The BullGuard products and services are part of NortonLifeLock Inc., a global leader in consumer Cyber Safety with a portofolio of brands including Norton, Avira and more. Learn more at NortonLifeLock.com

Unable to open regedit, device manger, task manager and so on

Posted 4/11/2008 11:49 AM
#61323
User avatar

macchiaazzurro Member

Date Joined Nov 2016
Total Posts: 1
Help guys... Recently i felt that my computer was infected with virus, my pc clock keeps resetting to 1/1/2000 12am, then i cannot open task manager and stuff, also, my drives could not be opened by double-clicking(can open thru link). So i was nervous and i did a clean format only to my C:\ and not other drives. Now my computer was the same as before only pc clock is ok, and i delete the autorun.inf(hidden folder) file in all my drives to cure the opening of drives.


Installed Avast to do a schedule pre-boot scan to delete the virus. deleted something call ___dog.exe(did i deleted wrongly?)



Currently:

Unable to open device manager

Unable to open regedit

Unable to open gpedit


Unable to open task manager

Unable to show hidden folders





virus shd be transferred to the computer by an flash drive which is unable to open by double-clicking the drive.



Will post the HijackThis log when required. thanks in advance!





[i think my another computer is infected with this virus too.same problem]
Posted 4/12/2008 3:10 AM
#61375
Posted 6/4/2009 10:18 AM
#74097
User avatar

harishbt2006 Member

Date Joined Nov 2016
Total Posts: 1
ComboFix 09-06-03.04 - spartans 06/04/2009 15:29.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.574 [GMT 5.5:30]
Running from: c:\documents and settings\spartans\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-05-04 to 2009-06-04 )))))))))))))))))))))))))))))))
.

