almost positive im infected

Status
Not open for further replies.
G

generalaxes

In Runtime
Messages
125
just like the title says im pretty sure something is amiss in my pc.
two main factors
one the internet suddenly stopped working.
two all of a sudden the PC no longer accepts my flash drive.
i checked my hardware and it says that my connection is good, some internet services work but IE does not
i have previously used this the very same flash drive and now when i attach it to the computer i get a blue screen and a stop code. i was trying to get ccleaner, avg, and firefox on the computer to see if they helped but...
so what do you guys think?
thanks
 
Hello,

I would think so as well. Go thru Osiris's guide and post your log up in our analyze area.

Cheers,
Mak
 
:) id love to, but... i think i will need some help please
the computer has no internet
and when i try to use my pin drive to get programs on the computer like HJT i get that stop blue screen and stop code
0x0000007E (0xc000001D, 0xF8FF38E2, 0xF8FF37EC, 0xF8FF34E8)
 
awesome! so i poked around existing topic's and i was able to get my foot in the door and i was able to complete Osiris' guide
so if you of the mod's could move this to the analyze area please
here is my HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:23:44 PM, on 7/27/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sprint\Pantech\Sprint Mobile Broadband (Pantech)\PWIUtilityService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Sprint\Pantech\Sprint Mobile Broadband (Pantech)\CMPWI.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Live Search:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! SearchBar Home Page
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {11111111-2222-3333-4444-555555555555} - https://www.taxsimple.com/citrix/federal.CAB
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/MyFunCardsFWBInitialSetup1.0.0.15.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{126ECB1C-0E9E-4296-AE0D-15EDA825AF12}: NameServer = 68.28.186.91 68.28.178.91
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - Unknown owner - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: McAfee HackerWatch Service - Unknown owner - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe (file missing)
O23 - Service: McAfee Redirector Service (McRedirector) - Unknown owner - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe (file missing)
O23 - Service: Pantech Utility Service - Sprint Spectrum, L.L.C - C:\Program Files\Sprint\Pantech\Sprint Mobile Broadband (Pantech)\PWIUtilityService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

--
End of file - 5199 bytes
 
always good news :happy:
while i get that combofix log do you think it would be safe for me to remove
O8-O9 all the extra's and the O23 services of mcafee? i guess revo missed something

ComboFix 08-07-26.1 - KG_2 2008-07-28 3:11:19.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.379 [GMT -6:00]
Running from: C:\Documents and Settings\KG_2\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system\oeminfo.ini
C:\WINDOWS\system32\_006629_.tmp.dll
C:\WINDOWS\system32\_006630_.tmp.dll
C:\WINDOWS\system32\_006631_.tmp.dll
C:\WINDOWS\system32\_006632_.tmp.dll
C:\WINDOWS\system32\_006639_.tmp.dll
C:\WINDOWS\system32\_006640_.tmp.dll
C:\WINDOWS\system32\_006641_.tmp.dll
C:\WINDOWS\system32\_006642_.tmp.dll
C:\WINDOWS\system32\_006644_.tmp.dll
C:\WINDOWS\system32\_006645_.tmp.dll
C:\WINDOWS\system32\_006646_.tmp.dll
C:\WINDOWS\system32\_006648_.tmp.dll
C:\WINDOWS\system32\_006649_.tmp.dll
C:\WINDOWS\system32\_006651_.tmp.dll
C:\WINDOWS\system32\_006652_.tmp.dll
C:\WINDOWS\system32\_006653_.tmp.dll
C:\WINDOWS\system32\_006655_.tmp.dll
C:\WINDOWS\system32\_006658_.tmp.dll
C:\WINDOWS\system32\_006659_.tmp.dll
C:\WINDOWS\system32\_006663_.tmp.dll
C:\WINDOWS\system32\_006664_.tmp.dll
C:\WINDOWS\system32\_006666_.tmp.dll
C:\WINDOWS\system32\_006668_.tmp.dll
C:\WINDOWS\system32\_006669_.tmp.dll
C:\WINDOWS\system32\_006671_.tmp.dll
C:\WINDOWS\system32\_006672_.tmp.dll
C:\WINDOWS\system32\_006673_.tmp.dll
C:\WINDOWS\system32\_006674_.tmp.dll
C:\WINDOWS\system32\_006675_.tmp.dll
C:\WINDOWS\system32\_006678_.tmp.dll
C:\WINDOWS\system32\_006679_.tmp.dll
C:\WINDOWS\system32\_006680_.tmp.dll
C:\WINDOWS\system32\_006681_.tmp.dll
C:\WINDOWS\system32\_006682_.tmp.dll
C:\WINDOWS\system32\_006687_.tmp.dll
C:\WINDOWS\system32\drivers\fad.sys

