This is the third site I come to for help. With my other two attempts still having no responses, I am hoping to have luck here. 2 days ago I ran my Spybot and it found a few entries, one of which was Virtumonde. It cleaned them but i figured it owuldnt be that easy. I ran my Nod virus scan and it came up clean. I even ran Nod and Spybot again in Safe Mode, and it came up clean. During my "wait for help" on the other sites I got desperate and attempted to run combofix, superantispyware, and Vundofix. Comobofix found & deleted a few things, superantispyware found 1 trojan and seemed to remove it, and when i ran vundofix last, it came up clean. I kept getting a corrupted file message at system boot, and icons were changing and everything was running really slow. I think even my Zune software is acting strange. Icons seem to be back to normal now, but I still dont trust my judgement and would love an expert opinion if someone would be willing. If you could please...also, if theres some other program I could run to make sure nothing is hiding out. Here is a HJT log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:54:57 PM, on 10/12/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\ESET\nod32kui.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: 69.253.151.209 idenupdate.motorola.com
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O13 - Gopher Prefix:
O16 - DPF: {BE319D04-18BD-4B34-AECC-EE7CB610FCA9} (BewitchedGameClass Control) - http://www.station.sony.com/games/en/010/main.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 8154 bytes
Hello Xuxu,
Welcome to Gladiator Security Forum
If you haven't gotten any responses from the other forums, then please go back to them and let them know you're getting help here so they can close those threads. :)
Could you please post the original ComboFix log you got? We'll start from there, please.
Thanks,
tea
Welcome to Gladiator Security Forum
If you haven't gotten any responses from the other forums, then please go back to them and let them know you're getting help here so they can close those threads. :)
Could you please post the original ComboFix log you got? We'll start from there, please.
Thanks,
tea
Well I've done some cleaning as I waited. Sorry, I'm very impatient and I felt like I couldnt sit without trying something....I ran all kinds of programs and deleted all the remnants including logs and such. I ran combofix now and this is the log after all the cleaning I did.
ComboFix 07-10-13.3 - XuXu 2007-10-13 17:00:33.2 - NTFSx86 MINIMAL
Microsoftr Windows VistaT Home Premium 6.0.6000.0.1252.1.1033.18.735 [GMT -4:00]
Running from: C:\Users\XuXu\Desktop\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2007-09-13 to 2007-10-13 )))))))))))))))))))))))))))))))
.
2007-10-13 15:15 <DIR> d-------- C:\Users\XuXu\DoctorWeb
2007-10-13 14:19 <DIR> d-------- C:\Users\All Users\Grisoft
2007-10-13 14:19 <DIR> d-------- C:\ProgramData\Grisoft
2007-10-13 13:16 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\PeerNetworking
2007-10-12 23:27 <DIR> d-------- C:\Program Files\Neopets
2007-10-12 22:43 <DIR> d-------- C:\Users\XuXu\Hijackthis
2007-10-12 21:06 <DIR> d-------- C:\Users\All Users\SUPERAntiSpyware.com
2007-10-12 21:06 <DIR> d-------- C:\ProgramData\SUPERAntiSpyware.com
2007-10-12 21:05 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\SUPERAntiSpyware.com
2007-10-12 20:56 51,200 --a------ C:\Windows\NirCmd.exe
2007-10-12 20:03 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\Skype
2007-10-12 19:54 <DIR> d-------- C:\Program Files\Skype
2007-10-12 19:54 <DIR> d-------- C:\Program Files\Common Files\Skype
