it said c:\windows\system32\jkkHyaBQ does not exist i tried looking for it manually its not there either..
Jer3mytmz 0 Newbie Poster
Jer3mytmz 0 Newbie Poster
ComboFix 08-12-17.01 - jer3my 2008-12-18 4:10:54.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.3070.2374 [GMT -5:00]
Running from: c:\documents and settings\jer3my\Desktop\fixcomb.exe
Command switches used :: c:\documents and settings\jer3my\Desktop\CFScript.txt
* Created a new restore point
* Resident AV is active
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\jer3my\Application Data\IUpd721
c:\documents and settings\jer3my\Application Data\IUpd721\Logs\scns.log
c:\documents and settings\jer3my\Local Settings\Temporary Internet Files\fbk.sts
c:\documents and settings\jer3my\Local Settings\Temporary Internet Files\ijjistarter_verinfo.dat
c:\windows\system32\drivers\npf.sys
c:\windows\system32\packet.dll
c:\windows\system32\wpcap.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
-------\Legacy_PACKET
-------\Legacy_TDSSSERV.SYS
-------\Service_NPF
-------\Service_Packet
-------\Service_TDSSserv.sys
((((((((((((((((((((((((( Files Created from 2008-11-18 to 2008-12-18 )))))))))))))))))))))))))))))))
.
2008-12-18 03:22 . 2008-12-18 03:22 <DIR> d----c--- c:\program files\Trend Micro
2008-12-16 00:23 . 2008-12-16 00:23 <DIR> d----c--- c:\program files\iTunes
2008-12-16 00:23 . 2008-12-16 00:23 <DIR> d----c--- c:\program files\iPod
2008-12-16 00:23 . 2008-12-16 00:23 <DIR> d----c--- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-30 14:39 . 2008-11-30 14:39 <DIR> d----c--- c:\documents and settings\All Users\Application Data\acccore
2008-11-20 21:49 . 2008-11-20 22:00 <DIR> d----c--- c:\documents and settings\jer3my\Application Data\Twain
2008-11-19 21:27 . 2008-12-18 04:10 <DIR> d--h-c--- C:\$AVG8.VAULT$
2008-11-19 21:21 . 2008-12-18 02:49 <DIR> d----c--- c:\windows\system32\drivers\Avg
2008-11-19 21:21 . 2008-11-19 21:21 <DIR> d----c--- c:\program files\AVG
2008-11-19 21:21 . 2008-11-20 01:15 <DIR> d----c--- c:\documents and settings\jer3my\Application Data\AVGTOOLBAR
2008-11-19 21:21 . 2008-12-17 00:18 <DIR> d----c--- c:\documents and settings\All Users\Application Data\avg8
2008-11-19 21:21 . 2008-11-19 21:21 97,928 --a--c--- c:\windows\system32\drivers\avgldx86.sys
2008-11-19 21:21 . 2008-11-19 21:21 76,040 --a--c--- c:\windows\system32\drivers\avgtdix.sys
2008-11-19 21:21 . 2008-11-19 21:21 10,520 --a--c--- c:\windows\system32\avgrsstx.dll
2008-11-19 21:19 . 2008-11-19 21:19 <DIR> d----c--- c:\windows\system32\avgfwdx.dll
2008-11-19 19:49 . 2008-11-19 21:33 <DIR> d----c--- c:\windows\system32\vim
2008-11-19 19:49 . 2008-11-19 19:49 <DIR> d----c--- c:\windows\system32\hdx
2008-11-19 19:49 . 2008-11-19 21:32 <DIR> d----c--- c:\windows\system32\fip
2008-11-19 19:49 . 2008-11-19 21:30 <DIR> d----c--- c:\windows\system32\d
2008-11-19 19:49 . 2008-11-19 22:00 <DIR> d--hsc--- c:\windows\amVyM215
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-18 08:55 --------- dc--a-w c:\documents and settings\All Users\Application Data\TEMP
2008-12-18 08:20 --------- dc----w c:\program files\Malwarebytes' Anti-Malware
2008-12-18 08:13 --------- dc----w c:\program files\Steam
2008-12-18 04:43 --------- dc----w c:\program files\Warcraft III
2008-12-17 05:05 --------- dc----w c:\documents and settings\jer3my\Application Data\LimeWire
2008-12-16 05:23 --------- dc----w c:\program files\Common Files\Apple
2008-12-16 05:21 --------- dc----w c:\program files\QuickTime
2008-12-04 00:52 38,496 -c--a-w c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-04 00:52 15,504 -c--a-w c:\windows\system32\drivers\mbam.sys
2008-11-30 19:40 --------- dc----w c:\program files\AIM6
2008-11-30 19:39 --------- dc----w c:\documents and settings\All Users\Application Data\Viewpoint
2008-11-30 19:39 --------- dc----w c:\documents and settings\All Users\Application Data\AOL Downloads
2008-11-20 02:56 --------- dc----w c:\program files\Realtime-Spy
2008-11-20 02:55 --------- dc----w c:\program files\HomeKeylogger
2008-11-13 19:43 --------- dc----w c:\program files\DivX
2008-11-05 05:28 --------- dc----w c:\program files\Bonjour
2008-11-05 05:07 --------- dc----w c:\program files\Apple Software Update
2008-10-24 11:10 453,632 -c--a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-24 01:51 27 -c--a-w c:\documents and settings\All Users\Application Data\sneopts.dat
2008-10-24 01:36 --------- dc-h--w c:\documents and settings\All Users\Application Data\sacache
2008-10-23 16:26 112,839 -c-ha-w c:\windows\test.tmp
2008-10-23 16:13 277,282 -c--a-w c:\windows\drsetup.exe
2008-10-23 16:13 --------- dc----w c:\program files\WinConfig
2008-10-23 13:01 283,648 -c--a-w c:\windows\system32\gdi32.dll
2008-10-16 19:13 1,809,944 -c--a-w c:\windows\system32\wuaueng.dll
2008-10-16 19:12 561,688 -c--a-w c:\windows\system32\wuapi.dll
