1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

NOAH! combofix is froze up

Discussion in 'Malware and Virus Removal Archive' started by NmymindDzine, 2008/01/09.

  1. 2008/01/17
    NmymindDzine

    NmymindDzine Inactive Thread Starter

    Joined:
    2008/01/01
    Messages:
    46
    Likes Received:
    0
    lol
    NO!
    I made sure and I have a marble mouse!!! lol
    I am thinking sumthings learning combofix
    its says rebooting windows please wait now...
    for 7 mins so far...lol I am just glad I lt it run!
    Calender and tme are stuck back on the 16th! lol
    will post the log asap if i get 1

    is going from logon screen to desktop w/o icons back n forth.......has NOT rebooted
    no log yet
     
    Last edited: 2008/01/17
  2. 2008/01/18
    NmymindDzine

    NmymindDzine Inactive Thread Starter

    Joined:
    2008/01/01
    Messages:
    46
    Likes Received:
    0
    ok....its still saving my settings tryin to log off....has been doing that all friggin night
    WHAT DO I DO NOW?
     

  3. to hide this advert.

  4. 2008/01/18
    NmymindDzine

    NmymindDzine Inactive Thread Starter

    Joined:
    2008/01/01
    Messages:
    46
    Likes Received:
    0
    There is a God

    & he is nice and helpful too
    lol
    I finally helped it and shut it off for about 5 mins and lo and bhold when I rebooted.....:p
    I got a friggin log for ya!
    :)My Combo Fix Log :D
    :cool:

    ComboFix 08-01-17.5 - sASSy 2008-01-17 1:22:40.11 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.277 [GMT -6:00]
    Running from: C:\Documents and Settings\sASSy\Desktop\ComboFix.exe
    Command switches used :: C:\Documents and Settings\sASSy\Desktop\CFScript.txt
    * Created a new restore point

