c++ 2008 problem

Bugerion · January 9, 2010

Here are logs if they can help I didn't manage to do that last scan with that random called thing my computer always stops working when it scans so I couldn't get the log

First file from DDS

=== Installed Programs ======================

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 8.1.3

Adobe Shockwave Player 11.5

ASUSDVD

DDS.zip

AdvancedSetup · January 10, 2010

Your version of Malwarebytes is VERY old. Please uninstall it. Follow the directions below, make sure you disable your Anti-Virus while installing the new Malwarebytes.

Please try this on the computer that is having an issue.

1. Uninstall Malwarebytes' Anti-Malware using Add/Remove programs in the control panel.

2. Restart your computer (very important).

3. Download and run this utility. mbam-clean.exe

4. It will ask to restart your computer (please allow it to).

5. After the computer restarts, install the latest version from here. mbam-setup.exe

Note: You will need to reactivate the program using the license you were sent

Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.

Restart the computer again and verify that MBAM is in the task tray and that you can run a quick scan and all is working as expected.

AdvancedSetup · January 10, 2010

Please uninstall or disable all of your peer 2 peer software.

Bugerion · January 11, 2010

I didn't get any licence cod??

Scan with new version:

Malwarebytes' Anti-Malware 1.44

Database version: 3539

Windows 6.0.6001 Service Pack 1

Internet Explorer 7.0.6001.18000

21.12.2009 20:03:34

mbam-log-2009-12-21 (20-03-34).txt

Scan type: Quick Scan

Objects scanned: 105769

Time elapsed: 8 minute(s), 15 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Bugerion · January 14, 2010

I still need help

AdvancedSetup · January 21, 2010

Well I missed putting your post on my support sheet and forgot to come back and look.

Okay, well based on your first time here you really did not supply me back with a good AV scan and confirmation that you did not have Virut which you did show a potential threat of from something.

http://www.malwarebytes.org/forums/index.p...ost&p=93954

Please run the following and post back the log.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

---------------------------------------------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper at this forum.

---------------------------------------------------------------------------------------------

Download ComboFix from one of these locations:
Link 1
Link 2
* IMPORTANT !!! Place combofix.exe on your Desktop
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
You can get help on disabling your protection programs here
Double click on combofix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

The Windows recovery console will allow you to boot up into a special recovery mode that allows us to help you in the case that your computer has a problem after an attempted removal of malware.
With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement.
ComboFix will now automatically install the Microsoft Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Microsoft Windows Recovery Console option when you start your computer unless requested to by a helper.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see a message that says:
The Recovery Console was successfully installed.

Click on Yes, to continue scanning for malware.
Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
When finished, it shall produce a log for you. Post that log in your next reply
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
---------------------------------------------------------------------------------------------
Ensure your AntiVirus and AntiSpyware applications are re-enabled.
---------------------------------------------------------------------------------------------

Bugerion · January 22, 2010

ComboFix 10-01-21.08 - Name 01.01.2010 18:15:36.2.2 - x86

Running from: c:\users\Name\Desktop\ComboFix.exe

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\$recycle.bin\S-1-5-21-2820492086-4233630706-933203961-1003

c:\program files\SpeedBit Video Downloader\Toolbar\tbhelper.dll

c:\users\Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk

c:\users\Name\left4dead2.exe

D:\install.exe

.

((((((((((((((((((((((((( Files Created from 2009-12-01 to 2010-01-01 )))))))))))))))))))))))))))))))

.

2040-01-28 15:19 . 2040-01-28 15:19 6136 ----a-w- c:\users\Name\AppData\Local\TimerStop64.sys

2040-01-28 15:19 . 2040-01-28 15:19 4096 ----a-w- c:\users\Name\AppData\Local\TimerStop.sys

2010-01-01 17:21 . 2010-01-01 17:22 -------- d-----w- c:\users\Name\AppData\Local\temp

2010-01-01 17:21 . 2010-01-01 17:21 -------- d-----w- c:\users\Default\AppData\Local\temp

2009-12-29 15:08 . 2009-12-29 15:08 -------- d-----w- c:\programdata\Codemasters

2009-12-29 15:08 . 2009-12-29 15:08 444952 ----a-w- c:\windows\system32\wrap_oal.dll

