Can anyone help me with this log?

**tampafl** · 05-15-2008, 09:32 PM

Ok, all went well! Here's the report-

ComboFix 08-05-15.2 - New Mom 2008-05-15 21:56:53.1 - NTFSx86
Running from: C:\Documents and Settings\New Mom\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Mom\Application Data\SpamBlocker
C:\Program Files\Common Files\{1C661~1
C:\Program Files\Common Files\{1C661~2
C:\Program Files\Common Files\companion wizard
C:\Program Files\Common Files\companion wizard\log.txt
C:\Program Files\Common Files\ecurit~1
C:\Program Files\Common Files\racle~1
C:\Program Files\crosof~1
C:\Program Files\Messenger\livefolus821058.dll
C:\Program Files\scurit~1
C:\temp\tn3
C:\WA6P
C:\WINDOWS\asks~1
C:\WINDOWS\cookies.ini
C:\WINDOWS\icroso~1.net
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\{188ea3af-d8ca-9191-e51e-945453515a28}.dll
C:\WINDOWS\system32\asembl~1
C:\WINDOWS\system32\AutoRun.inf
C:\WINDOWS\system32\dFrnx05
C:\WINDOWS\system32\drivers\mskssrvv.sys
C:\WINDOWS\system32\GfgjQqss.ini
C:\WINDOWS\system32\GfgjQqss.ini2
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\stera.log
C:\WINDOWS\system32\xrrhfdno.ini
C:\WINDOWS\wnsxs~1

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MSKSSRVV
-------\Legacy_NPF
-------\Legacy_VSPF
-------\Legacy_VSPF_HK
-------\Service_mskssrvv

((((((((((((((((((((((((( Files Created from 2008-04-16 to 2008-05-16 )))))))))))))))))))))))))))))))
.