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

    FILE
    C:\Documents and Settings\sASSy\My Documents\DL\the-myspace-editor.exe
    C:\Documents and Settings\sASSy\My Documents\DL\themes\ancientsunset.exe
    C:\Documents and Settings\sASSy\My Documents\DL\themes\aurora_km.exe
    C:\Documents and Settings\sASSy\My Documents\DL\themes\bluefantasy.exe
    C:\Documents and Settings\sASSy\My Documents\DL\turbo_internet_booster_free.exe
    C:\Documents and Settings\sASSy\My Documents\DL\WebfettiSetup2.2.60.11-2.exe
    C:\Documents and Settings\sASSy\Shared\mpegs\Track 1 (angels).wma
    C:\Documents and Settings\sASSy\Shared\Wicked Remix.wma
    C:\WINDOWS\system32\105e4cc.exe
    C:\WINDOWS\system32\1d2288c.exe
    C:\WINDOWS\system32\1de3081.exe
    C:\WINDOWS\system32\216d701.exe
    C:\WINDOWS\system32\39147c.exe
    C:\WINDOWS\system32\3a15695.exe
    C:\WINDOWS\system32\3daf23.exe
    C:\WINDOWS\system32\46ff7ec.exe
    C:\WINDOWS\system32\646c5ad.exe
    C:\WINDOWS\system32\fa0c73.exe
    G:\Documents\themes\ancientsunset.exe
    G:\Documents\themes\aurora_km.exe
    G:\Documents\themes\bluefantasy.exe
    H:\backups\backup-20071005-171652-635.dll
    H:\backups\backup-20071005-171759-738.dll
    H:\backups\backup-20071005-171909-176.dll
    H:\backups\backup-20071005-172023-301.dll
    H:\backups\backup-20071223-203426-735.dll
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Deckard1
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\{46DDF76F-ACD4-42BC-B48F-B89C4EE2E1A9}.0\_ISRES.DLL
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\{46DDF76F-ACD4-42BC-B48F-B89C4EE2E1A9}.0\IsConfig.INI
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\{46DDF76F-ACD4-42BC-B48F-B89C4EE2E1A9}.0\ISRT.DLL
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\{46DDF76F-ACD4-42BC-B48F-B89C4EE2E1A9}.0\String1033.txt
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\{46DDF76F-ACD4-42BC-B48F-B89C4EE2E1A9}\_ISRES.DLL
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\{46DDF76F-ACD4-42BC-B48F-B89C4EE2E1A9}\IsConfig.INI
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\{46DDF76F-ACD4-42BC-B48F-B89C4EE2E1A9}\ISRT.DLL
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\{46DDF76F-ACD4-42BC-B48F-B89C4EE2E1A9}\String1033.txt
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\{76543210-7654-3210-0102-030405060708}
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\applejacks4.bmp
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\arizonajeans2.bmp
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\cleanandclear2.bmp
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\java_install_reg.log
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\jusched.log
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\kleenex.bmp
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\MSI2af87.LOG
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\MSI2af88.LOG
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\MSI2af89.LOG
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\MSI2af8a.LOG
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\starburst.bmp
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\TWAIN.LOG
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\Twain001.Mtx
    C:\Deckard1\System Scanner\backup\DOCUME~1\sASSy\LOCALS~1\Temp\wrigley5.bmp
    C:\Deckard1\System Scanner\backup\WINDOWS\Downloaded Program Files\setup.exe
    C:\Deckard1\System Scanner\backup\WINDOWS\temp\{12345678-1234-5678-0102-030405060708}
    C:\Deckard1\System Scanner\backup\WINDOWS\temp\winbgahxw.exe
    C:\Deckard1\System Scanner\backup\WINDOWS\temp\wincrhrno.exe
    C:\Deckard1\System Scanner\backup\WINDOWS\temp\winfxajxk.exe
    C:\Deckard1\System Scanner\backup\WINDOWS\temp\winitlvn.exe
    C:\Deckard1\System Scanner\backup\WINDOWS\temp\winmefcc.exe
    C:\Deckard1\System Scanner\backup\WINDOWS\temp\winsnuj.exe
    C:\Deckard1\System Scanner\backup\WINDOWS\temp\wintrvfd.exe
    C:\Deckard1\System Scanner\extra.txt
    C:\Deckard1\System Scanner\main.txt
    C:\Deckard1\System Scanner\moved.txt
    C:\Documents and Settings\sASSy\My Documents\DL\the-myspace-editor.exe
    C:\Documents and Settings\sASSy\My Documents\DL\themes\ancientsunset.exe
    C:\Documents and Settings\sASSy\My Documents\DL\themes\aurora_km.exe
    C:\Documents and Settings\sASSy\My Documents\DL\themes\bluefantasy.exe
    C:\Documents and Settings\sASSy\My Documents\DL\turbo_internet_booster_free.exe
    C:\Documents and Settings\sASSy\My Documents\DL\WebfettiSetup2.2.60.11-2.exe
    C:\Documents and Settings\sASSy\Shared\mpegs\Track 1 (angels).wma
    C:\Documents and Settings\sASSy\Shared\Wicked Remix.wma
    C:\WINDOWS\system32\105e4cc.exe
    C:\WINDOWS\system32\1d2288c.exe
    C:\WINDOWS\system32\1de3081.exe
    C:\WINDOWS\system32\216d701.exe
    C:\WINDOWS\system32\39147c.exe
    C:\WINDOWS\system32\3a15695.exe
    C:\WINDOWS\system32\3daf23.exe
    C:\WINDOWS\system32\46ff7ec.exe
    C:\WINDOWS\system32\646c5ad.exe
    C:\WINDOWS\system32\fa0c73.exe
    G:\Documents\themes\ancientsunset.exe
    G:\Documents\themes\aurora_km.exe
    G:\Documents\themes\bluefantasy.exe
    H:\backups\backup-20071005-171652-635.dll
    H:\backups\backup-20071005-171759-738.dll
    H:\backups\backup-20071005-171909-176.dll
    H:\backups\backup-20071005-172023-301.dll
    H:\backups\backup-20071223-203426-735.dll

    .
    ((((((((((((((((((((((((( Files Created from 2007-12-18 to 2008-01-18 )))))))))))))))))))))))))))))))
    .