2009-12-29 15:08 . 2009-12-29 15:08 109080 ----a-w- c:\windows\system32\OpenAL32.dll

2009-12-29 15:08 . 2009-12-29 15:08 -------- d-----w- c:\program files\OpenAL

2009-12-22 23:59 . 2009-12-22 23:59 41872 ----a-w- c:\windows\system32\xfcodec.dll

2009-12-21 13:04 . 2009-12-21 13:05 -------- d-----w- c:\program files\DAEMON Tools Lite

2009-12-21 13:04 . 2009-12-21 13:10 -------- d-----w- c:\users\Name\AppData\Roaming\DAEMON Tools Lite

2009-12-21 13:04 . 2009-12-21 13:04 -------- d-----w- c:\programdata\DAEMON Tools Lite

2009-12-21 09:59 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-12-21 09:59 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-12-21 09:59 . 2009-12-21 09:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-12-21 09:51 . 2009-12-21 09:51 -------- d-----w- c:\program files\ImageShack Uploader

2009-12-20 08:44 . 2009-12-20 08:44 -------- d-----w- c:\users\Name\bin

2009-12-18 14:34 . 2009-12-18 14:34 -------- d-----w- c:\windows\system32\EventProviders

2009-12-15 12:06 . 2010-01-04 06:39 -------- d-----w- C:\Codd

2009-12-14 20:40 . 2009-12-14 20:40 -------- d-----w- c:\programdata\Blizzard Entertainment

2009-12-13 09:25 . 2009-12-13 09:25 -------- d-----w- c:\users\Name\{02a450f5-bad0-4d1b-883a-a1449bd024ce}

2009-12-13 09:25 . 2009-02-24 17:42 116736 ----a-w- c:\windows\system32\drivers\mcdbus.sys

2009-12-13 09:25 . 2009-12-13 09:26 -------- d-----w- c:\program files\MagicDisc

2009-12-13 09:21 . 2009-12-13 09:22 -------- d-----w- c:\program files\MagicISO

2009-12-08 05:08 . 2009-12-08 05:08 38400 ----a-w- c:\users\Name\stryder.dll

2009-12-08 05:00 . 2009-12-08 05:00 10240 ----a-w- c:\users\Name\IniGen.exe

2009-12-07 16:11 . 2009-12-07 20:55 -------- d-----w- c:\program files\JDownloader

2009-12-06 11:44 . 2009-12-07 12:21 -------- d-----w- c:\users\Name\AppData\Local\ApplicationHistory

2009-12-06 11:40 . 2009-12-06 11:40 -------- d-----w- c:\windows\system32\URTTEMP

2009-12-05 11:18 . 2009-12-05 11:18 -------- d-----w- c:\users\Name\DotNet

2009-12-04 18:26 . 2009-12-04 18:26 -------- d-----w- c:\users\Name\AppData\Roaming\ImgBurn

2009-12-04 18:25 . 2009-12-04 18:25 -------- d-----w- c:\program files\ImgBurn

2009-12-03 20:01 . 2009-12-03 20:02 -------- d--h--w- c:\windows\msdownld.tmp

2009-12-03 18:58 . 2009-12-03 19:49 -------- d-----w- c:\users\Name\AppData\Local\LogMeIn Hamachi

2009-12-03 18:57 . 2009-12-03 18:57 -------- d-----w- c:\program files\LogMeIn Hamachi

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-01-01 17:22 . 2009-11-28 15:21 -------- d-----w- c:\users\Name\AppData\Roaming\DMCache

2010-01-01 17:20 . 2009-05-08 21:11 -------- d-----w- c:\users\Name\AppData\Roaming\DNA

2010-01-01 17:10 . 2009-09-02 10:45 49744 ----a-w- c:\programdata\nvModes.dat

2010-01-01 17:09 . 2009-01-28 15:06 -------- d-----w- c:\programdata\NVIDIA

2010-01-01 17:09 . 2009-01-28 13:41 1356 ----a-w- c:\users\Name\AppData\Local\d3d9caps.dat

2010-01-01 17:08 . 2009-03-27 23:04 -------- d-----w- c:\program files\Microsoft Silverlight