2009-06-02 21:21 . 2009-06-02 21:21 -------- d-----w- c:\windows\system32\CatRoot_bak
2009-06-02 20:44 . 2009-06-04 08:47 -------- d-----w- c:\program files\iColorFolder
2009-06-02 16:17 . 2009-06-02 16:17 -------- d-----w- c:\documents and settings\spartans\Application Data\dvdcss
2009-05-29 19:22 . 2009-05-29 19:22 -------- d-----w- c:\documents and settings\spartans\Application Data\vlc
2009-05-29 14:54 . 2009-05-29 14:54 -------- d-----w- c:\documents and settings\spartans\Local Settings\Application Data\Sony Ericsson
2009-05-23 18:03 . 2001-08-17 09:25 6144 ----a-w- c:\windows\system32\kbd101b.dll
2009-05-23 18:03 . 2008-04-14 00:09 6144 ----a-w- c:\windows\system32\kbd106.dll
2009-05-19 07:11 . 2009-05-19 07:11 -------- d-----w- c:\program files\Microsoft Silverlight
2009-05-17 16:18 . 2009-05-17 16:18 -------- d-----w- c:\windows\system32\XPSViewer
2009-05-17 16:18 . 2009-05-17 16:18 -------- d-----w- c:\program files\MSBuild
2009-05-17 16:18 . 2009-05-17 16:18 -------- d-----w- c:\program files\Reference Assemblies
2009-05-17 16:17 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-05-17 16:17 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-05-17 16:17 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-05-17 16:17 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-05-17 16:17 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-05-17 16:17 . 2009-05-17 16:17 -------- d-----w- C:\65eb453343a1a1f12fd4389dccb8
2009-05-17 16:17 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-05-17 16:17 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-05-17 12:13 . 2002-01-05 10:07 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-05-17 12:11 . 2009-05-17 12:11 -------- d-sh--w- c:\documents and settings\spartans\IECompatCache
2009-05-17 12:10 . 2009-05-17 12:10 -------- d-sh--w- c:\documents and settings\spartans\PrivacIE
2009-05-17 12:09 . 2009-05-17 12:09 -------- d-sh--w- c:\documents and settings\spartans\IETldCache
2009-05-17 12:07 . 2009-05-17 12:07 -------- d-----w- c:\windows\ie8updates
2009-05-17 12:04 . 2009-06-02 21:37 -------- dc-h--w- c:\windows\ie8
2009-05-17 12:02 . 2009-05-12 05:11 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-05-17 11:17 . 2009-05-19 07:33 -------- d-----w- c:\program files\Veoh Networks
2009-05-17 03:33 . 2008-04-14 00:12 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-05-17 03:13 . 2008-03-21 08:27 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2009-05-16 21:38 . 2009-06-02 19:40 -------- d-----w- c:\program files\Windows Media Connect 2
2009-05-16 21:36 . 2009-05-16 21:36 24616 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2009-05-16 21:36 . 2009-05-16 21:36 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2009-05-16 21:36 . 2009-05-16 21:36 1107296 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2009-05-16 21:36 . 2009-05-16 21:37 -------- d-----w- C:\43d77aebb9cbd7c36c63f584
2009-05-16 21:35 . 2009-05-29 14:58 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-05-16 21:35 . 2009-05-16 21:35 -------- d-----w- c:\windows\system32\LogFiles
2009-05-16 20:48 . 2009-05-29 14:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony Ericsson
2009-05-16 20:47 . 2009-05-29 14:30 -------- d-----w- c:\program files\Sony Ericsson
2009-05-16 19:42 . 2009-05-16 15:52 251392 ----a-w- c:\documents and settings\All Users\Application Data\SpeedBit\DAP\Temp\dapop.dll
2009-05-16 19:40 . 2009-06-04 09:28 95744 ----a-w- c:\documents and settings\All Users\Application Data\SpeedBit\DAP\Updates\Condition.dll
2009-05-16 15:52 . 2009-05-16 15:52 50688 ----a-w- c:\windows\system32\wbhelp2.dll
2009-05-16 15:27 . 2009-05-16 15:27 4141117 ----a-w- c:\documents and settings\spartans\Application Data\Azureus\plugins\vuzexcode\mediainfo.exe
2009-05-16 15:27 . 2009-05-16 15:27 6516755 ----a-w- c:\documents and settings\spartans\Application Data\Azureus\plugins\vuzexcode\ffmpeg.exe
2009-05-16 15:23 . 2009-05-16 15:23 15884 ----a-w- c:\documents and settings\spartans\Application Data\Azureus\plugins\azitunes\libProcessAccess.dll