2007-10-12 19:53 <DIR> d-------- C:\Users\All Users\Skype
2007-10-12 19:53 <DIR> d-------- C:\ProgramData\Skype
2007-10-11 19:02 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\vlc
2007-10-11 17:20 <DIR> d-------- C:\Program Files\Trend Micro
2007-10-11 16:18 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\Azureus
2007-10-11 16:18 <DIR> d-------- C:\Users\All Users\Azureus
2007-10-11 16:18 <DIR> d-------- C:\ProgramData\Azureus
2007-10-11 15:22 <DIR> d-------- C:\Program Files\Network Stumbler
2007-10-11 15:16 <DIR> d-------- C:\Program Files\dvdSanta
2007-10-11 11:03 <DIR> dr------- C:\Windows\System32\config\systemprofile\Music
2007-10-10 23:34 <DIR> d-------- C:\Users\XuXu\Shared
2007-10-10 23:34 <DIR> d-------- C:\Users\XuXu\Incomplete
2007-10-10 23:33 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\LimeWire
2007-10-10 23:33 <DIR> d-------- C:\Users\All Users\eMule
2007-10-10 23:33 <DIR> d-------- C:\ProgramData\eMule
2007-10-10 23:03 <DIR> d-------- C:\Program Files\Zune
2007-10-10 00:57 8,147,968 --a------ C:\Windows\System32\wmploc.DLL
2007-10-10 00:57 356,864 --a------ C:\Windows\System32\MediaMetadataHandler.dll
2007-10-10 00:57 7,680 --a------ C:\Windows\System32\spwmp.dll
2007-10-10 00:57 4,096 --a------ C:\Windows\System32\dxmasf.dll
2007-10-10 00:54 788,992 --a------ C:\Windows\System32\rpcrt4.dll
2007-10-10 00:54 737,792 --a------ C:\Windows\System32\inetcomm.dll
2007-10-10 00:54 84,480 --a------ C:\Windows\System32\INETRES.dll
2007-10-10 00:29 <DIR> d-------- C:\Program Files\Notebook Hardware Control
2007-10-10 00:28 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\Syntrillium
2007-10-10 00:26 <DIR> d-------- C:\Program Files\coolpro2
2007-10-10 00:24 <DIR> d-------- C:\Program Files\VirtualDub
2007-10-10 00:07 <DIR> d-------- C:\Program Files\Azureus
2007-10-09 23:59 <DIR> d-------- C:\Program Files\IrfanView
2007-10-09 23:57 <DIR> d-------- C:\Program Files\LimeWire
2007-10-09 23:56 <DIR> d-------- C:\Users\All Users\DVD Shrink
2007-10-09 23:56 <DIR> d-------- C:\ProgramData\DVD Shrink
2007-10-09 23:56 <DIR> d-------- C:\Program Files\DVD Shrink
2007-10-09 23:55 <DIR> d-------- C:\Program Files\eMule
2007-10-09 20:51 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\Winamp
2007-10-09 20:51 <DIR> d-------- C:\Program Files\Winamp
2007-10-09 20:40 <DIR> d-------- C:\Program Files\VideoLAN
2007-10-09 20:28 <DIR> d-------- C:\Users\All Users\Spybot - Search & Destroy
2007-10-09 20:28 <DIR> d-------- C:\ProgramData\Spybot - Search & Destroy
2007-10-09 20:24 <DIR> d-------- C:\Program Files\Windows Live
2007-10-09 20:23 <DIR> d-------- C:\Users\All Users\WLInstaller
2007-10-09 20:23 <DIR> d-------- C:\ProgramData\WLInstaller
2007-10-09 19:21 <DIR> d-------- C:\Program Files\Motorola
2007-10-09 19:21 327,168 --a------ C:\Windows\IsUninst.exe
2007-10-09 19:18 <DIR> d-------- C:\Program Files\Common Files\Motorola Shared
2007-10-08 03:11 <DIR> d-------- C:\Users\All Users\Yahoo!
2007-10-08 03:11 <DIR> d-------- C:\ProgramData\Yahoo!
2007-10-07 17:45 <DIR> d-------- C:\Users\All Users\SonicStage
2007-10-07 17:45 <DIR> d-------- C:\ProgramData\SonicStage
2007-10-07 17:18 <DIR> d--h----- C:\TEMP
2007-10-07 13:56 <DIR> d-------- C:\Program Files\CCleaner
2007-10-06 12:51 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\Neopets Toolbar
2007-10-06 12:45 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\Yahoo!
2007-10-06 12:45 <DIR> d-------- C:\Users\All Users\Yahoo! Companion
2007-10-06 12:45 <DIR> d-------- C:\ProgramData\Yahoo! Companion
2007-10-06 12:44 <DIR> d-------- C:\Program Files\Yahoo!