2010-01-01 13:46 . 2009-03-29 08:32 215104 ----a-w- c:\windows\system32\PNKBSTRB.EXE

2010-01-01 13:20 . 2009-03-29 08:32 138576 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2009-12-29 14:48 . 2009-01-28 15:33 -------- d--h--w- c:\program files\InstallShield Installation Information

2009-12-26 19:20 . 2009-03-10 09:14 -------- d-----w- c:\program files\Common Files\Steam

2009-12-23 18:13 . 2009-04-05 06:52 -------- d-----w- c:\users\Name\AppData\Roaming\Xfire

2009-12-23 16:59 . 2009-04-05 06:52 -------- d-----w- c:\programdata\Xfire

2009-12-22 23:26 . 2009-05-16 08:14 -------- d-----w- c:\program files\DNA

2009-12-21 13:05 . 2009-10-09 21:45 691696 ----a-w- c:\windows\system32\drivers\sptd.sys

2009-12-21 09:59 . 2009-06-29 09:46 -------- d-----w- c:\users\Name\AppData\Roaming\Malwarebytes

2009-12-21 09:59 . 2009-06-29 09:46 -------- d-----w- c:\programdata\Malwarebytes

2009-12-19 20:28 . 2009-11-28 15:21 -------- d-----w- c:\users\Name\AppData\Roaming\IDM

2009-12-19 20:20 . 2009-06-17 17:25 552 ----a-w- c:\users\Name\AppData\Local\d3d8caps.dat

2009-12-17 02:13 . 2009-01-28 13:42 100256 ----a-w- c:\users\Name\AppData\Local\GDIPFONTCACHEV1.DAT

2009-12-09 12:45 . 2009-10-23 14:38 -------- d-----w- c:\program files\Counter-Strike 1.6

2009-12-06 11:59 . 2009-05-16 07:19 -------- d-----w- c:\users\Name\AppData\Roaming\GameTracker

2009-12-03 12:32 . 2009-01-30 21:23 -------- d-----w- c:\program files\Activision

2009-12-02 15:00 . 2009-03-27 23:37 -------- d-----w- c:\program files\Java

2009-11-30 19:13 . 2009-08-28 23:19 -------- d-----w- c:\program files\Common Files\DVDVideoSoft

2009-11-30 19:13 . 2009-08-28 23:19 -------- d-----w- c:\program files\DVDVideoSoft

2009-11-30 17:02 . 2009-11-30 17:02 171144 ----a-w- c:\windows\system32\xliveinstall.dll

2009-11-30 17:02 . 2009-11-30 17:02 72840 ----a-w- c:\windows\system32\xliveinstallhost.exe

2009-11-28 15:24 . 2009-11-28 15:21 -------- d-----w- c:\program files\Internet Download Manager

2009-11-28 15:22 . 2009-11-28 15:22 165296 ----a-w- c:\users\Name\AppData\Roaming\IDM\idmmzcc2\components\idmmzcc.dll

2009-11-28 08:07 . 2009-03-29 08:32 75064 ----a-w- c:\windows\system32\PnkBstrA.exe

2009-11-28 08:07 . 2009-03-26 17:58 2373712 ----a-w- c:\windows\system32\pbsvc.exe

2009-11-25 12:52 . 2009-11-25 12:52 -------- d-----w- c:\programdata\WinZip

2009-11-25 12:31 . 2009-11-25 12:31 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb66DA.tmp.exe

2009-11-24 18:56 . 2009-11-24 18:56 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor

2009-11-24 18:47 . 2009-02-28 18:56 -------- d-----w- c:\program files\Marvell

2009-11-24 18:39 . 2009-11-24 18:35 -------- d-----w- c:\users\Name\AppData\Roaming\Software Informer

2009-11-24 18:35 . 2009-04-12 19:56 -------- d-----w- c:\program files\Software Informer

2009-11-23 12:59 . 2009-11-23 12:59 -------- d-----w- c:\program files\CPUID

2009-11-21 16:12 . 2009-01-31 17:31 -------- d-----w- c:\program files\Electronic Arts

2009-11-20 14:31 . 2009-11-20 14:31 2373712 ----a-w- c:\programdata\id Software\QuakeLive\pbsvc.exe