2009-05-16 15:23 . 2009-05-16 15:23 102400 ----a-w- c:\documents and settings\spartans\Application Data\Azureus\plugins\azitunes\jacob-1.14.3-x86.dll
2009-05-14 17:47 . 2009-05-14 17:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Azureus
2009-05-14 17:47 . 2009-05-16 15:31 -------- d-----w- c:\documents and settings\spartans\Application Data\Azureus
2009-05-14 17:45 . 2009-05-14 17:45 -------- d-----w- c:\program files\Common Files\i4j_jres
2009-05-14 17:45 . 2009-05-17 11:14 -------- d-----w- c:\program files\Vuze
2009-05-13 19:11 . 2009-05-13 19:11 -------- d-----w- c:\program files\GameHouse
2009-05-13 19:06 . 2009-05-13 19:06 -------- d-----w- c:\program files\directx
2009-05-13 15:57 . 2009-05-13 15:57 -------- d-----w- c:\windows\system32\scripting
2009-05-13 15:57 . 2009-05-13 15:57 -------- d-----w- c:\windows\l2schemas
2009-05-13 15:57 . 2009-05-13 15:57 -------- d-----w- c:\windows\system32\en
2009-05-13 15:57 . 2009-05-13 15:57 -------- d-----w- c:\windows\system32\bits
2009-05-13 15:54 . 2009-05-13 15:58 -------- d-----w- c:\windows\ServicePackFiles
2009-05-12 09:22 . 2009-05-12 09:22 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Pro
2009-05-12 09:20 . 2009-05-12 09:20 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-05-12 09:20 . 2009-05-12 09:31 -------- d-----w- c:\documents and settings\spartans\Application Data\DAEMON Tools Pro
2009-05-12 08:59 . 2009-05-12 08:59 -------- d-----w- c:\windows\Downloaded Installations
2009-05-12 08:44 . 2009-05-14 16:15 -------- d-----w- c:\program files\EA SPORTS
2009-05-10 17:55 . 2009-05-10 17:55 -------- d-----w- c:\documents and settings\spartans\Local Settings\Application Data\Identities
2009-05-10 17:45 . 2009-06-04 09:55 -------- d--h--w- c:\windows\FlyakiteOSX
2009-05-10 17:36 . 2009-06-04 02:13 -------- d-----w- c:\windows\system32\ChangeWhenUnLockFace
2009-05-10 17:36 . 2009-06-04 02:13 -------- d-----w- c:\windows\system32\ChangeWhenLockFace
2009-05-10 14:37 . 2004-08-03 16:59 25471 ------w- c:\windows\system32\drivers\watv10nt.sys
2009-05-10 14:37 . 2004-08-03 16:59 22271 ------w- c:\windows\system32\drivers\watv06nt.sys
2009-05-10 14:37 . 2004-08-03 16:59 11935 ------w- c:\windows\system32\drivers\wadv11nt.sys
2009-05-10 14:37 . 2004-08-03 16:59 11871 ------w- c:\windows\system32\drivers\wadv09nt.sys
2009-05-10 14:37 . 2004-08-03 16:59 11807 ------w- c:\windows\system32\drivers\wadv07nt.sys
2009-05-10 14:37 . 2004-08-03 16:59 11295 ------w- c:\windows\system32\drivers\wadv08nt.sys
2009-05-10 14:33 . 2009-05-10 14:34 -------- d-----w- c:\documents and settings\spartans\Application Data\CyberLink
2009-05-10 14:33 . 2009-05-29 14:03 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-05-10 13:32 . 2009-05-10 13:32 -------- d-----w- c:\program files\Common Files\xing shared
2009-05-10 13:32 . 2009-05-10 13:32 -------- d-----w- c:\program files\Real
2009-05-10 13:32 . 2009-05-10 13:32 -------- d-----w- c:\program files\Common Files\Real
2009-05-10 13:28 . 2009-05-31 03:03 114 ----a-w- c:\windows\system32\{EC4C8FCB-8A0D-47f6-8F3E-2A34527102F5}.dat
2009-05-10 13:05 . 2009-05-10 13:05 -------- d-----w- c:\program files\CyberLink
2009-05-10 13:03 . 2009-05-27 02:13 -------- d-----w- c:\documents and settings\All Users\Application Data\VeriFace
2009-05-10 13:03 . 2009-05-10 13:03 45056 ----a-w- c:\windows\system32\ApBlend.dll
2009-05-10 13:03 . 2009-05-10 13:03 589824 ----a-w- c:\windows\system32\PicNotify.dll
2009-05-10 13:03 . 2009-05-10 13:03 1314816 ----a-w- c:\windows\system32\ImageReog.dll
2009-05-10 13:03 . 2009-05-10 13:03 86016 ----a-w- c:\windows\system32\VideoOp.dll
2009-05-10 13:03 . 2009-05-10 13:03 61440 ----a-w- c:\windows\system32\Momo.dll
2009-05-10 13:03 . 2009-05-10 13:03 5632 ----a-w- c:\windows\system32\biologon.dll
2009-05-10 13:03 . 2009-05-10 13:03 491520 ----a-w- c:\windows\system32\picn.dll
2009-05-10 13:03 . 2009-05-10 13:03 491520 ----a-w- c:\windows\system32\MainOp.dll
2009-05-10 13:03 . 2009-05-10 13:03 49152 ----a-w- c:\windows\system32\DevFilt.dll
