Hijackthis, Mbam, Combofix.

[Osiris]

Yes, I think Combofix enables.


What is the O: drive?

 

[tj1182]

That's my external drive.

 

[Osiris]

Ahhhh ....... Remove it ASAP.


Then rescan

 

[tj1182]

The scan is just completing. I feel like throwing this thing out the window.:laughing:

 

[tj1182]

Yeah, Combofix does enable system restore. I'm running it again.:tired:

 

[Osiris]

Ok, just her up when its done. Dont throw it out just yet.

I will need you to run ccleaner and then cleanup! after this as well.

CCleaner - Home

www.stevengould.org

 

[tj1182]

So after combofix run MBAM, then CCleaner, then cleanup?

 

[Osiris]

Correct

 

[tj1182]

ComboFix 09-09-09.01 - mikey 09/09/2009 21:51.5.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.552 [GMT -5:00]
Running from: c:\documents and settings\mikey\Desktop\ComboFix.exe
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
/wow section - STAGE 32A


((((((((((((((((((((((((( Files Created from 2009-08-10 to 2009-09-10 )))))))))))))))))))))))))))))))
.

2009-09-09 21:28 . 2009-09-09 21:28 -------- d-----w- c:\windows\LastGood
2009-09-09 20:00 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-09-09 03:27 . 2005-08-26 06:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2009-09-09 03:27 . 2006-06-19 18:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2009-09-09 03:27 . 2006-05-25 20:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2009-09-09 03:27 . 2003-02-03 01:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2009-09-09 03:27 . 2002-03-06 06:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2009-09-09 03:27 . 2009-09-09 03:27 -------- d-----w- c:\program files\Trojan Remover
2009-09-09 03:27 . 2009-09-09 03:27 -------- d-----w- c:\documents and settings\mikey\Application Data\Simply Super Software
2009-09-09 03:27 . 2009-09-09 03:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Simply Super Software
2009-09-09 00:03 . 2009-09-09 00:03 -------- d-----w- c:\documents and settings\mikey\Application Data\Malwarebytes
2009-09-09 00:03 . 2009-08-03 18:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-09 00:03 . 2009-09-09 00:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-09 00:03 . 2009-09-09 00:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-09 00:03 . 2009-08-03 18:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-08 23:50 . 2009-09-08 23:57 -------- d-----w- c:\documents and settings\mikey\SmitfraudFix
2009-09-08 23:47 . 2009-09-08 23:47 -------- d-----w- c:\program files\Trend Micro
2009-09-08 23:32 . 2009-09-08 23:32 -------- d-sh--w- c:\documents and settings\mikey\IECompatCache
2009-09-08 23:27 . 2009-09-08 23:28 -------- d-----w- c:\program files\CleanUp!
2009-09-08 23:17 . 2009-09-08 23:17 -------- d-----w- c:\program files\MSConfig CleanUp
2009-09-07 21:45 . 2009-09-07 21:45 -------- d-----w- c:\documents and settings\mikey\Local Settings\Application Data\Ascaron Entertainment
2009-09-07 21:35 . 2009-09-07 21:35 -------- d-----w- c:\program files\cdv USA
2009-09-06 20:50 . 2009-09-09 00:08 -------- d-----w- C:\$AVG8.VAULT$