2009-11-20 06:36 . 2009-02-06 19:17 -------- d-----w- c:\programdata\Sports Interactive

2009-11-20 06:36 . 2009-01-28 21:44 -------- d-----w- c:\users\Name\AppData\Roaming\Sports Interactive

2009-11-20 06:31 . 2009-01-28 21:27 -------- d-----w- c:\program files\Sports Interactive

2009-11-18 15:19 . 2009-11-18 15:19 -------- d-----w- c:\programdata\BioWare

2009-11-18 15:16 . 2009-11-18 15:16 -------- d-----w- c:\programdata\Media Center Programs

2009-11-18 15:16 . 2009-11-18 15:04 -------- d-----w- c:\program files\Common Files\BioWare

2009-11-18 14:39 . 2009-04-12 18:23 -------- d-----w- c:\users\Name\AppData\Roaming\uTorrent

2009-11-10 13:27 . 2009-11-10 13:27 -------- d-----w- c:\program files\Movie Maker 2.6

2009-11-06 09:59 . 2009-11-06 09:59 15406728 ----a-w- c:\windows\system32\xlive.dll

2009-11-06 09:59 . 2009-11-06 09:59 13642888 ----a-w- c:\windows\system32\xlivefnt.dll

2009-11-02 21:39 . 2009-10-10 18:20 -------- d-----w- c:\users\Name\AppData\Roaming\The Path

2009-10-11 03:17 . 2009-03-27 23:38 411368 ----a-w- c:\windows\system32\deploytk.dll

2009-10-08 09:11 . 2009-11-24 18:44 643072 ----a-w- c:\windows\system32\ykx32ncu.dll

2009-10-07 15:17 . 2009-02-22 20:33 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys

2009-10-07 15:17 . 2009-02-22 20:33 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys

.

------- Sigcheck -------

[-] 2008-01-18 . E104414729F6D39F7C7EC07693E6DDA3 . 25088 . . [6.0.6000.16386] . . c:\windows\System32\userinit.exe

[-] 2006-11-02 . 77139F6755CF7C7241FD2F35BEF67326 . 8704 . . [6.0.6000.16386] . . c:\windows\System32\CTFMON.EXE

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{7c5c0f58-e061-457d-9033-77307f5ed00c}"= "c:\program files\TorrentMan\tbTor1.dll" [2009-07-17 2215960]

[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]

2008-12-09 16:40 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]

2009-07-17 20:21 2215960 ----a-w- c:\program files\TorrentMan\tbTor1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]

2009-04-01 17:16 193472 ------w- c:\program files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192]

"{7c5c0f58-e061-457d-9033-77307f5ed00c}"= "c:\program files\TorrentMan\tbTor1.dll" [2009-07-17 2215960]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]

[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{7C5C0F58-E061-457D-9033-77307F5ED00C}"= "c:\program files\TorrentMan\tbTor1.dll" [2009-07-17 2215960]

"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192]

[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]

[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-18 1233920]

"GAINWARD"="c:\program files\EXPERTool\TBPanel.exe" [2008-10-21 2177576]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 147456]

"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-08 39408]

"BitTorrent DNA"="c:\users\Name\Program Files\DNA\btdna.exe" [2009-10-07 323392]

"RegistryMechanic"="c:\program files\Registry Mechanic\RMTray.exe" [2008-07-03 812952]

"RGSC"="c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2009-03-24 306088]

"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-11-28 2606512]

"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928]

"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2008-09-26 2356088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2008-03-20 83240]

"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2007-12-14 50472]

"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]

"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]

"egui"="f:\eset\egui.exe" [2009-02-06 2021400]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2820492086-4233630706-933203961-1000]

"EnableNotificationsRef"=dword:00000001

R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;d:\program files\DA O\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]

S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]

S2 16771;16771;c:\windows\System32\16771.sys [2009-01-28 4096]

S2 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [2008-12-09 464264]

S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [2008-12-09 234888]

S2 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x32.sys [2009-03-27 12672]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

yksvcs REG_MULTI_SZ yksvc

.