2007-10-06 12:43 <DIR> d-------- C:\Windows\cache
2007-10-06 00:25 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\acccore
2007-10-06 00:23 <DIR> d-------- C:\Users\All Users\Viewpoint
2007-10-06 00:23 <DIR> d-------- C:\ProgramData\Viewpoint
2007-10-06 00:23 <DIR> d-------- C:\Program Files\Viewpoint
2007-10-06 00:22 <DIR> d-------- C:\Users\All Users\AOL OCP
2007-10-06 00:22 <DIR> d-------- C:\Users\All Users\AOL
2007-10-06 00:22 <DIR> d-------- C:\ProgramData\AOL OCP
2007-10-06 00:22 <DIR> d-------- C:\ProgramData\AOL
2007-10-06 00:22 <DIR> d-------- C:\Program Files\AIM6
2007-10-06 00:21 512,096 --a------ C:\Windows\System32\drivers\amon.sys
2007-10-06 00:21 298,104 --a------ C:\Windows\System32\imon.dll
2007-10-06 00:21 15,424 --a------ C:\Windows\System32\drivers\nod32drv.sys
2007-10-05 23:48 <DIR> d-------- C:\Windows\Intuit
2007-10-05 23:38 <DIR> d-------- C:\Program Files\InterVideo
2007-10-05 23:37 2,297,552 --a------ C:\Windows\System32\d3dx9_26.dll
2007-10-05 23:29 <DIR> d-------- C:\Users\All Users\VAIO Media Platform
2007-10-05 23:29 <DIR> d-------- C:\ProgramData\VAIO Media Platform
2007-10-05 23:26 2,981,888 --a------ C:\Windows\System32\iplw7.dll
2007-10-05 23:26 2,973,696 --a------ C:\Windows\System32\ipla6.dll
2007-10-05 23:26 2,785,280 --a------ C:\Windows\System32\iplm6.dll
2007-10-05 23:26 2,686,976 --a------ C:\Windows\System32\iplm5.dll
2007-10-05 23:26 2,531,328 --a------ C:\Windows\System32\iplp6.dll
2007-10-05 23:26 2,502,656 --a------ C:\Windows\System32\iplpx.dll
2007-10-05 23:26 53,248 --a------ C:\Windows\System32\ipl.dll
2007-10-05 23:26 19,968 --a------ C:\Windows\System32\Cpuinf32.dll
2007-10-05 23:22 <DIR> d-------- C:\Windows\System32\Spiderman 3 dir
2007-10-05 23:21 770,048 --a------ C:\Windows\System32\CDDBUISony.dll
2007-10-05 23:21 655,360 --a------ C:\Windows\System32\CDDBControlSony.dll
2007-10-05 23:21 589,824 --a------ C:\Windows\System32\CddbMusicIDSony.dll
2007-10-05 23:21 532,480 --a------ C:\Windows\System32\CddbPlaylist2Sony.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-24 16:59 0 ---ha-w C:\Windows\system32\drivers\Msft_Kernel_Apfiltr_01001.Wdf
2008-02-24 16:59 --------- d-----w C:\Program Files\Apoint
2008-02-24 16:58 --------- d-----w C:\Program Files\CONEXANT
2007-10-12 23:30 0 ---ha-w C:\Windows\system32\drivers\Msft_Kernel_motmodem_01005.Wdf
2007-10-12 03:16 --------- d-----w C:\Program Files\Common Files\Adobe
2007-10-11 19:38 --------- d-----w C:\Program Files\Microsoft.NET
2007-10-11 19:37 --------- d-----w C:\Program Files\MSBuild
2007-10-11 18:29 --------- d-----w C:\Program Files\Java
2007-10-10 05:02 --------- d-----w C:\Program Files\Windows Mail
2007-10-10 04:55 56,320 ----a-w C:\Windows\System32\iesetup.dll
2007-10-10 04:55 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2007-10-10 04:55 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2007-10-07 21:45 --------- d-----w C:\ProgramData\Sony Corporation
2007-10-06 03:58 0 ---ha-r C:\Windows\system32\drivers\Sony_VGN-N395E.mrk
2007-10-06 03:50 --------- d-----w C:\Program Files\Sony
2007-10-06 03:45 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-06 03:45 --------- d-----w C:\ProgramData\Napster
2007-10-06 03:28 --------- d-----w C:\Program Files\Common Files\Sony Shared
2007-10-06 03:19 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-10-06 01:41 --------- d-----w C:\Program Files\Microsoft SQL Server
2007-10-06 01:20 174 --sha-w C:\Program Files\desktop.ini
2007-10-06 01:15 --------- d-----w C:\Program Files\Windows Defender
2007-10-06 01:15 --------- d-----w C:\Program Files\Windows Calendar
2007-10-06 01:11 8,192 ----a-w C:\Windows\System32\riched32.dll
2007-10-06 01:11 77,824 ----a-w C:\Windows\System32\rascfg.dll
2007-10-06 01:11 70,144 ----a-w C:\Windows\system32\drivers\pacer.sys
2007-10-06 01:11 694,784 ----a-w C:\Windows\System32\localspl.dll
2007-10-06 01:11 619,008 ----a-w C:\Windows\system32\drivers\dxgkrnl.sys
2007-10-06 01:11 61,952 ----a-w C:\Windows\system32\drivers\wanarp.sys
2007-10-06 01:11 52,736 ----a-w C:\Windows\System32\rasdiag.dll
2007-10-06 01:11 48,640 ----a-w C:\Windows\system32\drivers\ndproxy.sys