2008-10-16 19:12 323,608 -c--a-w c:\windows\system32\wucltui.dll
2008-10-16 19:09 92,696 -c--a-w c:\windows\system32\cdm.dll
2008-10-16 19:09 51,224 -c--a-w c:\windows\system32\wuauclt.exe
2008-10-16 10:20 667,648 -c--a-w c:\windows\system32\wininet.dll
2008-10-03 10:15 247,326 -c--a-w c:\windows\system32\strmdll.dll
2008-09-30 21:43 1,286,152 -c--a-w c:\windows\system32\msxml4.dll
2008-09-19 21:55 200,704 -c--a-w c:\windows\system32\ssldivx.dll
2008-09-19 21:55 1,044,480 -c--a-w c:\windows\system32\libdivx.dll
2008-09-16 00:16 2,344 -c--a-w c:\documents and settings\jer3my\Application Data\wklnhst.dat
2007-11-28 23:53 60,968 -c--a-w c:\documents and settings\jer3my\GoToAssistDownloadHelper.exe
2007-11-19 17:17 439,296 -c--a-w c:\documents and settings\jer3my\GoToAssist_phone__317_en.exe
2007-08-03 23:36 8,784 -c--a-w c:\program files\mozilla firefox\plugins\ractrlkeyhook.dll
2007-08-03 22:03 245,408 -c--a-w c:\program files\mozilla firefox\plugins\unicows.dll
2005-07-29 21:24 472 -csha-r c:\windows\amVyM215\uApVgZYc.vbs
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\jkkHyaBQ -- Invalid filepath or file no longer exist
((((((((((((((((((((((((((((( snapshot@2008-12-18_ 2.45.51.81 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-21 01:02:28 163,328 -c--a-w c:\windows\ERDNT\subs\ERDNT.EXE
- 2008-10-16 10:20:56 3,067,392 -c--a-w c:\windows\system32\dllcache\mshtml.dll
+ 2008-12-12 17:27:54 3,067,392 -c--a-w c:\windows\system32\dllcache\mshtml.dll
- 2008-10-16 10:20:56 3,067,392 -c--a-w c:\windows\system32\mshtml.dll
+ 2008-12-12 17:27:54 3,067,392 -c--a-w c:\windows\system32\mshtml.dll
- 2007-07-27 14:41:40 16,760 -c----w c:\windows\system32\spmsg.dll
+ 2007-11-30 12:39:22 17,272 -c----w c:\windows\system32\spmsg.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 4670704]
"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-02-28 2321600]
"Google Update"="c:\documents and settings\jer3my\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-12-18 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-04 81920]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-04 8491008]
"Motive SmartBridge"="c:\progra~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB.exe" [2002-05-18 327680]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-03-30 185632]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-11 623992]
"Adobe_ID0EYTHM"="c:\progra~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 1884160]
"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2008-03-20 83240]
"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2007-12-14 50472]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2008-06-27 91432]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-27 1261336]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2008-12-03 1265296]
"RTHDCPL"="RTHDCPL.EXE" [2007-06-13 c:\windows\RTHDCPL.EXE]
"nwiz"="nwiz.exe" [2007-10-04 c:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2004-08-04 c:\windows\system32\narrator.exe]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Dell Network Assistant.lnk - c:\windows\Installer\{0240BDFB-2995-4A3F-8C96-18D41282B716}\Icon0240BDFB3.exe [2007-11-15 7168]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-03-21 65588]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2007-11-28 18:53 10792 c:\program files\Citrix\GoToAssist\480\g2awinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Steam\\steamapps\\jeremyzeng\\counter-strike\\hl.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Starcraft\\StarCraft.exe"=
"c:\\Program Files\\Warcraft III\\Frozen Throne.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\ijji\\ENGLISH\\u_gbound.exe"=
"c:\\ijji\\ENGLISH\\Gunbound Revolution\\GunBound.gme"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD8\\PowerDVD8.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Dell Network Assistant\\ezi_hnm2.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10421:UDP"= 10421:UDP:SingleClick Discovery Protocol
"10426:UDP"= 10426:UDP:SingleClick ICC
"6112:TCP"= 6112:TCP:warcraft
"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-11-19 97928]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};\??\c:\program files\CyberLink\PowerDVD8\000.fcl [2008-06-27 15:50:32 61424]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-11-19 875288]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-11-19 231704]
R2 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-11-19 76040]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\Viewpoint\Common\ViewpointService.exe" [2007-11-19 24652]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6bdc2830-6822-11dd-b4c5-001aa09c90b4}]
\Shell\AutoRun\command - E:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fe097f73-d999-11dc-b38a-001aa09c90b4}]
\Shell\Explore\command - explorer.exe /n,/e ,.
