,774 --a------ C:\WINDOWS\system32\drivers\klopp.dat
2008-07-28 00:15 . 2008-07-28 00:15 <DIR> d-------- C:\Program Files\Common Files\Adobe AIR
2008-07-28 00:11 . 2008-07-28 00:12 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-07-28 00:07 . 2008-07-28 09:58 <DIR> d-------- C:\Program Files\NOS
2008-07-28 00:07 . 2008-07-28 09:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NOS
2008-07-27 15:13 . 2008-08-01 20:17 236 --a------ C:\Documents and Settings\Qureshi\Application Data\shedl.bat
2008-07-27 15:11 . 2008-08-01 20:16 1,695,744 --a------ C:\Documents and Settings\Qureshi\Application Data\databak3.exe
2008-07-27 15:11 . 2008-08-01 20:16 1,695,744 --a------ C:\Documents and Settings\Qureshi\Application Data\databak.exe
2008-07-27 13:55 . 2008-07-27 13:55 124,688 --a------ C:\WINDOWS\system32\MSWINSCK.OCX
2008-07-27 13:55 . 2008-07-27 15:08 12,288 --a------ C:\WINDOWS\system32\aplib.dll
2008-07-27 11:16 . 2008-07-27 11:16 <DIR> d-------- C:\Program Files\BitDefender
2008-07-27 11:11 . 2008-08-01 01:05 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2008-07-27 11:05 . 2008-08-01 01:02 121 --a------ C:\WINDOWS\bdagent.INI
2008-07-27 11:04 . 2008-08-01 01:16 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-07-27 11:00 . 2008-07-27 11:17 <DIR> d-------- C:\Program Files\Common Files\BitDefender
2008-07-26 09:39 . 2008-07-26 09:39 <DIR> d-------- C:\Documents and Settings\Qureshi\Application Data\Apple Computer
2008-07-26 09:38 . 2008-07-26 09:38 <DIR> d-------- C:\Program Files\iTunes
2008-07-26 09:38 . 2008-07-26 09:38 <DIR> d-------- C:\Program Files\iPod
2008-07-26 09:35 . 2008-08-01 20:15 <DIR> d-------- C:\Program Files\QuickTime
2008-07-26 09:35 . 2008-07-26 09:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-07-26 09:34 . 2008-07-26 09:34 <DIR> d-------- C:\Program Files\Apple Software Update
2008-07-26 09:34 . 2008-07-10 09:35 32,000 --a------ C:\WINDOWS\system32\drivers\usbaapl.sys
2008-07-26 09:33 . 2008-07-26 09:33 <DIR> d-------- C:\Program Files\Common Files\Apple
2008-07-26 09:33 . 2008-07-26 09:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-07-26 09:01 . 2008-04-14 01:12 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-07-26 09:01 . 2008-04-13 19:45 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-07-26 09:01 . 2008-04-13 19:45 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-07-26 09:01 . 2001-08-17 22:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-07-26 01:07 . 2008-04-13 19:45 32,128 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-07-26 01:07 . 2008-04-13 19:45 32,128 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-07-26 01:05 . 2008-07-26 01:05 <DIR> d-------- C:\Program Files\Avanquest update
2008-07-26 01:05 . 2008-07-26 01:05 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BVRP Software
2008-07-26 01:01 . 2008-07-26 01:01 <DIR> d-------- C:\Program Files\Sony Ericsson
2008-07-26 01:01 . 2008-07-26 01:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2008-07-26 00:59 . 2008-07-26 00:59 <DIR> d-------- C:\Documents and Settings\Qureshi\Application Data\InstallShield
2008-07-26 00:33 . 2008-04-13 19:54 22,016 --a------ C:\WINDOWS\system32\drivers\MSIRCOMM.sys
2008-07-26 00:33 . 2008-04-13 19:54 22,016 --a--c--- C:\WINDOWS\system32\dllcache\msircomm.sys
2008-07-25 23:29 . 2008-04-23 05:16 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-07-25 23:29 . 2007-04-17 10:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-07-25 23:29 . 2007-03-08 06:10 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-07-25 23:29 . 2008-04-23 05:16 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-07-25 23:29 . 2008-04-23 05:16 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-07-25 23:29 . 2008-04-23 05:16 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-07-25 23:29 . 2008-04-23 05:16 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-07-25 23:29 . 2008-04-23 05:16 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-07-25 23:29 . 2008-04-22 08:39 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-07-22 23:37 . 2008-07-22 23:37 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-07-22 23:37 . 2008-07-22 23:37 <DIR> d-------- C:\WINDOWS\system32\en
2008-07-22 23:37 . 2008-07-22 23:37 <DIR> d-------- C:\WINDOWS\l2schemas
2008-07-22 23:03 . 2008-06-13 12:05 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-07-22 23:02 . 2008-05-08 15:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys
2008-07-22 22:58 . 2008-04-14 01:12 1,306,624 --------- C:\WINDOWS\system32\msxml6.dll
2008-07-22 22:57 . 2008-04-14 01:10 844,314 -----c--- C:\WINDOWS\system32\dllcache\msdxm.ocx