    2008-01-15 19:14 . 2008-01-15 19:24 51,355 --a------ C:\WINDOWS\system32\muzika.xm
    2008-01-12 03:12 . 2008-01-15 19:29 0 --a------ C:\WINDOWS\system32\drivers\lvuvc.hs
    2008-01-12 03:01 . 2008-01-12 03:01 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Xentient
    2008-01-11 00:18 . 2008-01-11 00:18 262,144 --a------ C:\WINDOWS\system32\default_user_class.dat
    2008-01-11 00:14 . 2008-01-11 00:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Trend Micro
    2008-01-11 00:14 . 2007-09-17 14:31 1,126,072 --a------ C:\WINDOWS\system32\drivers\vsapint.sys
    2008-01-11 00:14 . 2006-12-29 00:53 288,848 --a------ C:\WINDOWS\system32\drivers\TM_CFW.sys
    2008-01-11 00:14 . 2007-09-17 14:40 202,768 --a------ C:\WINDOWS\system32\drivers\tmxpflt.sys
    2008-01-11 00:14 . 2006-12-29 00:53 111,888 --a------ C:\WINDOWS\system32\drivers\tm_mbd_c.sys
    2008-01-11 00:14 . 2006-12-29 00:53 75,088 --a------ C:\WINDOWS\system32\drivers\tmtdi.sys
    2008-01-11 00:14 . 2007-09-17 14:40 35,856 --a------ C:\WINDOWS\system32\drivers\tmpreflt.sys
    2008-01-10 21:04 . 2008-01-10 21:04 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
    2008-01-10 21:04 . 2008-01-10 21:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
    2008-01-09 17:41 . 2008-01-12 08:23 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2008-01-09 17:41 . 2008-01-09 17:41 1,409 --a------ C:\WINDOWS\QTFont.for
    2008-01-08 10:08 . 2008-01-08 10:08 <DIR> d----c--- C:\Documents and Settings\sASSy\Application Data\Webshots
    2008-01-08 06:44 . 2008-01-08 06:44 <DIR> d--h----- C:\WINDOWS\PIF
    2008-01-08 05:57 . 2008-01-08 05:57 <DIR> d-------- C:\WINDOWS\Data
    2008-01-08 05:54 . 2008-01-08 05:54 <DIR> d-------- C:\Program Files\Temp
    2008-01-08 05:54 . 2008-01-08 05:54 787 --a------ C:\WINDOWS\unins001.dat
    2008-01-08 05:54 . 2008-01-08 05:54 787 --a------ C:\WINDOWS\unins000.dat
    2008-01-08 05:49 . 2008-01-08 05:49 <DIR> d-------- C:\Program Files\Windows SteadyState
    2008-01-08 04:41 . 2008-01-08 04:41 <DIR> d-------- C:\Program Files\UPHClean
    2008-01-07 17:58 . 2008-01-07 17:58 <DIR> d-------- C:\Program Files\MSXML 6.0
    2008-01-07 17:39 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
    2008-01-06 09:41 . 2008-01-06 09:42 <DIR> d-------- C:\Program Files\the-myspace-editor
    2008-01-06 09:35 . 2008-01-06 09:35 <DIR> d-------- C:\Program Files\Virtual Mechanics
    2008-01-06 09:35 . 2008-01-06 09:35 <DIR> d-------- C:\Program Files\Common Files\Wintertree
    2008-01-06 09:35 . 2003-09-23 10:38 155,648 --a------ C:\WINDOWS\system32\SSCE5232.dll
    2008-01-06 09:35 . 2008-01-06 09:35 0 --a------ C:\WINDOWS\PROTOCOL.INI
    2008-01-05 21:18 . 2008-01-08 17:55 <DIR> d-------- C:\Program Files\iMesh Applications
    2008-01-05 21:18 . 2008-01-09 14:48 <DIR> d----c--- C:\Documents and Settings\sASSy\Application Data\iMesh
    2008-01-05 21:18 . 2006-11-12 11:39 483,328 --a------ C:\WINDOWS\system32\actskn45.ocx
    2008-01-05 17:09 . 2008-01-05 17:09 <DIR> d-------- C:\Program Files\FriendFinder, Inc
    2008-01-04 17:53 . 2008-01-04 17:53 1,134,459 --a------ C:\WINDOWS\juelZ.scr
    2008-01-04 17:07 . 2008-01-04 17:07 <DIR> d-------- C:\VundoFix Backups
    2008-01-04 08:32 . 2008-01-04 08:32 377,856 --a------ C:\WINDOWS\throb.scr
    2008-01-04 08:31 . 2008-01-04 08:31 1,246,720 --a------ C:\WINDOWS\FMGREG.scr
    2008-01-04 08:11 . 2008-01-04 08:12 1,338,151 --a------ C:\WINDOWS\gregs.scr
    2008-01-03 18:58 . 2008-01-15 19:29 0 --a------ C:\WINDOWS\system32\drivers\logiflt.iad
    2008-01-03 18:56 . 2007-10-11 19:57 195,096 --a------ C:\WINDOWS\system32\lvci1150.dll
    2008-01-03 18:54 . 2008-01-03 18:58 <DIR> d-------- C:\Program Files\Common Files\LogiShrd
    2008-01-03 18:54 . 2008-01-03 19:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Logishrd
    2008-01-03 18:38 . 2008-01-03 18:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Drivers Headquarters
    2008-01-03 18:06 . 2008-01-03 18:06 <DIR> d----c--- C:\Documents and Settings\sASSy\Application Data\TuneUp Software
    2008-01-01 01:25 . 2008-01-05 08:37 <DIR> d-------- C:\WINDOWS\PaltalkScene
    2008-01-01 01:25 . 2008-01-05 08:38 <DIR> d-------- C:\Program Files\Paltalk Messenger
    2008-01-01 01:25 . 2008-01-05 08:38 <DIR> d----c--- C:\Documents and Settings\sASSy\Application Data\Paltalk