2009-05-10 13:03 . 2009-05-10 13:03 208896 ----a-w- c:\windows\system32\Image.dll
2009-05-10 13:02 . 2009-05-10 13:30 89088 ----a-w- c:\windows\Atl71.dll
2009-05-10 13:02 . 2009-05-10 13:30 57344 ----a-w- c:\windows\AsfHelper.dll
2009-05-10 13:02 . 2009-05-10 13:30 339968 ----a-w- c:\windows\VdoEct.dll
2009-05-10 13:02 . 2009-05-10 13:30 241664 ----a-w- c:\windows\EasyCapSrcSaver.scr
2009-05-10 13:02 . 2009-05-10 13:30 2222800 ----a-w- c:\windows\d3dx9_24.dll
2009-05-10 13:02 . 2009-05-10 13:30 626688 ----a-w- c:\windows\msvcr80.dll
2009-05-10 13:02 . 2009-05-10 13:30 22528 ----a-w- c:\windows\ScrSav.dll
2009-05-10 13:02 . 2009-05-10 13:30 1060864 ----a-w- c:\windows\MFC71.dll
2009-05-10 13:02 . 2009-05-10 13:30 17536 ----a-w- c:\windows\system32\drivers\CapFilt.sys
2009-05-10 12:59 . 2009-05-10 12:59 -------- d-----w- c:\program files\Google
2009-05-10 11:37 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-05-10 11:37 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\drivers\bthport.sys
2009-05-10 11:30 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-05-10 11:30 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-05-10 11:30 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-05-10 11:30 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-05-10 11:30 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2009-05-10 11:30 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-05-10 11:30 . 2009-02-09 12:10 729088 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2009-05-10 11:30 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-05-10 11:30 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-05-10 11:30 . 2009-02-06 11:06 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-05-10 11:30 . 2009-02-06 11:08 2189056 -c--a-w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-05-10 11:30 . 2009-02-06 10:32 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-05-10 11:22 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-05-10 11:22 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-05-10 11:22 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2009-05-10 11:21 . 2008-04-11 19:04 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-05-10 11:20 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-05-10 11:19 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2009-05-10 11:19 . 2008-04-21 12:08 215552 -c--a-w- c:\windows\system32\dllcache\wordpad.exe
2009-05-10 11:05 . 2009-05-10 11:05 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys
2009-05-10 11:05 . 2009-05-10 11:05 206088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe
2009-05-10 11:05 . 2009-05-10 11:05 226832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys
2009-05-08 17:25 . 2001-08-17 08:18 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2009-05-08 17:25 . 2001-08-17 08:18 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-04 09:55 . 2009-05-04 21:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-06-04 09:54 . 2009-05-04 21:52 565280 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-04 09:54 . 2009-05-04 21:52 5108 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-04 09:54 . 2009-05-04 21:52 2444320 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-04 09:54 . 2009-05-04 21:52 22272 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-04 09:26 . 2009-05-04 22:34 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-01 11:58 . 2009-05-29 14:53 -------- d-----w- c:\program files\Avanquest update
2009-05-31 19:26 . 2009-05-04 21:50 -------- d-----w- c:\program files\Winamp
2009-05-31 06:07 . 2009-05-04 21:37 -------- d-----w- c:\program files\Common Files\InstallShield
2009-05-31 06:07 . 2009-05-04 22:26 -------- d-----w- c:\program files\Roxio
2009-05-31 06:04 . 2009-05-04 22:27 -------- d-----w- c:\program files\Common Files\Roxio Shared
2009-05-30 09:40 . 2009-05-04 21:50 -------- d-----w- c:\documents and settings\spartans\Application Data\Winamp
2009-05-30 07:25 . 2009-05-04 22:31 -------- d-----w- c:\program files\Common Files\Adobe
