Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Tesllar A removal

Started by ultimatesupes , May 19 2008 11:09 AM

  • This topic is locked This topic is locked
No replies to this topic

#1 ultimatesupes

ultimatesupes

    New Member

  • New Member
  • Pip
  • 1 posts

Posted 19 May 2008 - 11:09 AM

Tried the forum list, did clean up, ran Malwarebytes and it cleaned alot of the system but still hasn't removed tesllar A. Also ran combo fix and here is the log after completion- What next, its driving me nuts!


Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1423 [GMT -4:00]
Running from: C:\Documents and Settings\rmiller\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\temp\tn3

.
((((((((((((((((((((((((( Files Created from 2008-04-19 to 2008-05-19 )))))))))))))))))))))))))))))))
.

2008-05-19 12:22 . 2008-05-19 12:22 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-19 12:22 . 2008-05-19 12:22 <DIR> d-------- C:\Documents and Settings\rmiller\Application Data\Malwarebytes
2008-05-19 12:22 . 2008-05-19 12:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-19 12:22 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-05-19 12:22 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-05-19 11:17 . 2008-05-19 11:17 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-14 15:28 . 2008-05-14 15:28 4,128 --a------ C:\INFCACHE.1
2008-05-01 11:21 . 2008-05-01 11:21 <DIR> d-------- C:\Documents and Settings\rmiller\Application Data\Chasing Dogs Studios
2008-05-01 11:21 . 2008-05-01 11:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Chasing Dogs Studios
2008-05-01 10:02 . 2008-05-01 10:02 4,096 --a------ C:\WINDOWS\d3dx.dat
2008-04-30 20:32 . 2008-04-30 20:33 <DIR> d-------- C:\Program Files\Tinos Fruit Stand
2008-04-30 20:24 . 2008-05-01 10:02 <DIR> d-------- C:\Program Files\Flower Shop Big City Break
2008-04-30 20:04 . 2008-04-30 20:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Trymedia
2008-04-30 20:03 . 2008-05-07 15:53 <DIR> d-------- C:\Program Files\Mystery Case Files - Ravenhearst
2008-04-30 19:13 . 2008-04-30 19:17 <DIR> d-------- C:\Program Files\Diner Dash Flo on the Go
2008-04-30 16:12 . 2008-04-30 16:20 <DIR> d-------- C:\Program Files\Spill the Mystery of the Bermuda Triangle
2008-04-30 16:11 . 2008-04-30 16:20 <DIR> d-------- C:\Documents and Settings\rmiller\Application Data\SprillBermudeEng
2008-04-30 16:09 . 2008-04-30 16:09 <DIR> d-------- C:\Program Files\Common Files\Oberon Media
2008-04-30 12:20 . 2008-04-30 12:20 <DIR> d-------- C:\Program Files\Zombie Shooter
2008-04-30 09:09 . 2008-04-30 12:16 <DIR> d-------- C:\Program Files\PlayFirst
2008-04-30 09:06 . 2008-04-30 09:06 <DIR> d-------- C:\Program Files\ReflexiveArcade
2008-04-30 09:06 . 2008-04-30 09:08 <DIR> d-------- C:\Program Files\Diner Dash 2
2008-04-29 10:44 . 2008-04-30 12:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-04-29 09:39 . 2008-05-16 16:06 1,024 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT.COPY.TMP.LOG