2008-05-15 11:40 . 2008-05-15 14:13 <DIR> d-------- C:\Documents and Settings\New Mom\.housecall6.6
2008-05-15 11:36 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-05-15 11:35 . 2008-05-15 11:35 <DIR> d-------- C:\Program Files\Common Files\Java
2008-05-15 08:25 . 2008-05-15 08:27 <DIR> d-------- C:\Program Files\Team6 game studios
2008-05-15 00:30 . 2008-05-15 00:30 2,652 --a------ C:\WINDOWS\system32\tmp.reg
2008-05-15 00:29 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-05-15 00:29 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-05-15 00:29 . 2008-04-24 08:10 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
2008-05-15 00:29 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-05-15 00:29 . 2008-04-28 08:03 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
2008-05-15 00:29 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-05-15 00:29 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-05-15 00:29 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-05-14 21:01 . 2008-05-14 23:29 <DIR> d-------- C:\Program Files\EsetOnlineScanner
2008-05-14 18:40 . 2008-05-14 18:40 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-14 18:40 . 2008-05-14 18:40 <DIR> d-------- C:\Documents and Settings\New Mom\Application Data\Malwarebytes
2008-05-14 18:40 . 2008-05-14 18:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-14 18:40 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-05-14 18:40 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-05-14 15:23 . 2008-05-14 20:30 94,208 --------- C:\WINDOWS\system32\opxakaxb.dll
2008-05-14 15:20 . 2008-05-14 15:20 115,712 --a------ C:\WINDOWS\system32\giealbih.dll
2008-05-14 14:06 . 2008-05-14 14:06 108,032 --a------ C:\WINDOWS\system32\gcjwkrng.dll
2008-05-13 20:26 . 2008-05-13 20:27 <DIR> d-------- C:\Program Files\Panda Security
2008-05-13 19:00 . 2008-05-13 19:00 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-13 18:09 . 2008-05-13 18:09 <DIR> d-------- C:\Program Files\PCPitstop
2008-05-13 18:09 . 2008-05-13 18:09 <DIR> d-------- C:\Program Files\Common Files\Scanner
2008-05-13 17:51 . 2008-05-13 17:51 <DIR> d-------- C:\VundoFix Backups
2008-05-13 17:10 . 2008-05-13 17:12 <DIR> d-------- C:\Program Files\CleanUp!
2008-05-13 16:50 . 2008-05-13 16:50 <DIR> d-------- C:\Documents and Settings\Administrator
2008-05-13 16:50 . 2008-05-15 21:56 1,024 --ah----- C:\Documents and Settings\Administrator\ntuser.dat.LOG
2008-05-13 12:18 . 2008-05-13 12:18 115,712 --a------ C:\WINDOWS\system32\nmqocciq.dll
2008-05-13 12:13 . 2008-05-13 12:13 <DIR> d-------- C:\Documents and Settings\New Mom\Application Data\Yahoo!
2008-05-13 12:13 . 2008-05-13 12:13 108,544 --a------ C:\WINDOWS\system32\ggjqnulb.dll
2008-05-13 12:12 . 2008-05-13 12:12 <DIR> d-------- C:\Documents and Settings\New Mom\Application Data\HPAppData
2008-05-13 12:11 . 2008-05-15 00:47 <DIR> d-------- C:\Documents and Settings\New Mom\Application Data\Spyware Terminator
2008-05-13 12:09 . 2008-05-15 21:31 <DIR> d-------- C:\Documents and Settings\New Mom
2008-05-13 12:09 . 2008-05-15 22:28 1,024 --ah----- C:\Documents and Settings\New Mom\ntuser.dat.LOG
2008-05-12 19:18 . 2008-05-12 19:18 <DIR> d-------- C:\Documents and Settings\Z-Man\Application Data\Yahoo!
2008-05-12 19:16 . 2008-05-12 19:16 <DIR> d-------- C:\Documents and Settings\Z-Man\Application Data\HPAppData
2008-05-12 19:14 . 2008-05-12 21:50 <DIR> d-------- C:\Documents and Settings\Z-Man\Application Data\Spyware Terminator
2008-05-12 19:05 . 2008-05-12 19:05 <DIR> d-------- C:\Documents and Settings\Keon\Application Data\Yahoo!
2008-05-12 19:03 . 2008-05-12 19:03 <DIR> d-------- C:\Documents and Settings\Keon\Application Data\HPAppData
2008-05-12 19:01 . 2008-05-12 19:51 <DIR> d-------- C:\Documents and Settings\Keon\Application Data\Spyware Terminator
2008-05-12 18:59 . 2008-05-12 21:39 <DIR> d-------- C:\Documents and Settings\Keon
2008-05-12 18:59 . 2008-05-15 22:26 1,024 --ah----- C:\Documents and Settings\Keon\ntuser.dat.LOG
2008-05-12 18:58 . 2008-05-15 22:26 1,024 --ah----- C:\Documents and Settings\Z-Man\ntuser.dat.LOG
2008-05-12 18:53 . 2008-05-12 19:12 <DIR> d-------- C:\Documents and Settings\Z-Man
2008-05-12 18:15 . 2008-05-15 22:28 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-05-12 18:15 . 2008-05-12 18:15 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-12 17:37 . 2008-05-14 15:19 <DIR> d-------- C:\Program Files\WinClamAVShield
2008-05-12 16:00 . 2008-05-12 19:43 <DIR> d-------- C:\Documents and Settings\Mom\Application Data\Spyware Terminator
2008-05-12 16:00 . 2008-05-15 00:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-05-12 16:00 . 2008-05-12 16:00 141,312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-05-12 15:59 . 2008-05-15 00:47 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-05-12 10:52 . 2008-05-12 10:52 298,311 --a------ C:\WINDOWS\system32\gside.exe
2008-05-12 10:33 . 2008-05-12 10:33 116,736 --a------ C:\WINDOWS\system32\teeycfgx.dll
2008-05-12 10:06 . 2008-05-14 18:13 109,860 --a------ C:\WINDOWS\BM1f552d2f.xml
2008-05-12 10:06 . 2008-05-12 10:06 109,568 --a------ C:\WINDOWS\system32\iyvcjtqe.dll
2008-05-11 13:11 . 2008-05-11 13:11 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\HPAppData
2008-05-11 13:07 . 2008-05-11 13:07 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Yahoo!
2008-05-11 12:18 . 2008-05-14 20:30 371,200 --------- C:\WINDOWS\system32\ssqQjgfG.dll
2008-05-11 12:15 . 2008-05-11 12:15 860 --a------ C:\WINDOWS\system32\winpfz33.sys
2008-05-11 12:14 . 2008-05-11 12:14 401,972 --a------ C:\WINDOWS\system32\g92.exe
2008-05-11 12:14 . 2008-05-11 12:14 167,545 --------- C:\WINDOWS\system32\drivers\core.cache.dsk
2008-05-11 12:13 . 2008-05-12 16:50 <DIR> d-------- C:\WINDOWS\system32\winRem
2008-05-11 12:13 . 2008-05-14 20:30 <DIR> d-------- C:\WINDOWS\system32\spoolX
2008-05-11 12:13 . 2008-05-14 20:30 <DIR> d-------- C:\WINDOWS\system32\MUI2
2008-05-11 12:13 . 2008-05-15 02:18 <DIR> d-------- C:\WINDOWS\system32\cdfig
2008-05-11 12:13 . 2008-05-12 16:50 <DIR> d-------- C:\WINDOWS\system32\1036a
2008-05-11 12:13 . 2008-05-15 21:57 <DIR> d-------- C:\Temp
2008-05-11 12:13 . 2008-05-14 20:30 28,672 --------- C:\WINDOWS\system32\ssqQjHAt.dll
2008-05-07 17:16 . 2008-05-15 00:54 <DIR> d-------- C:\Program Files\FrostWire
2008-05-03 00:12 . 2008-05-03 00:12 <DIR> d-------- C:\Program Files\MP3
2008-05-03 00:12 . 2008-05-03 00:12 <DIR> d-------- C:\Documents and Settings\Mom\WINDOWS
2008-05-03 00:12 . 1998-01-23 12:22 304,128 --a------ C:\WINDOWS\IsUninst.exe
2008-04-28 18:09 . 2008-04-28 18:09 <DIR> d-------- C:\Documents and Settings\Guest\Application Data\Yahoo!
2008-04-28 18:09 . 2008-04-28 18:09 <DIR> d-------- C:\Documents and Settings\Guest\Application Data\HPAppData
2008-04-28 18:07 . 2008-04-28 18:07 <DIR> d-------- C:\Documents and Settings\Guest
2008-04-28 18:07 . 2008-05-15 21:56 1,024 --ah----- C:\Documents and Settings\Guest\ntuser.dat.LOG
2008-04-28 17:17 . 2008-04-28 17:18 452 --a------ C:\WINDOWS\CDPLAYER.UNI
2008-04-28 17:15 . 2008-04-28 17:15 <DIR> d-------- C:\WINDOWS\Free CD Music Converter
2008-04-28 17:15 . 2008-04-28 17:15 <DIR> d-------- C:\Program Files\Free CD Music Converter
2008-04-21 10:35 . 2008-04-21 10:35 <DIR> d-------- C:\Program Files\iPod
2008-04-21 10:34 . 2008-04-21 10:35 <DIR> d-------- C:\Program Files\iTunes
2008-04-21 10:25 . 2008-04-21 10:25 <DIR> d-------- C:\Program Files\Apple Software Update