2009-05-29 14:53 . 2009-05-29 14:53 -------- d-----w- c:\documents and settings\All Users\Application Data\BVRP Software
2009-05-29 14:53 . 2009-05-04 21:37 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-21 03:12 . 2009-05-04 21:53 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-05-21 03:12 . 2009-05-04 21:53 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-05-16 15:52 . 2009-05-04 22:34 -------- d-----w- c:\program files\DAP
2009-05-13 16:01 . 2009-05-04 21:25 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-10 13:32 . 2003-03-18 14:44 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-05-10 13:32 . 2003-02-20 23:12 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-05-10 13:05 . 2009-05-04 21:39 -------- d-----w- c:\program files\Lenovo
2009-05-10 11:05 . 2008-01-29 11:59 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-05-08 07:12 . 2009-05-05 07:45 -------- d-----w- c:\program files\Need for Speed Most Wanted - Black Edition
2009-05-05 10:18 . 2009-05-05 10:18 -------- d-----w- c:\program files\Common Files\Nokia
2009-05-05 10:18 . 2009-05-05 10:18 -------- d-----w- c:\program files\Common Files\PCSuite
2009-05-05 10:18 . 2009-05-05 10:18 -------- d-----w- c:\program files\Nokia
2009-05-05 10:18 . 2009-05-05 10:18 -------- d-----w- c:\program files\DIFX
2009-05-05 10:18 . 2009-05-05 10:18 -------- d-----w- c:\program files\PC Connectivity Solution
2009-05-05 07:59 . 2009-05-05 07:59 -------- d-----w- c:\program files\KONAMI
2009-05-04 22:40 . 2009-05-04 22:40 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-05-04 22:40 . 2009-05-04 22:40 -------- d-----w- c:\program files\Microsoft.NET
2009-05-04 22:34 . 2009-05-04 22:34 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedBit
2009-05-04 22:32 . 2009-05-04 22:32 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-05-04 22:29 . 2009-05-04 22:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Sonic
2009-05-04 22:28 . 2009-05-04 22:28 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2009-05-04 21:52 . 2009-05-04 21:52 -------- d-----w- c:\program files\Kaspersky Lab
2009-05-04 21:51 . 2009-05-04 21:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-05-04 21:49 . 2009-05-04 21:49 -------- d-----w- c:\program files\VideoLAN
2009-05-04 21:46 . 2009-05-04 21:46 -------- d-----w- c:\program files\Motorola
2009-05-04 21:45 . 2009-05-04 21:45 -------- d-----w- c:\program files\Realtek
2009-05-04 21:45 . 2009-05-04 21:45 315392 ----a-w- c:\windows\HideWin.exe
2009-05-04 21:44 . 2009-05-04 21:44 -------- d-----w- c:\program files\EzButton
2009-05-04 21:44 . 2009-05-04 21:44 -------- d-----w- c:\program files\Broadcom
2009-05-04 21:39 . 2009-05-04 21:39 -------- d-----w- c:\program files\Apoint2K
2009-05-04 21:39 . 2009-05-04 21:39 -------- d-----w- c:\documents and settings\spartans\Application Data\InstallShield
2009-05-04 21:37 . 2009-05-04 21:37 -------- d-----w- c:\program files\Intel
2009-05-04 21:26 . 2009-05-04 21:26 -------- d-----w- c:\program files\microsoft frontpage
2009-05-04 21:22 . 2009-05-04 21:22 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-03-07 23:04 . 2004-08-03 19:26 914944 ----a-w- c:\windows\system32\wininet.dll
2009-03-07 23:04 . 2004-08-03 19:26 43008 ----a-w- c:\windows\system32\licmgr10.dll
2009-03-07 23:03 . 2004-08-03 19:26 18944 ----a-w- c:\windows\system32\corpol.dll
2009-03-07 23:03 . 2004-08-03 19:26 420352 ----a-w- c:\windows\system32\vbscript.dll
2009-03-07 23:02 . 2004-08-03 19:26 72704 ----a-w- c:\windows\system32\admparse.dll
2009-03-07 23:02 . 2004-08-03 19:26 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-03-07 23:01 . 2004-08-03 19:26 34816 ----a-w- c:\windows\system32\imgutil.dll
2009-03-07 23:01 . 2004-08-03 19:26 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-03-07 23:01 . 2004-08-03 19:26 45568 ----a-w- c:\windows\system32\mshta.exe
2009-03-07 22:52 . 2003-03-31 12:00 156160 ----a-w- c:\windows\system32\msls31.dll
2009-03-06 14:22 . 2004-08-03 19:26 284160 ----a-w- c:\windows\system32\pdh.dll
.