2008-04-29 09:39 . 2008-05-16 16:06 1,024 --ah----- C:\Documents and Settings\admin\NTUSER.DAT.COPY.TMP.LOG
2008-04-28 11:10 . 2008-04-29 09:51 <DIR> d-------- C:\Program Files\LimeWire
2008-04-23 15:37 . 2008-04-29 10:37 <DIR> d-------- C:\Program Files\Dell Games
2008-04-23 15:36 . 2008-04-23 15:36 <DIR> d-------- C:\Documents and Settings\rmiller\Application Data\WildTangent
2008-04-23 15:35 . 2008-04-29 12:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WildTangent
2008-04-23 08:08 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-04-23 08:08 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-04-22 19:55 . 2008-04-22 19:55 2,942 --a------ C:\Documents and Settings\All Users\Application Data\LUUnInstall.LiveUpdate
2008-04-22 19:35 . 2007-11-27 22:56 116,416 --a------ C:\WINDOWS\system32\drivers\msfwhlpr.sys
2008-04-22 19:35 . 2007-11-27 22:56 91,328 --a------ C:\WINDOWS\system32\drivers\msfwdrv.sys
2008-04-22 19:33 . 2008-04-22 19:35 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-04-22 19:33 . 2008-04-22 19:33 <DIR> d-------- C:\WINDOWS\system32\bits
2008-04-22 19:33 . 2007-07-06 15:09 70,928 --a------ C:\WINDOWS\system32\drivers\MpFilter.sys
2008-04-22 19:31 . 2007-03-29 08:56 409,600 --------- C:\WINDOWS\system32\dllcache\qmgr.dll
2008-04-22 19:31 . 2007-03-29 08:56 18,944 --------- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
2008-04-22 19:31 . 2007-03-29 08:56 8,192 --------- C:\WINDOWS\system32\dllcache\bitsprx2.dll
2008-04-22 19:31 . 2007-03-29 08:56 7,168 --------- C:\WINDOWS\system32\dllcache\bitsprx4.dll
2008-04-22 19:31 . 2007-03-29 08:56 7,168 --------- C:\WINDOWS\system32\dllcache\bitsprx3.dll
2008-04-22 19:31 . 2007-03-29 08:56 7,168 --------- C:\WINDOWS\system32\bitsprx4.dll
2008-04-22 19:18 . 2008-05-19 08:04 <DIR> d-------- C:\Program Files\Microsoft Windows OneCare Live
2008-04-22 08:40 . 2008-04-22 08:40 <DIR> d-------- C:\Documents and Settings\rmiller\Application Data\Kerio
2008-04-21 18:35 . 2008-04-21 18:36 <DIR> d--h-c--- C:\WINDOWS\ie8
2008-04-21 15:01 . 2008-04-21 15:01 <DIR> d-------- C:\Documents and Settings\rmiller\Application Data\Symantec
2008-04-21 12:10 . 2008-04-21 12:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg8
2008-04-21 11:12 . 2008-04-22 19:55 <DIR> d-------- C:\Program Files\Symantec
2008-04-21 11:12 . 2008-04-22 19:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2008-04-21 11:09 . 2008-04-22 19:57 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
2008-04-21 10:42 . 2008-04-21 10:44 <DIR> d-------- C:\Program Files\CA Yahoo! Anti-Spy
2008-04-21 10:36 . 2008-04-21 10:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-04-19 11:43 . 2008-05-06 13:06 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-04-19 09:19 . 2008-04-22 08:24 109,734 --a------ C:\WINDOWS\BMbfd5297c.xml
2008-04-19 08:46 . 2008-04-21 12:08 8,192 --a------ C:\Documents and Settings\xguan
2008-04-19 08:46 . 2008-04-21 12:08 8,192 --a------ C:\Documents and Settings\tkinsey
2008-04-19 08:46 . 2008-04-21 12:08 8,192 --a------ C:\Documents and Settings\cwang