2009-09-06 20:04 . 2009-09-07 20:27 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-09-06 20:04 . 2009-09-06 20:04 12552 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2009-09-06 20:04 . 2009-09-06 20:04 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-09-06 20:04 . 2009-09-07 20:27 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-09-06 20:04 . 2009-09-07 20:27 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-09-06 20:04 . 2009-09-09 21:30 -------- d-----w- c:\windows\system32\drivers\Avg
2009-08-23 22:58 . 2009-08-23 22:59 -------- d-----w- c:\documents and settings\mikey\EurekaLog
2009-08-23 03:14 . 2009-08-23 03:15 -------- d-----w- c:\documents and settings\mikey\Local Settings\Application Data\Movie Magic Screenwriter
2009-08-23 03:14 . 2009-08-23 03:14 -------- d-----w- c:\program files\Write Brothers, Inc
2009-08-23 03:13 . 2009-08-23 03:13 -------- d-----w- c:\windows\Downloaded Installations
2009-08-22 22:06 . 2009-08-22 22:06 78848 ----a-w- c:\windows\system32\drivers\SSHDRV85.sys
2009-08-21 04:44 . 2009-08-21 04:46 -------- d-----w- C:\DeusEx
2009-08-21 03:32 . 2009-08-21 03:32 -------- d-----w- c:\documents and settings\mikey\Application Data\GetRightToGo
2009-08-21 01:54 . 2009-08-21 01:57 -------- d-----w- c:\program files\Attack on Pearl Harbor
2009-08-20 20:16 . 2009-08-20 20:16 -------- d-----w- c:\program files\Ascaron Entertainment
2009-08-20 05:01 . 2009-08-20 05:02 -------- d-----w- c:\windows\Logs
2009-08-20 05:01 . 2009-09-07 21:38 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2009-08-20 05:01 . 2009-09-07 21:38 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2009-08-18 02:17 . 2009-08-18 02:17 -------- d-----w- c:\program files\Ubisoft
2009-08-17 21:18 . 2009-08-17 21:18 451072 ----a-w- c:\windows\uninstall\Ultima7.exe
2009-08-17 21:18 . 2009-08-17 21:18 451072 ----a-w- c:\windows\uninstall\Ultima6.exe
2009-08-17 21:17 . 2009-08-17 21:17 451072 ----a-w- c:\windows\uninstall\Ultima5.exe
2009-08-17 21:17 . 2009-08-17 21:17 451072 ----a-w- c:\windows\uninstall\Ultima4.exe
2009-08-17 21:16 . 2009-08-17 21:16 451072 ----a-w- c:\windows\uninstall\Ultima3.exe
2009-08-17 21:16 . 2009-08-17 21:16 451072 ----a-w- c:\windows\uninstall\Ultima2.exe
2009-08-17 21:16 . 2009-08-17 21:16 451072 ----a-w- c:\windows\uninstall\Ultima1.exe
2009-08-17 21:15 . 2009-08-17 21:18 -------- d-----w- c:\windows\Uninstall
2009-08-17 21:15 . 2009-08-17 21:18 -------- d-----w- c:\program files\Origin Systems
2009-08-17 21:15 . 2009-08-17 21:15 451072 ----a-w- c:\windows\uninstall\Akalabeth.exe
2009-08-12 23:05 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-08-12 20:31 . 2009-08-12 20:31 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2009-08-12 20:30 . 2009-08-12 20:30 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-08-12 06:20 . 2009-08-12 22:02 -------- d-----w- c:\program files\FS2ATC
2009-08-12 04:32 . 2009-08-12 06:30 353 ----a-w- C:\temp.reg
2009-08-12 04:29 . 2009-08-12 06:20 249856 ------w- c:\windows\Setup1.exe
2009-08-12 04:29 . 2009-08-12 04:29 73216 ------w- c:\windows\ST6UNST.EXE
2009-08-12 04:29 . 2008-04-14 00:12 343040 ----a-w- c:\windows\system32\msvcrt.dll
2009-08-12 04:28 . 2008-04-14 00:12 57344 ----a-w- c:\windows\system32\msvcirt.dll
2009-08-12 04:28 . 2001-11-05 19:35 565760 ----a-w- c:\windows\system32\msvcp50.dll
2009-08-12 04:28 . 2009-08-12 04:28 -------- d-----w- c:\windows\lhsp

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

 

[tj1182]