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-01-17 00:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
    2008-01-16 21:12 --------- dc----w C:\Documents and Settings\sASSy\Application Data\LimeWire
    2008-01-16 00:59 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-01-11 05:46 --------- dc----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-01-09 01:19 --------- d-----w C:\Program Files\Hijack This
    2008-01-08 12:39 --------- d-----w C:\Program Files\TABLET
    2008-01-08 12:20 --------- d-----w C:\Program Files\Yahoo!
    2008-01-08 12:08 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
    2008-01-08 12:06 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-01-08 12:04 --------- d-----w C:\Program Files\Creative
    2008-01-08 11:54 72,748 ----a-w C:\WINDOWS\unins001.exe
    2008-01-08 11:54 72,748 ----a-w C:\WINDOWS\unins000.exe
    2008-01-04 21:08 700,416 ----a-w C:\StubInstaller.exe
    2008-01-04 19:46 102,664 ----a-w C:\WINDOWS\system32\drivers\tmcomm.sys
    2008-01-04 17:30 --------- d-----w C:\Program Files\SUPERAntiSpyware
    2008-01-04 00:54 --------- d-----w C:\Program Files\Logitech
    2008-01-02 21:28 --------- d-----w C:\Program Files\Common Files\Jasc Software Inc
    2008-01-02 20:50 277 ----a-w C:\WINDOWS\Fonts\must_read.txt
    2008-01-02 20:43 624 ----a-w C:\WINDOWS\Fonts\babe.txt
    2008-01-02 20:36 23,496 ----a-w C:\WINDOWS\Fonts\norp_icons_1.zip
    2008-01-02 20:36 181,762 ----a-w C:\WINDOWS\Fonts\darrians_sexy_silho.zip
    2008-01-02 20:36 11,318 ----a-w C:\WINDOWS\Fonts\48ways.zip
    2008-01-02 20:35 39,209 ----a-w C:\WINDOWS\Fonts\strip_letter_1.zip
    2008-01-02 20:35 196,323 ----a-w C:\WINDOWS\Fonts\alpha_silouettes.zip
    2008-01-02 20:35 14,300 ----a-w C:\WINDOWS\Fonts\group_sex.zip
    2008-01-02 20:34 31,383 ----a-w C:\WINDOWS\Fonts\fuzzy_cootie.zip
    2008-01-02 20:34 154,494 ----a-w C:\WINDOWS\Fonts\sexy_spanish_woman_siluetas.zip
    2008-01-02 20:33 64,778 ----a-w C:\WINDOWS\Fonts\vintage_erotique.zip
    2008-01-02 20:33 258,930 ----a-w C:\WINDOWS\Fonts\wc_fetish_bta.zip
    2008-01-02 20:33 137,468 ----a-w C:\WINDOWS\Fonts\comix_cuties.zip
    2007-12-03 22:55 --------- dc----w C:\Documents and Settings\sASSy\Application Data\U3
    2007-11-21 08:09 --------- d-----w C:\Program Files\JAlbum7.3
    2007-11-01 10:36 1,138 -c--a-w C:\Documents and Settings\sASSy\Application Data\wklnhst.dat
    2007-10-18 09:36 92,672 ----a-w C:\WINDOWS\unlite3.exe
    2007-10-18 09:36 442,880 --sha-w C:\WINDOWS\x2.64.exe
    2007-10-18 09:36 35,840 ----a-w C:\WINDOWS\TASK.EXE
    2007-10-18 09:36 320,000 ----a-w C:\WINDOWS\uninst.exe
    2007-10-18 09:36 26,112 ----a-w C:\WINDOWS\TrueProcess.exe
    2007-10-18 09:36 106,496 ----a-w C:\WINDOWS\unvise32.exe
    2007-10-18 09:32 93,696 ----a-w C:\WINDOWS\ST6UNST.EXE
    2007-10-18 09:32 598,016 ----a-w C:\WINDOWS\SOUNDMAN.EXE