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-17 16:14 --------- d-----w C:\Documents and Settings\rmiller\Application Data\LimeWire
2008-05-13 15:00 --------- d-----w C:\Program Files\Common Files\Adobe
2008-05-12 20:26 --------- d-----w C:\Documents and Settings\rmiller\Application Data\AdobeUM
2008-05-02 14:11 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-30 23:22 --------- d-----w C:\Documents and Settings\rmiller\Application Data\PlayFirst
2008-04-23 13:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-04-22 14:56 --------- d-----w C:\Program Files\Common Files\Scanner
2008-04-22 14:39 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-21 14:52 --------- d-----w C:\Program Files\Google
2008-04-21 14:36 --------- d-----w C:\Program Files\Yahoo!
2008-04-19 13:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\STOPzilla!
2008-04-18 20:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\SITEguard
2008-04-18 19:50 --------- d-----w C:\Program Files\Common Files\iS3
2008-04-18 19:37 --------- d-----w C:\Program Files\Incomplete
2008-04-17 20:57 --------- d-----w C:\Documents and Settings\rmiller\Application Data\Eyeblaster
2008-04-17 20:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
2008-04-17 20:54 --------- d-----w C:\Documents and Settings\rmiller\Application Data\GameHouse
2008-04-17 20:09 86,144 ----a-w C:\WINDOWS\system32\drivers\amsintt.sys
2008-04-17 20:09 167,545 ------w C:\WINDOWS\system32\drivers\core.cache.dsk
2008-04-17 15:50 298,311 ----a-w C:\WINDOWS\system32\gside.exe
2008-04-17 15:37 147,456 ----a-w C:\WINDOWS\system32\vbzip10.dll
2008-04-17 15:32 266,608 ----a-w C:\WINDOWS\b3423423.exe
2008-04-17 14:02 720,896 ----a-w C:\WINDOWS\iun6002ev.exe
2008-04-15 14:39 --------- d-----w C:\Program Files\Sonic
2008-04-15 14:39 --------- d-----w C:\Program Files\Roxio
2008-04-14 20:39 --------- d-----w C:\Documents and Settings\rmiller\Application Data\Leadertech
2008-04-10 15:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-04-09 20:48 --------- d-----w C:\Program Files\AVI Codec Pack
2008-03-31 14:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee.com
2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-27 08:12 151,583 ------w C:\WINDOWS\system32\dllcache\msjint40.dll
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-19 09:47 1,845,248 ------w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-03 23:53 78,336 ----a-w C:\WINDOWS\system32\ieencode.dll
2008-03-03 23:53 78,336 ----a-w C:\WINDOWS\system32\dllcache\ieencode.dll
2008-03-03 23:52 70,656 ----a-w C:\WINDOWS\system32\dllcache\iedw.exe
2008-03-03 23:52 599,552 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-03-03 23:52 41,984 ----a-w C:\WINDOWS\system32\licmgr10.dll
2008-03-03 23:52 41,984 ----a-w C:\WINDOWS\system32\dllcache\licmgr10.dll
2008-03-03 23:52 349,184 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
2008-03-03 23:52 224,768 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
2008-03-03 23:52 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2008-03-03 23:52 17,920 ----a-w C:\WINDOWS\system32\dllcache\corpol.dll
2008-03-03 23:52 17,920 ----a-w C:\WINDOWS\system32\corpol.dll
2008-03-03 23:52 116,224 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
2008-03-03 23:52 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
2008-03-03 23:51 94,208 ----a-w C:\WINDOWS\system32\dllcache\inseng.dll
2008-03-03 23:51 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-03-03 23:51 69,120 ----a-w C:\WINDOWS\system32\iesetup.dll
2008-03-03 23:51 69,120 ----a-w C:\WINDOWS\system32\dllcache\iesetup.dll
2008-03-03 23:51 69,120 ----a-w C:\WINDOWS\system32\dllcache\admparse.dll
2008-03-03 23:51 69,120 ----a-w C:\WINDOWS\system32\admparse.dll
2008-03-03 23:51 557,056 ----a-w C:\WINDOWS\system32\dllcache\jscript.dll
2008-03-03 23:51 44,032 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
2008-03-03 23:51 149,504 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2008-03-03 23:51 126,464 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
2008-03-03 23:51 119,808 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
2008-03-03 23:50 60,928 ----a-w C:\WINDOWS\system32\dllcache\icardie.dll
2008-03-03 23:50 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
2008-03-03 23:50 48,128 ----a-w C:\WINDOWS\system32\dllcache\mshtmler.dll
2008-03-03 23:50 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
2008-03-03 23:50 45,568 ----a-w C:\WINDOWS\system32\dllcache\mshta.exe
2008-03-03 23:50 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
2008-03-03 23:50 36,352 ----a-w C:\WINDOWS\system32\imgutil.dll
2008-03-03 23:50 36,352 ----a-w C:\WINDOWS\system32\dllcache\imgutil.dll
2008-03-03 23:50 345,600 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2008-03-03 23:50 268,800 ----a-w C:\WINDOWS\system32\dllcache\iertutil.dll
2008-03-03 23:50 212,992 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2008-03-03 23:46 68,096 ----a-w C:\WINDOWS\system32\dllcache\hmmapi.dll
2008-03-03 23:34 440,832 ----a-w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-03-01 13:06 133,120 ------w C:\WINDOWS\system32\dllcache\extmgr.dll
2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:51 282,624 ------w C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:32 45,568 ------w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-02-20 05:32 148,992 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll
2007-10-30 20:46 88 --sh--r C:\WINDOWS\system32\552B6CF0A8.sys