.
((((((((((((((((((((((((( Files Created from 2008-06-28 to 2008-07-28 )))))))))))))))))))))))))))))))
.

2008-07-27 18:47 . 2008-07-27 18:47 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-07-27 18:47 . 2008-07-27 19:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-27 06:01 . 2008-07-27 06:26 <DIR> d--h----- C:\$AVG8.VAULT$
2008-07-27 05:27 . 2008-07-28 03:03 76,040 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\avgtdix.sys
2008-07-27 05:27 . 2008-07-28 03:03 12,936 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\avgrkx86.sys
2008-07-27 02:36 . 2008-07-27 02:36 <DIR> d-------- C:\VundoFix Backups
2008-07-27 02:17 . 2008-07-27 02:21 <DIR> d-------- C:\Program Files\Trojan Remover
2008-07-27 02:17 . 2008-07-27 02:17 <DIR> d-------- C:\Documents and Settings\KG_2\Application Data\Simply Super Software
2008-07-27 02:17 . 2008-07-27 02:17 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software
2008-07-27 02:17 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\SYSTEM32\ztvunrar36.dll
2008-07-27 02:17 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\SYSTEM32\UNRAR3.dll
2008-07-27 02:17 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\SYSTEM32\ztvunace26.dll
2008-07-27 02:17 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\SYSTEM32\unacev2.dll
2008-07-27 02:17 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\SYSTEM32\ztvcabinet.dll
2008-07-27 02:07 . 2008-07-27 02:07 <DIR> d-------- C:\Program Files\MSConfig CleanUp
2008-07-27 02:06 . 2008-07-27 02:06 <DIR> d-------- C:\Program Files\CleanUp!
2008-07-27 01:59 . 2008-07-27 01:59 <DIR> d-------- C:\Program Files\Trend Micro
2008-07-27 01:29 . 2008-07-27 19:21 <DIR> d-------- C:\WINDOWS\SYSTEM32\DRIVERS\Avg
2008-07-27 01:29 . 2008-07-27 02:04 <DIR> d-------- C:\Documents and Settings\KG_2\Application Data\AVGTOOLBAR
2008-07-27 01:29 . 2008-07-28 03:03 97,928 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\avgldx86.sys
2008-07-27 01:29 . 2008-07-28 03:03 10,520 --a------ C:\WINDOWS\SYSTEM32\avgrsstx.dll
2008-07-27 01:28 . 2008-07-27 01:28 <DIR> d-------- C:\Program Files\AVG
2008-07-27 01:28 . 2008-07-27 05:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-07-27 00:34 . 2008-07-27 00:34 <DIR> d-------- C:\Program Files\CCleaner
2008-07-27 00:01 . 2008-07-27 00:01 <DIR> d-------- C:\WINDOWS\SYSTEM32\scripting
2008-07-27 00:01 . 2008-07-27 00:01 <DIR> d-------- C:\WINDOWS\SYSTEM32\en
2008-07-27 00:01 . 2008-07-27 00:01 <DIR> d-------- C:\WINDOWS\l2schemas