2009-09-10 01:32 . 2008-01-05 03:47 -------- d-----w- c:\documents and settings\mikey\Application Data\uTorrent
2009-09-09 21:31 . 2008-02-02 01:49 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-09 03:38 . 2008-02-25 01:33 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-09-08 23:34 . 2008-01-06 04:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-09-08 23:08 . 2008-01-04 22:03 69464 -c--a-w- c:\documents and settings\mikey\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-07 21:32 . 2008-01-07 02:25 -------- d-----w- c:\program files\AGEIA Technologies
2009-09-06 20:04 . 2009-05-28 09:13 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-09-06 19:49 . 2008-01-05 00:17 -------- d-----w- c:\program files\RegVac Registry Cleaner
2009-08-22 19:28 . 2008-01-18 03:12 -------- d-----w- c:\program files\Microsoft Games
2009-08-20 04:53 . 2008-01-04 23:09 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-08-19 19:49 . 2008-01-13 18:40 -------- d-----w- c:\documents and settings\mikey\Application Data\dvdcss
2009-08-17 22:04 . 2009-05-30 07:10 -------- d-----w- c:\program files\Return to Castle Wolfenstein
2009-08-12 20:49 . 2009-06-05 04:59 -------- d-----w- c:\documents and settings\mikey\Application Data\Lavasoft
2009-08-10 02:02 . 2008-01-06 04:30 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-08 22:15 . 2009-08-08 22:15 -------- d-----w- c:\program files\MSBuild
2009-08-08 22:14 . 2009-08-08 22:14 -------- d-----w- c:\program files\Reference Assemblies
2009-08-05 09:01 . 2008-01-04 21:32 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-02 20:24 . 2009-08-02 20:24 -------- d-----w- c:\program files\Test My Hardware
2009-08-02 07:57 . 2009-08-02 07:57 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2009-08-02 07:56 . 2009-08-02 07:56 -------- d-----w- c:\documents and settings\mikey\Application Data\Nuance
2009-08-02 07:49 . 2009-08-02 07:49 -------- d-----w- c:\program files\Common Files\ScanSoft Shared
2009-08-02 07:49 . 2009-08-02 07:49 -------- d-----w- c:\documents and settings\All Users\Application Data\ScanSoft
2009-08-02 07:49 . 2008-01-04 21:05 -------- d-----w- c:\program files\Common Files\InstallShield
2009-08-02 07:49 . 2009-08-02 07:49 -------- d-----w- c:\program files\Common Files\Nuance
2009-08-02 07:48 . 2009-08-02 07:48 -------- d-----w- c:\program files\Nuance
2009-08-02 07:48 . 2009-08-02 07:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Nuance
2009-08-02 00:42 . 2009-08-02 00:42 -------- d-----w- c:\program files\The Adventure Company
2009-07-31 23:19 . 2009-05-17 22:31 -------- d-----w- c:\program files\Mafia
2009-07-31 23:18 . 2009-02-05 01:08 -------- d-----w- c:\program files\Diablo II
2009-07-31 23:16 . 2008-01-04 21:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-29 02:33 . 2009-07-29 02:24 -------- d-----w- c:\program files\Pocket Tanks Deluxe
2009-07-28 00:49 . 2008-01-04 22:57 -------- d-----w- c:\documents and settings\mikey\Application Data\U3
2009-07-27 23:57 . 2009-07-27 23:56 -------- d-----w- c:\program files\Escape Rosecliff Island
2009-07-27 18:16 . 2009-07-27 18:16 -------- d-----w- c:\program files\Activision Value
2009-07-26 01:47 . 2008-01-29 04:47 -------- d-----w- c:\documents and settings\mikey\Application Data\LimeWire
2009-07-25 00:26 . 2008-01-08 17:08 -------- d-----w- c:\program files\SystemRequirementsLab
2009-07-25 00:20 . 2008-01-08 17:08 -------- d-----w- c:\documents and settings\mikey\Application Data\SystemRequirementsLab
2009-07-17 19:01 . 2001-11-05 19:33 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-14 04:43 . 2004-08-04 07:56 286208 ------w- c:\windows\system32\wmpdxm.dll
2009-07-12 09:46 . 2009-07-12 09:46 25 ----a-w- c:\windows\popcinfot.dat
2009-07-12 09:06 . 2009-07-12 09:06 -------- d-----w- c:\documents and settings\All Users\Application Data\PopCap Games
2009-07-12 08:10 . 2009-07-12 08:10 -------- d-----w- c:\program files\PopCap Games
2009-07-03 17:09 . 2001-11-05 19:35 915456 ------w- c:\windows\system32\wininet.dll
2009-06-21 05:40 . 2009-06-21 05:40 166097 ----a-w- c:\windows\Video Cleaner Pro Uninstaller.exe
2009-06-16 14:36 . 2001-11-05 19:35 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:36 . 2001-11-05 19:34 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-12 12:31 . 2001-11-05 19:35 80896 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-12 12:31 . 2001-11-05 19:35 76288 ----a-w- c:\windows\system32\telnet.exe
.