2007-10-30 20:55 2,828 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot@2008-05-19_12.02.40.72 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-19 15:54:19 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-19 16:51:41 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-19 16:52:21 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_6f8.dat
+ 2008-05-19 16:54:25 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_b8.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00 15360]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 05:40 218032]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-21 10:52 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 19:48 761947]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 18:41 45056]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-09-11 05:40 218032]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 05:40 86960]
"PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [2006-08-22 17:32 184320]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 02:08 483328]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 17:38 583048]
"OneCareUI"="C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe" [2008-04-21 10:23 67112]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-01-10 16:27 385024]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2007-02-02 18:36:53 25214]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\xxwtrssp]
xxwtrssp.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"SENTINEL"= snti386.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^palmOne Registration.lnk]
path=C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\palmOne Registration.lnk
backup=C:\WINDOWS\pss\palmOne Registration.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
backup=C:\WINDOWS\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HOTSYNCSHORTCUTNAME.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HOTSYNCSHORTCUTNAME.lnk
backup=C:\WINDOWS\pss\HOTSYNCSHORTCUTNAME.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Service Manager.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk
backup=C:\WINDOWS\pss\Service Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^rmiller^Start Menu^Programs^Startup^DW_Start.lnk]
path=C:\Documents and Settings\rmiller\Start Menu\Programs\Startup\DW_Start.lnk
backup=C:\WINDOWS\pss\DW_Start.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^rmiller^Start Menu^Programs^Startup^HOTSYNCSHORTCUTNAME.lnk]
path=C:\Documents and Settings\rmiller\Start Menu\Programs\Startup\HOTSYNCSHORTCUTNAME.lnk
backup=C:\WINDOWS\pss\HOTSYNCSHORTCUTNAME.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
--a------ 2008-04-23 02:08 483328 C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bce61ae0]
C:\WINDOWS\system32\nbrqjrxn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMbfd5297c]
C:\WINDOWS\system32\gekbfiet.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
--a------ 2006-11-01 21:48 1392640 C:\WINDOWS\system32\WLTRAY.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
--a------ 2006-08-14 15:20 462336 C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
--a------ 2006-08-03 19:51 1032192 C:\Program Files\Dell\QuickSet\quickset.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
--a------ 2006-07-16 23:29 389120 C:\Program Files\Dell Support\DSAgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
--a------ 2005-11-07 05:20 122940 C:\WINDOWS\System32\DLA\DLACTRLW.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\g]eeV]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\g]eeV\mWhjlnspB]
C:\WINDOWS\system32\pcntkkdn.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
--a------ 2006-09-11 05:40 218032 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe]
C:\PROGRA~1\mcafee.com\agent\mcupdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ModemOnHold]
--------- 2003-09-10 03:24 20480 C:\Program Files\NetWaiting\netWaiting.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
C:\Program Files\McAfee\SpamKiller\MSKDetct.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-01-10 16:27 385024 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
--a------ 2007-04-23 12:43 228088 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
--a------ 2006-03-25 00:30 282624 C:\WINDOWS\stsystra.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2008-04-21 10:52 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2006-11-19 22:14 180269 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
--a------ 2006-03-30 16:45 313472 C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\winupdates]
C:\Program Files\winupdates\winupdates.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2007-08-30 18:43 4670704 C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{61-1A-A4-4F-DW}]
c:\windows\system32\jjwnw64k.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Dell\\MediaDirect\\PCMService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

R1 amsintt;amsintt;C:\WINDOWS\system32\drivers\amsintt.sys [2008-04-17 16:09]
S3 GameConsoleService;GameConsoleService;"C:\Program Files\WildTangent\Apps\Dell Game Console\GameConsoleService.exe" [2008-03-28 19:04]

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2008-05-08 22:21:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-19 13:02:33
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-05-19 13:03:38
ComboFix-quarantined-files.txt 2008-05-19 17:03:19
ComboFix2.txt 2008-05-19 16:03:00

Pre-Run: 7,725,236,224 bytes free
Post-Run: 7,742,119,936 bytes free

287 --- E O F --- 2008-05-16 18:33:00

    Advertisements

Register to Remove

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·