2008-07-26 17:19 . 2003-08-11 10:24 <DIR> d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-07-26 17:19 . 2005-05-29 18:19 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Gtek
2008-07-26 17:19 . 2008-07-27 01:29 <DIR> d-------- C:\Documents and Settings\Administrator
2008-07-19 00:35 . 2008-04-13 18:12 712,704 --------- C:\WINDOWS\SYSTEM32\windowscodecs.dll
2008-07-19 00:35 . 2008-04-13 18:12 346,112 --------- C:\WINDOWS\SYSTEM32\windowscodecsext.dll
2008-07-19 00:35 . 2008-04-13 18:12 276,992 --------- C:\WINDOWS\SYSTEM32\wmphoto.dll
2008-07-19 00:35 . 2008-04-13 18:12 69,120 --------- C:\WINDOWS\SYSTEM32\wlanapi.dll
2008-07-19 00:35 . 2008-04-13 18:12 53,248 --------- C:\WINDOWS\SYSTEM32\tsgqec.dll
2008-07-19 00:35 . 2008-04-13 18:12 50,688 --------- C:\WINDOWS\SYSTEM32\tspkg.dll
2008-07-19 00:34 . 2008-04-13 18:12 412,160 --------- C:\WINDOWS\SYSTEM32\photometadatahandler.dll
2008-07-19 00:34 . 2008-04-13 18:12 291,328 --------- C:\WINDOWS\SYSTEM32\qagentrt.dll
2008-07-19 00:34 . 2008-04-13 18:12 290,304 --------- C:\WINDOWS\SYSTEM32\rhttpaa.dll
2008-07-19 00:34 . 2008-04-13 18:12 150,528 --------- C:\WINDOWS\SYSTEM32\qagent.dll
2008-07-19 00:34 . 2008-04-13 18:12 144,384 --------- C:\WINDOWS\SYSTEM32\onex.dll
2008-07-19 00:34 . 2008-04-13 18:12 76,800 --------- C:\WINDOWS\SYSTEM32\qutil.dll
2008-07-19 00:34 . 2008-04-13 18:12 62,464 --------- C:\WINDOWS\SYSTEM32\qcliprov.dll
2008-07-19 00:34 . 2008-04-13 18:12 61,952 --------- C:\WINDOWS\SYSTEM32\rasqec.dll
2008-07-19 00:34 . 2008-04-13 18:12 32,768 --------- C:\WINDOWS\SYSTEM32\setupn.exe
2008-07-19 00:34 . 2008-04-13 12:40 10,240 --------- C:\WINDOWS\SYSTEM32\DRIVERS\sffp_mmc.sys
2008-07-19 00:32 . 2008-04-13 18:11 650,752 --------- C:\WINDOWS\SYSTEM32\dot3ui.dll
2008-07-19 00:31 . 2008-04-13 18:11 233,472 --------- C:\WINDOWS\SYSTEM32\azroles.dll
2008-07-19 00:31 . 2008-04-13 18:11 136,192 --------- C:\WINDOWS\SYSTEM32\aaclient.dll
2008-07-19 00:31 . 2008-04-13 18:11 48,640 --------- C:\WINDOWS\SYSTEM32\dhcpqec.dll
2008-07-19 00:31 . 2008-04-13 18:11 39,936 --------- C:\WINDOWS\SYSTEM32\dimsroam.dll
2008-07-19 00:31 . 2008-04-13 18:11 19,456 --------- C:\WINDOWS\SYSTEM32\dimsntfy.dll
2008-07-19 00:31 . 2008-04-13 18:11 12,800 --------- C:\WINDOWS\SYSTEM32\credssp.dll
2008-07-19 00:31 . 2008-04-13 18:11 7,168 --------- C:\WINDOWS\SYSTEM32\bitsprx4.dll
2008-07-14 21:52 . 2008-07-27 00:38 <DIR> d-------- C:\Program Files\VS Revo Group