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-05-15 15:36 --------- d-----w C:\Program Files\Java
2008-05-15 14:57 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-05-15 04:53 --------- d-----w C:\Program Files\Coupons
2008-05-15 02:51 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-05-13 16:10 --------- d-----w C:\Program Files\Web Publish
2008-05-13 01:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\River Past G5
2008-05-07 21:16 --------- d-----w C:\Program Files\LimeWire
2008-05-04 01:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-04-30 23:05 --------- d-----w C:\Documents and Settings\Mom\Application Data\LimeWire
2008-04-21 14:32 --------- d-----w C:\Program Files\QuickTime
2008-04-15 23:13 --------- d-----w C:\Program Files\PhotoScape
2008-04-12 19:33 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-04-11 22:00 --------- d-----w C:\Program Files\Norton Security Scan
2008-03-26 02:34 --------- d-----w C:\Program Files\The Print Shop 20
2008-03-26 02:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Riverdeep Interactive Learning Limited
2008-03-26 02:15 --------- d-----w C:\Program Files\Common Files\Broderbund
2008-03-26 02:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Broderbund Software
2008-03-25 22:20 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-03-18 04:03 --------- d-----w C:\Documents and Settings\Mom\Application Data\ieSpell
2006-11-14 08:48 0 ----a-w C:\Program Files\Common Files\err.log
2005-07-29 20:24 472 --sha-r C:\WINDOWS\TVIuIEhPVFJPRA\npKRKH1jpILjlE.vbs
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2007-11-30 19:26 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 14:47 57344 C:\WINDOWS\ALCXMNTR.EXE]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2004-11-02 10:03 155648]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2004-11-02 09:59 126976]
"Ulead AutoDetector v2"="C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 12:43 90112]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 10:06 88363 C:\WINDOWS\AGRSMMSG.exe]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 22:34 49152]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-05-12 16:00 1817600]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\RunOnce]
"FlashPlayerUpdate"="C:\WINDOWS\System32\Macromed\ Flash\GetFlash.exe" [ ]

C:\Documents and Settings\Z-Man\Start Menu\Programs\Startup\
prf105.tmp [2008-05-12 18:53:05 0]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 22:26:24 210520]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\securityproviders]
SecurityProviders schannel.dll, digest.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntivirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"2960:UDP"= 2960:UDP:Windows Media Format SDK (iexplore.exe)
"2961:UDP"= 2961:UDP:Windows Media Format SDK (iexplore.exe)
"2982:UDP"= 2982:UDP:Windows Media Format SDK (iexplore.exe)

R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-05-12 16:00]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.
Contents of the 'Scheduled Tasks' folder
"2008-05-06 20:01:08 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-14 22:00:04 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-15 22

00
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
.
************************************************** ************************
.
Completion time: 2008-05-15 22:33:25 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-16 02:33:19

Pre-Run: 24,630,673,408 bytes free
Post-Run: 25,401,085,952 bytes free

231 --- E O F --- 2008-05-14 07:02:09

Thread: Can anyone help me with this log?

Thread Tools

Display

Threaded View

Thread Information

Users Browsing this Thread

Posting Permissions