Contents of the 'Scheduled Tasks' folder

2010-01-01 c:\windows\Tasks\User_Feed_Synchronization-{6BA434EA-4D9F-4945-AC55-4338C174DB8A}.job

- c:\windows\system32\msfeedssync.exe [2009-02-13 22:33]

.

------- Supplementary Scan -------

.

uStart Page = hxxp://google.atcomet.com/

uSearchURL,(Default) = hxxp://g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR

IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm

IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm

IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm

IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm

IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm

IE: Download video with Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm

IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

IE: Preuzmi odabrano Free Download Manager-om - file://c:\program files\Free Download Manager\dlselected.htm

IE: Preuzmi sa Free Download Managerom - file://c:\program files\Free Download Manager\dllink.htm

IE: Preuzmi sve sa Free Download Manager-om - file://c:\program files\Free Download Manager\dlall.htm

IE: Save YouTube Video as MP3 - c:\program files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm

Trusted Zone: bitcomet

Trusted Zone: quakelive.com\www

TCP: {34814B22-ACC0-44D9-8FB4-1103A29FD54B} = 217.23.192.9 217.23.192.14

DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.21.0.cab

.

- - - - ORPHANS REMOVED - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

HKCU-Run-fsm - (no file)

HKCU-Run-Steam - d:\program files\Steam\Steam.exe

AddRemove-SpeedBit Video Accelerator - c:\program files\SpeedBit Video Accelerator\VARemove.exe

AddRemove-{1DCC7418-2089-4BDD-B321-3771956160FC} - c:\program files\InstallShield Installation Information\{1DCC7418-2089-4BDD-B321-3771956160FC}\setup.exe

AddRemove-{52D1D62C-FEAB-4580-849E-1DB624BADBBD} - c:\program files\InstallShield Installation Information\{52D1D62C-FEAB-4580-849E-1DB624BADBBD}\setup.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-01-01 18:22

Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

c:\users\Name\AppData\Local\Temp\catchme.dll 53248 bytes executable

scan completed successfully

hidden files: 1

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\GarenaPEngine]

"ImagePath"="\??\c:\users\Name\AppData\Local\Temp\MLE18FA.tmp"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2820492086-4233630706-933203961-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{8A4BF383-F4C1-6F89-36F4-2A36F3894F23}*]

"bbofblppdfnjancfgcopklaepmghgmmljpge"=hex:67,61,6f,64,64,6f,62,63,70,6d,6f,67,

6d,6b,00,00

[HKEY_USERS\S-1-5-21-2820492086-4233630706-933203961-1000\Software\SecuROM\License information*]

"datasecu"=hex:93,ee,4f,f2,fd,2f,3a,29,7d,2f,4a,3f,39,da,65,20,64,17,62,4e,41,

df,4b,56,ee,d8,09,e4,fa,62,26,0a,d0,89,ba,5d,e2,41,46,ef,74,d2,f2,a8,98,c2,\

"rkeysecu"=hex:9a,1a,d0,fc,be,17,e1,f4,95,92,ac,1f,b2,a6,71,0e

.

Completion time: 2010-01-01 18:23:46

ComboFix-quarantined-files.txt 2010-01-01 17:23

ComboFix2.txt 2009-07-01 11:07

Pre-Run: 16.931.762.176 bytes free

Post-Run: 20.709.007.360 bytes free

- - End Of File - - FC6BAA2B99822EC7B94F5FB4DDCD81CC

there also Idk if its important but first 2 times I tryed runing it it said data error 2010 but the 3 time ran normaly also it disabled my emulation drives so will I be able to eneble them sometimes and how?

EDIT:After scaning with combofix my computer has gone psycho I cant watch videos on youtube and I cant check my mail is that because of combofix or is something strange happening.

Also i cant search anything on google and I have combofix on C:/combofix and it has shortcut of my computer wtf is that

AdvancedSetup · January 22, 2010

This is not the FULL CF log. It is missing the headers or has been edited. Please do not edit logs. Go back and find the log and select ALL and post back the full log please.

Do you have the Windows installation disk? You are infected and we may need to have the installation disk to fix it.

Thanks.

Bugerion · January 23, 2010

I don't have the installation disc and my computer was fine until I ran Combofix

Bugerion · January 23, 2010

I have to add reply because I can't even fully edit the post