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-27 08:27 --------- d-----w C:\Program Files\Common Files\McAfee
2008-07-27 07:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2008-06-20 17:46 245,248 ----a-w C:\WINDOWS\SYSTEM32\mswsock.dll
2008-06-20 11:51 361,600 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 11:40 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 11:08 225,856 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-13 11:05 272,128 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-05-09 10:53 90,112 ----a-w C:\WINDOWS\SYSTEM32\wshext.dll
2008-05-09 10:53 430,080 ----a-w C:\WINDOWS\SYSTEM32\vbscript.dll
2008-05-09 10:53 180,224 ----a-w C:\WINDOWS\SYSTEM32\scrobj.dll
2008-05-09 10:53 172,032 ----a-w C:\WINDOWS\SYSTEM32\scrrun.dll
2008-05-08 11:24 155,648 ----a-w C:\WINDOWS\SYSTEM32\wscript.exe
2008-05-07 09:07 135,168 ----a-w C:\WINDOWS\SYSTEM32\cscript.exe
2008-05-07 05:12 1,288,192 ----a-w C:\WINDOWS\SYSTEM32\quartz.dll
2000-12-12 18:17 100,432 -c--a-w C:\Program Files\Win2000PPAHotfix.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 18:12 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-07-28 03:03 1235736]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\SYSTEM32\\mshta.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\Drivers\avgrkx86.sys [2008-07-28 03:03]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-07-28 03:03]
R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-07-28 03:03]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-07-28 03:03]
R3 pxfhbus;PANTECH PC Card Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\pxfhbus.sys [2007-05-01 19:38]
R3 pxfhmdfl;PANTECH PC Card Filter;C:\WINDOWS\system32\DRIVERS\pxfhmdfl.sys [2007-05-01 19:38]
R3 pxfhmdm;PANTECH PC Card Drivers;C:\WINDOWS\system32\DRIVERS\pxfhmdm.sys [2007-05-01 19:38]
R3 pxfhserd;PANTECH PC Card Diagnostic Serial Port (WDM);C:\WINDOWS\system32\DRIVERS\pxfhserd.sys [2007-05-01 19:38]
S2 BulkUsb;Compaq C3-1000;C:\WINDOWS\system32\Drivers\usbscan.sys [2008-04-13 12:45]
S3 {5C8B2B62-A385-11d5-A78B-00104B672758};AIM 3.0 Part 01 Codec Driver CH-7017-A;C:\WINDOWS\system32\drivers\A311.sys [2003-02-04 23:04]
S3 {5C8B2B65-A385-11d5-A78B-00104B672758};AIM 3.0 Part 01 Codec Driver CH-7017-B;C:\WINDOWS\system32\drivers\A310.sys [2003-02-04 23:04]
S3 AWINDIS5;AWINDIS5 Protocol Driver;C:\WINDOWS\System32\AWINDIS5.SYS [2002-04-11 18:43]
S3 PRISM_ICB;NETGEAR WG511 Wireless LAN Driver;C:\WINDOWS\system32\DRIVERS\WG511ICB.sys [2005-02-16 14:24]
S3 PRISM_USB;D-Link Air Wireless USB Adapter Driver;C:\WINDOWS\system32\DRIVERS\PRISMUSB.sys [2003-10-02 15:47]

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
2008-03-19 C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (D402G831-KG_2).job - c:\program files\mcafee.com\vso\mcmnhdlr.exe []
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.yahoo.com/
R0 -: HKLM-Main,Start Page = hxxp://www.yahoo.com/
R0 -: HKLM-Main,Search Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*Yahoo! SearchBar Home Page
R1 -: HKCU-SearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*Yahoo!
O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O16 -: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab
C:\WINDOWS\Downloaded Program Files\DirectAnimation Java Classes.osd

O16 -: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-28 03:15:14
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-07-28 3:18:51
ComboFix-quarantined-files.txt 2008-07-28 09:18:29

Pre-Run: 18,667,831,296 bytes free
Post-Run: 18,642,989,056 bytes free

189 --- E O F --- 2008-07-27 10:52:00
 
Hello,

Yes yo ucan get rid of those. That will be no big lose there. ;)

But your log looks clean. I dont see anything that really jumps out at me. But i will take a more indepth look at it in a bit.

Cheers,
Mak
 
Status
Not open for further replies.

Similar threads

B
Multiple Seagate External Drives Not Working(Windows+Mac)
Replies
2
Views
407
Joe C
Joe C
P
ComboFix Replacement
Replies
5
Views
508
PC_Cone
P
U
Network problem at home in 5GH - on the computer
Replies
1
Views
851
tehnokraat
T
O
hello & mostly clueless & would appreciate mac security help after trojan attack!
Replies
0
Views
914
once2023
O
R
people who switch computers alot what is your tricks to save time?
2
Replies
10
Views
2K
mikee
M
Back
Top Bottom