Other > Viruses and worms

Virus and Pop Up Issues

<< < (11/15) > >>

oldman:
If you have all ready done the combofix fix and can't view the log. Open it from here.

Open windows explorer, click on the c:\ drive. Look in the right hand panel for combofix3.txt  Double click it open it. Copy and paste the contents in your next reply.

MareJordan:
Thank you for making things easier for me Oldman, appreciated. Hope this is what you are looking for. In my last two rebootings, I have not had any files or links missing when opening. And I also am not getting pop ups, so far!!!


ComboFix 07-12-07.3 - Owner 2007-12-07 21:05:38.1 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1033.18.134 [GMT -7:00]
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
 * Created a new restore point
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

C:\Documents and Settings\All Users\Start Menu\Live Safety Center.lnk
C:\Documents and Settings\All Users\Start Menu\Online Security Guide.lnk
C:\Documents and Settings\Owner\Favorites\Online Security Guide.lnk
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\Temp\abW9
C:\WINDOWS\cookies.ini
C:\WINDOWS\ms042771381691.exe
C:\WINDOWS\system32\bccdd.ini
C:\WINDOWS\system32\bccdd.ini2
C:\WINDOWS\system32\ddccb.dll
C:\WINDOWS\system32\ldcore.dll
C:\WINDOWS\system32\ldinfo.ldr
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\rev1
C:\WINDOWS\system32\rMa02yy
C:\WINDOWS\system32\t21
C:\WINDOWS\system32\v2
D:\Autorun.inf





MareJordan:
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_DOMAINSERVICE


(((((((((((((((((((((((((   Files Created from 2007-11-08 to 2007-12-08  )))))))))))))))))))))))))))))))
.

2007-12-07 18:22 . 2007-12-07 18:22   <DIR>   d--------   C:\Deckard
2007-12-07 16:49 . 2007-12-07 16:49   <DIR>   d--------   C:\Program Files\Trend Micro
2007-12-06 23:10 . 2007-12-07 05:41   832,875   --ahs----   C:\WINDOWS\system32\ioftvujv.ini
2007-12-06 23:02 . 2007-12-06 23:34   <DIR>   d--------   C:\Program Files\XoftSpySE
2007-12-05 09:02 . 2007-12-05 09:02   <DIR>   d--------   C:\Program Files\Windows Defender
2007-12-04 19:03 . 2007-12-06 07:50   804,720   --ahs----   C:\WINDOWS\system32\oyypgmcg.ini
2007-12-03 17:39 . 2007-12-03 17:40   <DIR>   d--------   C:\WINDOWS\system32\bmv2
2007-12-03 17:29 . 2007-12-03 17:29   <DIR>   d--------   C:\WINDOWS\system32\daSgo06
2007-12-03 17:29 . 2007-12-03 17:33   <DIR>   d--------   C:\temp\bkR11
2007-12-03 17:23 . 2007-12-03 16:28   801,367   --ahs----   C:\WINDOWS\system32\npmfetef.ini
2007-12-03 16:08 . 2007-12-03 16:08   801,367   --ahs----   C:\WINDOWS\system32\npmfetef.tmp
2007-12-03 13:32 . 2007-12-03 08:42   23,600   --a------   C:\WINDOWS\system32\drivers\TVICHW32.SYS
2007-12-02 14:29 . 2007-12-03 14:32   801,306   --ahs----   C:\WINDOWS\system32\pqpycxtv.ini
2007-12-01 14:42 . 2007-12-01 21:01   800,861   --ahs----   C:\WINDOWS\system32\tedqcoyv.ini
2007-11-30 14:31 . 2007-12-01 07:35   800,768   --ahs----   C:\WINDOWS\system32\evseffuq.ini
2007-11-30 10:46 . 2007-11-30 10:46   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-11-30 10:45 . 2007-12-07 21:15   <DIR>   d--------   C:\Program Files\SUPERAntiSpyware
2007-11-30 10:45 . 2007-11-30 10:45   <DIR>   d--------   C:\Program Files\Common Files\Wise Installation Wizard
2007-11-30 10:45 . 2007-11-30 10:45   <DIR>   d--------   C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
2007-11-30 08:49 . 2007-11-30 13:10   800,570   --ahs----   C:\WINDOWS\system32\oclyfepm.ini
2007-11-29 08:45 . 2007-11-30 07:48   793,760   --ahs----   C:\WINDOWS\system32\poxvlnmh.ini
2007-11-28 18:52 . 2007-11-29 08:41   789,960   --ahs----   C:\WINDOWS\system32\fmwokixo.ini

MareJordan:
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-05 05:33   ---------   d-----w   C:\Program Files\Yahoo!
2007-12-05 05:33   ---------   d-----w   C:\Program Files\Common Files\Scanner
2007-12-03 18:47   ---------   d-----w   C:\Program Files\Google
2007-12-03 07:05   ---------   d-----w   C:\Program Files\IncrediGames
2007-12-02 22:07   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-29 14:10   ---------   d-----w   C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2007-11-25 01:13   ---------   d-----w   C:\Program Files\Microsoft Home Publishing 2000
2007-11-07 20:33   ---------   d-----w   C:\Program Files\Microsoft Picture It! 7
2007-10-27 02:34   ---------   d---a-w   C:\Documents and Settings\All Users\Application Data\TEMP
2007-09-12 18:52   53,248   ----a-w   C:\WINDOWS\hg173.exe

MareJordan:
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{24A41A0B-4D59-4FA3-86F6-A5EE3C482313}]
         C:\Program Files\Windows NT\mevojuliC:\WINDOWS\system32\v2\swdrv83122.exe.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{62179339-1920-4AED-A272-A889231DE4A5}]
         C:\Program Files\Windows NT\mevojuliC:\DOCUME~1\Owner\LOCALS~1\Temp\CEMG555077.exe.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56]
"DW4"="" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 03:06]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2005-12-06 05:43]
"FLMOFFICE4DMOUSE"="C:\Program Files\Micro Innovations\Wireless Optical Mouse\mouse32a.exe" [2006-06-21 19:30]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41]
"QuickFinder Scheduler"="c:\Corel\Office7\Shared\QFinder7\QFSCHED.EXE" [1996-10-16 00:02]
"RCSystemTray"="C:\Program Files\Registry Cleaner\RCSystemTray.exe" [2006-11-28 15:18]
"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 16:44]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-17 13:58]
"NI.UGDC_0001_N122M2610"="c:\documents and settings\owner\application data\installer_en[1].exe" []
"TMT"="C:\WINDOWS\Gwang.exe" []
"64ced7fd"="C:\WINDOWS\system32\vjuvtfoi.dll" []
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20]

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version