    2007-10-18 09:31 331,776 ----a-w C:\WINDOWS\SETUPX32.EXE
    2007-10-18 09:31 270,336 ----a-w C:\WINDOWS\Setup1.exe
    2007-10-18 09:28 87,040 --sha-w C:\WINDOWS\MOTA113.exe
    2007-10-18 09:28 741,376 ----a-w C:\WINDOWS\iun6002.exe
    2007-10-18 09:28 40,960 ----a-w C:\WINDOWS\P0620Cfg.exe
    2007-10-18 09:28 40,448 ----a-w C:\WINDOWS\LOGI_MWX.EXE
    2007-10-18 09:28 327,168 ----a-w C:\WINDOWS\IsUninst.exe
    2007-10-18 09:28 140,288 ----a-w C:\WINDOWS\lsb_un20.exe
    2007-10-18 09:24 77,824 ----a-w C:\WINDOWS\BCMSMD2K.exe
    2007-10-18 09:24 62,464 ----a-w C:\WINDOWS\Ctregrun.exe
    2007-10-18 09:24 335,872 ----a-w C:\WINDOWS\alcupd.exe
    2007-10-18 09:24 237,568 ----a-w C:\WINDOWS\Alcrmv.exe
    2007-10-18 09:24 172,032 ----a-w C:\WINDOWS\BCMSMU.exe
    2007-10-18 09:24 143,360 ----a-w C:\WINDOWS\BCMSMMSG.exe
    2007-10-18 09:24 102,400 ----a-w C:\WINDOWS\CtDrvIns.exe
    2007-10-18 09:18 612,352 ----a-w C:\Program Files\posteriza.exe
    2007-09-24 12:56 9 -c-ha-w C:\Documents and Settings\sASSy\Application Data\local.lng.dat
    2006-02-25 09:58 430,406 ------w C:\Program Files\whois.exe
    2005-10-04 03:55 2,267,015 ------w C:\Program Files\setup_ca_en.execal.exe
    2005-08-22 19:33 68,918 -c--a-w C:\Program Files\procexp.chm
    2005-08-22 19:29 1,238,544 ----a-w C:\Program Files\procexp.exe
    2004-01-05 16:12 1,293 -c--a-w C:\Program Files\README.TXT
    2005-05-13 23:12 217,073 -csha-r C:\WINDOWS\meta4.exe
    2005-10-08 01:14 308,224 --sha-r C:\WINDOWS\system32\avisynth.dll
    2005-07-14 18:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll
    2005-06-26 21:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll
    2005-06-22 04:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll
    2004-01-25 06:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll
    2006-04-27 16:24 2,945,024 --sha-r C:\WINDOWS\system32\Smab.dll
    2005-02-28 19:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe
    2004-01-25 06:00 70,656 --sha-r C:\WINDOWS\system32\yv12vfw.dll
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe "= "C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:56 15360]
    "swg "= "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-09 09:09 68856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Logitech Utility "= "Logi_MwX.Exe" [2007-10-18 03:28 40448 C:\WINDOWS\LOGI_MWX.EXE]
    "SunJavaUpdateSched "= "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
    "Adobe Reader Speed Launcher "= "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
    "LogitechCommunicationsManager "= "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33 563984]
    "QuickTime Task "= "C:\Program Files\QuickTime\qttask.exe" [2007-10-18 03:19 303104]
    "pccguide.exe "= "D:\Trend_Micro_\pccguide.exe" [2007-01-23 00:26 3429904]
    "RegistryMechanic "=" " []