------- Sigcheck -------

[-] 2004-08-03 19:26 577024 C72661F8552ACE7C5C85E16A3CF505C4 c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2004-08-03 19:26 577024 C72661F8552ACE7C5C85E16A3CF505C4 c:\windows\FlyakiteOSX\Backup\user32.dll
[-] 2004-08-03 19:26 577024 C72661F8552ACE7C5C85E16A3CF505C4 c:\windows\ServicePackFiles\i386\user32.dll
[7] 2008-04-14 00:12 578560 B26B135FF1B9F60C9388B4A7D16F600B c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\user32.dll
[-] 2004-08-03 19:26 577024 C72661F8552ACE7C5C85E16A3CF505C4 c:\windows\system32\user32.dll

[-] 2004-08-03 19:26 1032192 A0732187050030AE399B241436565E64 c:\windows\explorer.exe
[-] 2004-08-03 19:26 1032192 A0732187050030AE399B241436565E64 c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2004-08-03 19:26 1032192 A0732187050030AE399B241436565E64 c:\windows\FlyakiteOSX\Backup\explorer.exe
[-] 2004-08-03 19:26 1032192 A0732187050030AE399B241436565E64 c:\windows\ServicePackFiles\i386\explorer.exe
[7] 2008-04-14 00:12 1033728 12896823FB95BFB3DC9B46BCAEDC9923 c:\windows\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\explorer.exe
.
((((((((((((((((((((((((((((( [url=SnapShot@2009-06-04_09.48.20]SnapShot@2009-06-04_09.48.20[/url] )))))))))))))))))))))))))))))))))))))))))
.
- 2003-03-31 12:00 . 2009-06-04 09:41 68558 c:\windows\system32\perfc009.dat
+ 2003-03-31 12:00 . 2009-06-04 10:00 68558 c:\windows\system32\perfc009.dat
- 2009-05-04 21:30 . 2009-06-04 09:46 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-05-04 21:30 . 2009-06-04 09:55 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2009-05-04 21:30 . 2009-06-04 09:46 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-05-04 21:30 . 2009-06-04 09:55 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-05-04 21:30 . 2009-06-04 09:46 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-05-04 21:30 . 2009-06-04 09:55 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2003-03-31 12:00 . 2009-06-04 10:00 435828 c:\windows\system32\perfh009.dat
- 2003-03-31 12:00 . 2009-06-04 09:41 435828 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2009-05-10 13:03 241752 ----a-w- c:\program files\Lenovo\VeriFace\IcnOvrly.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\spartans\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-05-06 133104]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-03 1667584]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-04-03 3558648]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Sony Ericsson PC Suite"="e:\sony ericsson pc suite\SEPCSuite.exe" [2008-07-02 393216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EnergyUtility"="c:\program files\Lenovo\EnergyCut\utilty.exe" [2007-04-29 1486848]
"EnergyCut"="c:\program files\Lenovo\EnergyCut\EnergyCut.exe" [2007-04-29 1191936]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-11-01 151552]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-11-01 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-11-01 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-11-01 138008]
"EzButton"="c:\progra~1\EzButton\EzButton.EXE" [2007-11-01 502544]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-11-01 630784]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-05-10 206088]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"VeriFacePassManager"="c:\program files\Lenovo\VeriFace\PManage.exe" [2009-05-10 241664]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-10 198160]
"System Files Updater"="c:\windows\FlyakiteOSX\Tools\System Files Updater.exe" [2006-02-25 118485]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-11-01 16342528]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2006-11-13 561213]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PicNotify]
2009-05-10 13:03 589824 ----a-w- c:\windows\system32\PicNotify.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [1/29/2008 5:29 PM 33808]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [5/5/2009 3:09 AM 9344]
R3 CapFilt;CapFilt;c:\windows\system32\drivers\CapFilt.sys [5/10/2009 6:32 PM 17536]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [3/13/2008 6:02 PM 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [4/30/2008 5:06 PM 24592]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [5/17/2009 3:06 AM 13224]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-06-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1085031214-1801674531-1003.job
- c:\documents and settings\spartans\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-06 04:47]

2009-06-04 c:\windows\Tasks\User_Feed_Synchronization-{1E35D4A0-8717-477C-A90E-FF1B2D55D67C}.job
- c:\windows\system32\msfeedssync.exe [2009-03-07 23:01]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.in/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Add to Banner Ad Blocker - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, https://www.gmer.net
Rootkit scan 2009-06-04 15:31
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1332)
c:\windows\system32\PicNotify.dll
c:\windows\system32\Momo.dll
c:\windows\system32\VideoOp.dll
c:\windows\system32\Image.dll
c:\windows\system32\MainOp.dll
c:\windows\system32\picn.dll
c:\windows\system32\ieframe.dll

- - - - - - - > 'explorer.exe'(2384)
c:\program files\Lenovo\VeriFace\IcnOvrly.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-06-04 15:33
ComboFix-quarantined-files.txt 2009-06-04 10:03
ComboFix2.txt 2009-06-04 09:50

Pre-Run: 51,930,083,328 bytes free
Post-Run: 51,900,915,712 bytes free

332 --- E O F --- 2009-06-02 21:32
Posted 6/4/2009 11:15 AM
#74099
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974
Hello harishbt2006




Why have you posted a comblog, any problems ?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.


  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Wednesday, August 10, 2022, 4:07 AM (GMT +2)
There are a total of 61,974 posts in 13,697 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Who's online

This forum has 38,573 registered members. Please welcome our newest member, iAwake.
27 Guest(s), 0 Registered Member(s) are currently online.