2008-07-22 22:56 . 2008-04-14 01:09 290,816 -----c--- C:\WINDOWS\system32\dllcache\l3codeca.acm
2008-07-22 22:55 . 2008-04-14 01:12 695,808 -----c--- C:\WINDOWS\system32\dllcache\drmv2clt.dll
2008-07-22 22:54 . 2008-04-14 01:11 136,192 --------- C:\WINDOWS\system32\aaclient.dll
2008-07-22 22:09 . 2008-07-26 00:28 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-07-22 02:09 . 2008-07-23 23:33 316,640 --a------ C:\WINDOWS\WMSysPr9.prx
2008-07-22 02:07 . 2008-07-22 02:07 <DIR> d-------- C:\WINDOWS\provisioning
2008-07-22 02:07 . 2008-07-22 23:37 <DIR> d-------- C:\WINDOWS\peernet
2008-07-22 02:03 . 2008-07-22 23:41 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-07-22 01:55 . 2007-08-10 20:46 26,488 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-07-22 01:51 . 2008-07-22 23:13 <DIR> d-------- C:\WINDOWS\EHome
2008-07-22 01:40 . 2008-04-14 05:42 11,264 --------- C:\WINDOWS\system32\spnpinst.exe
2008-07-22 01:40 . 2004-08-02 14:20 7,208 --------- C:\WINDOWS\system32\secupd.sig
2008-07-22 01:40 . 2004-08-02 14:20 4,569 --------- C:\WINDOWS\system32\secupd.dat
2008-07-22 01:18 . 2008-07-22 01:18 <DIR> d---s---- C:\WINDOWS\system32\Microsoft
2008-07-22 01:18 . 2008-07-22 01:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-07-22 01:02 . 2008-07-22 23:37 <DIR> d-------- C:\WINDOWS\system32\bits
2008-07-22 01:02 . 2008-04-13 18:39 438,784 --a------ C:\WINDOWS\system32\xpob2res.dll
2008-07-22 01:02 . 2008-04-14 01:12 354,304 --a------ C:\WINDOWS\system32\winhttp.dll
2008-07-22 01:02 . 2008-04-14 01:12 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2008-07-22 01:02 . 2008-04-14 01:11 8,192 --------- C:\WINDOWS\system32\bitsprx2.dll
2008-07-22 01:02 . 2008-04-14 01:11 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2008-07-22 01:00 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2008-07-22 01:00 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2008-07-22 01:00 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-07-22 01:00 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2008-07-22 01:00 . 2007-07-30 19:18 34,136 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-07-22 01:00 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll
2008-07-22 01:00 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-14 02:07 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-20 17:46 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 11:51 361,600 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 11:40 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 11:08 225,856 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-13 11:05 272,128 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-05-09 10:53 90,112 ----a-w C:\WINDOWS\system32\wshext.dll
2008-05-09 10:53 430,080 ----a-w C:\WINDOWS\system32\vbscript.dll
2008-05-09 10:53 180,224 ----a-w C:\WINDOWS\system32\scrobj.dll
2008-05-09 10:53 172,032 ----a-w C:\WINDOWS\system32\scrrun.dll
2008-05-08 11:24 155,648 ----a-w C:\WINDOWS\system32\wscript.exe
2008-05-07 09:07 135,168 ----a-w C:\WINDOWS\system32\cscript.exe
2008-05-07 05:12 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 01:12 15360]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-07-18 01:18 289088]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-22 00:36 68856]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-02-20 17:19 356352]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 16:00 1249280]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-06-18 14:31 1122816]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:54 5674352]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-28 10:33 1506544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 09:47 116040]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-10 10:51 289064]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 02:38 34672]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-07-29 20:20 206088]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 01:12 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
2007-02-15 19:02 50736 C:\WINDOWS\system32\avldr.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\German\\setup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\english\\setup.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [2008-01-29 18:29]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 19:02]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 18:06]
R3 Maestro;ESS Maestro2E Audio Driver (WDM);C:\WINDOWS\system32\drivers\essm2e.sys [2004-08-04 06:32]
.
Contents of the 'Scheduled Tasks' folder
2008-07-26 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57]
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-APVXDWIN - C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE

.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.co.uk/
R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
O8 -: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm

**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-03 10:53:11
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...

C:\Documents and Settings\Qureshi\Local Settings\Application Data\Microsoft\Messenger\maaz_86@hotmail.com\SharingMetadata\Working\database_64C8_3377_C833_4718\fsrtmp.log 131072 bytes
C:\Documents and Settings\Qureshi\Local Settings\Application Data\Microsoft\Messenger\maaz_86@hotmail.com\SharingMetadata\Working\database_64C8_3377_C833_4718\tmp.edb 131072 bytes
scan completed successfully
hidden files: 2
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\atievxx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\MSN Messenger\usnsvc.exe
.
**************************************************************************
.
Completion time: 2008-08-03 10:58:19 - machine was rebooted
ComboFix-quarantined-files.txt  2008-08-03 09:58:02
Pre-Run: 20,838,957,056 bytes free
Post-Run: 20,790,575,104 bytes free
244 --- E O F --- 2008-07-25 23:29:34
 
SuperAntiSpyware Log
 
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 08/03/2008 at 01:23 AM
Application Version : 4.15.1000
Core Rules Database Version : 3524
Trace Rules Database Version: 1514
Scan type       : Complete Scan
Total Scan Time : 01:07:55
Memory items scanned      : 449
Memory threats detected   : 3
Registry items scanned    : 3825
Registry threats detected : 31
File items scanned        : 19996
File threats detected     : 20
Adware.Vundo-Variant/J
 C:\WINDOWS\EQVWAMKL.DLL
 C:\WINDOWS\EQVWAMKL.DLL
Trojan.Unclassified/GTS
 C:\WINDOWS\FDKOWVBP.DLL
 C:\WINDOWS\FDKOWVBP.DLL
 HKLM\Software\Microsoft\Internet Explorer\Toolbar#{063F86B1-1C09-4640-A4E7-4F8E074124AF}
 HKCR\CLSID\{063F86B1-1C09-4640-A4E7-4F8E074124AF}
 HKCR\CLSID\{063F86B1-1C09-4640-A4E7-4F8E074124AF}
 HKCR\CLSID\{063F86B1-1C09-4640-A4E7-4F8E074124AF}\InprocServer32
 HKCR\CLSID\{063F86B1-1C09-4640-A4E7-4F8E074124AF}\InprocServer32#ThreadingModel
 HKCR\CLSID\{063F86B1-1C09-4640-A4E7-4F8E074124AF}\ProgID
 HKCR\CLSID\{063F86B1-1C09-4640-A4E7-4F8E074124AF}\Programmable
 HKCR\CLSID\{063F86B1-1C09-4640-A4E7-4F8E074124AF}\TypeLib
 HKCR\CLSID\{063F86B1-1C09-4640-A4E7-4F8E074124AF}\VersionIndependentProgID
 HKCR\fdkowvbp.1
 HKCR\fdkowvbp
 HKCR\TypeLib\{91D07571-FFF1-424F-A1AA-5AB1A756AAA2}
 HKCR\TypeLib\{91D07571-FFF1-424F-A1AA-5AB1A756AAA2}\1.0
 HKCR\TypeLib\{91D07571-FFF1-424F-A1AA-5AB1A756AAA2}\1.0\0
 HKCR\TypeLib\{91D07571-FFF1-424F-A1AA-5AB1A756AAA2}\1.0\0\win32
 HKCR\TypeLib\{91D07571-FFF1-424F-A1AA-5AB1A756AAA2}\1.0\FLAGS
 HKCR\TypeLib\{91D07571-FFF1-424F-A1AA-5AB1A756AAA2}\1.0\HELPDIR
Trojan.Net-MSV/VPS-Variant
 C:\WINDOWS\NFAVXWDBVFT.DLL
 C:\WINDOWS\NFAVXWDBVFT.DLL
 HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{182FB7A7-5BB2-4C34-A943-AB24145E78F5}
 HKCR\CLSID\{182FB7A7-5BB2-4C34-A943-AB24145E78F5}
 HKCR\CLSID\{182FB7A7-5BB2-4C34-A943-AB24145E78F5}
 HKCR\CLSID\{182FB7A7-5BB2-4C34-A943-AB24145E78F5}\InprocServer32
 HKCR\CLSID\{182FB7A7-5BB2-4C34-A943-AB24145E78F5}\InprocServer32#ThreadingModel
 HKCR\CLSID\{182FB7A7-5BB2-4C34-A943-AB24145E78F5}\ProgID
 HKCR\CLSID\{182FB7A7-5BB2-4C34-A943-AB24145E78F5}\Programmable
 HKCR\CLSID\{182FB7A7-5BB2-4C34-A943-AB24145E78F5}\TypeLib
 HKCR\CLSID\{182FB7A7-5BB2-4C34-A943-AB24145E78F5}\VersionIndependentProgID
Adware.Tracking Cookie
 C:\Documents and Settings\Qureshi\Cookies\qureshi@indextools[2].txt
 C:\Documents and Settings\Qureshi\Cookies\qureshi@www.system-defender[1].txt
Desktop Hijacker.AboutYourPrivacy
 C:\WINDOWS\privacy_danger\images\capt.gif
 C:\WINDOWS\privacy_danger\images\danger.jpg
 C:\WINDOWS\privacy_danger\images\down.gif
 C:\WINDOWS\privacy_danger\images\spacer.gif
 C:\WINDOWS\privacy_danger\images
 C:\WINDOWS\privacy_danger\index.htm
 C:\WINDOWS\privacy_danger
Trojan.Net-MU/Gen
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo#DisplayName
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo#uninstallString
Rogue.AntiVirus 2008 Pro
 HKU\S-1-5-21-1606980848-1580818891-839522115-1003\Software\antivirus 2008 pro
 C:\Documents and Settings\Qureshi\Start Menu\Programs\Antivirus 2008 PRO\antivirus-2008pro.lnk
 C:\Documents and Settings\Qureshi\Start Menu\Programs\Antivirus 2008 PRO
 C:\Documents and Settings\Qureshi\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus-2008pro.lnk
 C:\Documents and Settings\Qureshi\Desktop\antivirus-2008pro.lnk
 C:\PROGRAM FILES\COMPLUS APPLICATIONS\ANTIVIRUS 2008 PRO\ANTIVIRUS-2008PRO.EXE
Trojan.Net-WNS/NMC
 HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad#eqvwamkl [ {A265C9BC-8BAF-4C49-9E0B-08E69BE14D7D} ]
 C:\WINDOWS\WNSLVXTF.DLL
Trojan.Dropper/Gen
 C:\WINDOWS\ETFL.EXE
 C:\WINDOWS\GRSWPTDL.EXE
Back to Top
 
New Topic Locked Topic Printable version of : Posting my logs
 
Forum Information
Currently it is Thursday, November 20, 2008 8:53 AM (GMT +1)
There are a total of 63.915 posts in 15.821 threads.
In the last 3 days there were 34 new threads and 143 reply posts. View Active Threads
Who's Online
This forum has 27172 registered members. Please welcome our newest member, Kenku.
41 Guest(s), 1 Registered Member(s) are currently online.  Details
Touch
5 Latest Threads
Performance dive (6)20-11-2008 06:40:36 (Touch)
Internet Redircet Virus on Vista (7)20-11-2008 05:56:10 (Touch)
Win 32-trojan-gen (11)20-11-2008 05:52:16 (Touch)
Very slow boot up (3)20-11-2008 05:50:49 (Touch)
Virus issues- please help (4)20-11-2008 05:48:58 (Touch)


Need Support? Write to: | Forum Help Manual

Download free trial version of Bullguard