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "MySpaceIM "= "C:\Program Files\MySpace\IM\MySpaceIM.exe" [2007-12-18 19:47 8720384]

    C:\Documents and Settings\sASSy\Start Menu\Programs\Startup\
    Webshots.lnk - D:\Webshots\Webshots\Launcher.exe [2008-01-08 10:08:08]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Windows SteadyState]
    @= "Service "

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "Aim6 "= "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
    "MySpaceIM "=C:\Program Files\MySpace\IM\MySpaceIM.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "LogitechCommunicationsManager "= "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe "
    "LogitechQuickCamRibbon "= "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    "Bubble "= "%ProgramFiles%\Windows SteadyState\Bubble.exe "

    R1 Cinemsup;Cinemsup;C:\WINDOWS\system32\drivers\Cinemsup.sys [2003-12-19 01:00]
    R2 Windows SteadyState;Windows SteadyState Service; "C:\Program Files\Windows SteadyState\SCTSvc.exe" [2007-06-05 15:56]
    S3 epatap2k;SCM Parallel Port ATAPI Driver;C:\WINDOWS\system32\DRIVERS\epatap2k.sys [2000-03-17 20:27]
    S3 LCcfltr;Logitech USB Filter Driver;C:\WINDOWS\system32\Drivers\LCcFltr.Sys [2003-11-07 03:50]

    .
    Contents of the 'Scheduled Tasks' folder
    "2008-01-11 23:15:00 C:\WINDOWS\Tasks\1-Click Maintenance.job "
    - D:\Tune up\OneClick.exe
    .
    **************************************************************************

    disk not found C:\

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    disk not found C:\

    **************************************************************************
    .
    Completion time: 2008-01-18 5:24:43 - machine was rebooted [sASSy]
    ComboFix-quarantined-files.txt 2008-01-18 11:23:39
    ComboFix2.txt 2008-01-12 09:09:25
    ComboFix3.txt 2008-01-10 01:21:13
    ComboFix4.txt 2007-10-15 13:38:35
    ComboFix5.txt 2007-10-14 17:46:09
    .
    2008-01-09 09:02:17 --- E O F ---
     
  5. 2008/01/18
    NmymindDzine

    NmymindDzine Inactive Thread Starter

    Joined:
    2008/01/01
    Messages:
    46
    Likes Received:
    0
    wheres my recovery console ya think? or how do I put it back anyway....
    I can NOT find the same install CD for xp but do have the one....or 2
    would like to do a sf /scannow too and it keeps asking...
    is running sluggish
    internet which is wireless is a little groggy...
     
  6. 2008/01/19
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Looks like things cleaned up OK. Did you find your cd and run sfc yet? Things any better?

    The Recovery Console was never installed on your system. Because of recent infections, ComboFix has been updated to check for it and let us know whether or not it's installed. The Recovery Console, also available via the Windows XP installation cd, is used for diagnostic and repair operations to the system without booting the operating system. Having it pre-installed is a safety net, since it requires no cd if the Recovery Console is needed. Since you have a cd (?), there's no risk in not installing the RC. If you want to, I can certainly instruct you on the how to.
     
  7. 2008/01/21
    NmymindDzine

    NmymindDzine Inactive Thread Starter

    Joined:
    2008/01/01
    Messages:
    46
    Likes Received:
    0
    Yes I think thats something I should know if you dont mind helping me I would like to learn.
    No I cant find the same CD I installed with although I do have a XP cd, so it wont do a scannow...
    did get registry mechanic, & let it do its things weekly...
    How can I help my system....?
    TYVM...I wont doubt u anymore....lol:cool:
     
    Last edited: 2008/01/21
  8. 2008/01/21
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    We'll use ComboFix to install the Recovery Console. After creating a system restore point and erunt backups, it only installs the RC so you shouldn't have a problem with it taking a long time to complete. ;)

    You need to download the installation package for the Setup Disks for Floppy Boot Install from Microsoft so that we can use it to install the Recovery Console on your computer. No validation required! Please select the download link below that's appropriate for your Operating System (you have XP Pro SP2) then download and save the setup package to your desktop. If necessary, change the language version to match your installation. Do NOT change the name of the downloaded file!

    Now close all open windows and programs, then drag the setup package onto ComboFix.exe and drop it. Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console. When complete, a log named CF_RC.txt will open. Please post the contents of that log.

    Please do not reboot your machine until we have reviewed the log.
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.