\Shell\Launch\command - E:\portablevaultaes.exe
.
Contents of the 'Scheduled Tasks' folder
2008-11-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
2008-12-18 c:\windows\Tasks\GoogleUpdateTaskUser.job
- c:\documents and settings\jer3my\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-12-18 03:14]
.
.
------- Supplementary Scan -------
.
uStart Page =
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = hxxp://127.0.0.1:4664/first_usage&s=482Os1q0mRtrn-wV2_mG8Z5Wqwg
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: {{28D44DAC-D1FC-4d4f-BB1B-ADF037C8DDBC} - c:\program files\Verizon Online\ControlPad\Misc\a_menu.exe
IE: {{28D44DAC-D1FC-4d4f-BB1B-ADF037C8DDBC} - c:\program files\Verizon Online\ControlPad\Misc\a_menu.exe -
IE: {{88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - {17A84966-F1E9-4645-AA9E-5E771EE1C859} - c:\progra~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
TCP: {2FC36121-1FD9-4F4C-8FEE-51587F3E5D67} = 68.237.161.12 71.250.0.12
O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
FF - ProfilePath - c:\documents and settings\jer3my\Application Data\Mozilla\Firefox\Profiles\85zviy1o.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-msgr&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-msgr&p=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPOJI610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npRACtrl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npsnapfish.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - plugin: c:\program files\Yahoo!\Shared\npYState.dll
ATTENTION: FIREFOX POLICES IS IN FORCE
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.rights.version", 3);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.rights.3.shown", false);
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-18 04:13:34
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(924)
c:\program files\Citrix\GoToAssist\480\G2AWinLogon.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Dell Network Assistant\hnm_svc.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Mozilla Firefox\firefox.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\program files\AVG\AVG8\avgrsx.exe
.
**************************************************************************
.
Completion time: 2008-12-18 4:18:25 - machine was rebooted
ComboFix-quarantined-files.txt 2008-12-18 09:18:21
ComboFix2.txt 2008-12-18 08:57:27
ComboFix3.txt 2008-12-18 07:47:46
Pre-Run: 113,561,571,328 bytes free
Post-Run: 113,476,116,480 bytes free
276 --- E O F --- 2008-12-18 08:00:37
crunchie 990 Most Valuable Poster Team Colleague Featured Poster
You never disabled your AV as requested. You need to follow the instructions as closely as possible.
Can you please do a Full scan with MBAM now and post the log.
Camorda 0 Newbie Poster
CRUNCHIE!!! YOU ROCK!!! I had the same problem as jer here and I was REALLY frustrated.. .not being able to get onto ANY malware sites!!! My anti-malware NoAdware wouldnt update! I followed your instructions.. ran combo fix then ran mbam and BOOM I am up and running!!! Just had to register and post a big THANKYOU!!
crunchie 990 Most Valuable Poster Team Colleague Featured Poster
CRUNCHIE!!! YOU ROCK!!! I had the same problem as jer here and I was REALLY frustrated.. .not being able to get onto ANY malware sites!!! My anti-malware NoAdware wouldnt update! I followed your instructions.. ran combo fix then ran mbam and BOOM I am up and running!!! Just had to register and post a big THANKYOU!!
No worries. Combofix needs to be uninstalled, not just deleted when finished with as it changes some system settings when run.
Camorda 0 Newbie Poster
ty again.. will uninstall... btw.. MBAM found Virtumonde (Vundo) all over the place. ran it, then NoAdware which found some more, then SpybotS&D which found more!! then MBAM again and all is clean.
all the best
/salute
waROxa 0 Newbie Poster
Hey crunchie you saved my computer from getting destroyed by my car lol I had the same problem and now I can run malwarebytes without a problem! Thank you so much :) and Have a nice day spyware killer*****!
crunchie 990 Most Valuable Poster Team Colleague Featured Poster
No worries. You should probably post an hijackthis log to be sure there is nothing left.
In your own thread though :)
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.