((((((((((((((((((((((((((((( SnapShot@2009-09-09_04.23.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-09-09 21:23 . 2009-09-09 21:23 16384 c:\windows\Temp\Perflib_Perfdata_2b8.dat
- 2008-01-05 01:44 . 2009-08-13 21:31 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-01-05 01:44 . 2009-09-09 21:32 23040 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-01-05 01:44 . 2009-09-09 21:32 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-01-05 01:44 . 2009-08-13 21:31 61440 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-01-05 01:44 . 2009-09-09 21:32 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-01-05 01:44 . 2009-08-13 21:31 27136 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-01-05 01:44 . 2009-08-13 21:31 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-01-05 01:44 . 2009-09-09 21:32 11264 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-01-05 01:44 . 2009-08-13 21:31 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-01-05 01:44 . 2009-09-09 21:32 86016 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-01-05 01:44 . 2009-08-13 21:31 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-01-05 01:44 . 2009-09-09 21:32 12288 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-01-05 01:44 . 2009-09-09 21:32 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-01-05 01:44 . 2009-08-13 21:31 4096 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2003-01-13 19:57 . 2009-06-22 06:44 726528 c:\windows\system32\jscript.dll
- 2003-01-13 19:57 . 2009-03-08 09:33 726528 c:\windows\system32\jscript.dll
- 2008-05-09 10:53 . 2009-03-08 09:33 726528 c:\windows\system32\dllcache\jscript.dll
+ 2008-05-09 10:53 . 2009-06-22 06:44 726528 c:\windows\system32\dllcache\jscript.dll
- 2008-01-05 01:44 . 2009-08-13 21:31 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-01-05 01:44 . 2009-09-09 21:32 409600 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-01-05 01:44 . 2009-09-09 21:32 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-01-05 01:44 . 2009-08-13 21:31 286720 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-01-05 01:44 . 2009-08-13 21:31 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-01-05 01:44 . 2009-09-09 21:32 249856 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-01-05 01:44 . 2009-09-09 21:32 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-01-05 01:44 . 2009-08-13 21:31 794624 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-01-05 01:44 . 2009-09-09 21:32 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-01-05 01:44 . 2009-08-13 21:31 135168 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-01-05 01:44 . 2009-08-13 21:31 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-01-05 01:44 . 2009-09-09 21:32 593920 c:\windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2009-09-09 21:30 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll
+ 2009-09-09 21:30 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe
+ 2009-09-09 21:30 . 2009-03-08 09:33 726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll
- 2001-11-05 19:36 . 2008-06-18 10:03 2458112 c:\windows\system32\WMVCore.dll
+ 2001-11-05 19:36 . 2009-05-20 09:56 2458112 c:\windows\system32\WMVCore.dll
+ 2001-11-05 19:36 . 2009-05-20 09:56 2458112 c:\windows\system32\dllcache\WMVCore.dll
- 2001-11-05 19:36 . 2008-06-18 10:03 2458112 c:\windows\system32\dllcache\WMVCore.dll
+ 2009-08-25 19:57 . 2009-08-25 19:57 5518336 c:\windows\Installer\7e76c.msp
+ 2008-01-04 21:39 . 2009-08-28 21:38 24689600 c:\windows\system32\MRT.exe
+ 2009-09-09 21:30 . 2009-09-09 21:30 15709696 c:\windows\Installer\7e757.msp
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.