2007-10-06 01:11 384,000 ----a-w C:\Windows\System32\netcfgx.dll
2007-10-06 01:11 36,864 ----a-w C:\Windows\System32\cdd.dll
2007-10-06 01:11 33,280 ----a-w C:\Windows\System32\traffic.dll
2007-10-06 01:11 32,768 ----a-w C:\Windows\System32\rasmxs.dll
2007-10-06 01:11 286,208 ----a-w C:\Windows\System32\ipnathlp.dll
2007-10-06 01:11 22,016 ----a-w C:\Windows\System32\rasser.dll
2007-10-06 01:11 20,480 ----a-w C:\Windows\system32\drivers\ndistapi.sys
2007-10-06 01:11 15,360 ----a-w C:\Windows\System32\pacerprf.dll
2007-10-06 01:11 134,656 ----a-w C:\Windows\System32\dps.dll
2007-10-06 01:11 13,824 ----a-w C:\Windows\System32\wshqos.dll
2007-10-06 01:11 13,824 ----a-w C:\Windows\System32\icsunattend.exe
2007-10-06 01:03 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2007-10-06 01:03 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2007-10-06 01:03 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2007-10-06 01:03 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2007-10-06 00:58 88,576 ----a-w C:\Windows\System32\avifil32.dll
2007-10-06 00:58 82,944 ----a-w C:\Windows\System32\mciavi32.dll
2007-10-06 00:58 8,138,240 ----a-w C:\Windows\System32\ssBranded.scr
2007-10-06 00:58 712,192 ----a-w C:\Windows\System32\WindowsCodecs.dll
2007-10-06 00:58 69,632 ----a-w C:\Windows\System32\sendmail.dll
2007-10-06 00:58 65,024 ----a-w C:\Windows\System32\avicap32.dll
2007-10-06 00:58 31,232 ----a-w C:\Windows\System32\msvidc32.dll
2007-10-06 00:58 3,504,824 ----a-w C:\Windows\System32\ntkrnlpa.exe
2007-10-06 00:58 3,470,008 ----a-w C:\Windows\System32\ntoskrnl.exe
2007-10-06 00:58 123,904 ----a-w C:\Windows\System32\msvfw32.dll
2007-10-06 00:58 120,320 ----a-w C:\Windows\System32\dhcpcsvc6.dll
2007-10-06 00:58 12,800 ----a-w C:\Windows\System32\msrle32.dll
2007-10-06 00:58 10,240 ----a-w C:\Windows\System32\dhcpcmonitor.dll
2007-10-06 00:58 1,984,512 ----a-w C:\Windows\System32\authui.dll
2007-08-24 22:08 1,275,392 ----a-w C:\Windows\System32\msxml4.dll
2007-08-16 20:17 51,568 ----a-w C:\Windows\System32\sirenacm.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-10-05 21:08]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-05 09:22 C:\Windows\RtHDVCpl.exe]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2006-11-13 09:32]
"ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [2007-01-23 00:39]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-01-23 09:13]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-01-23 09:12]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2007-01-23 09:12]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-10-06 00:21]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 2007-02-13 19:19 98304 C:\Windows\System32\VESWinlogon.dll
S2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sVAIO_VEDB
S2 SQLWriter;SQL Server VSS Writer;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
S2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys
S3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys
S3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys
S3 MotDev;Motorola Inc. USB Device;C:\Windows\system32\DRIVERS\motodrv.sys
S3 motmodem;Motorola USB CDC ACM Driver;C:\Windows\system32\DRIVERS\motmodem.sys
S3 NETw3v32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw3v32.sys
S3 ti21sony;ti21sony;C:\Windows\system32\drivers\ti21sony.sys
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HTTP"
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
S3 WimFltr;WimFltr;C:\Windows\system32\DRIVERS\wimfltr.sys
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
*Newly Created Service* - ECACHE
.
Contents of the 'Scheduled Tasks' folder
"2007-10-13 17:23:28 C:\Windows\Tasks\Vaio Service Utility.job"
.
**************************************************************************
catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-13 17:02:13
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-10-13 17:02:41
.
--- E O F ---
ComboFix 07-10-13.3 - XuXu 2007-10-13 17:00:33.2 - NTFSx86 MINIMAL
Microsoftr Windows VistaT Home Premium 6.0.6000.0.1252.1.1033.18.735 [GMT -4:00]
Running from: C:\Users\XuXu\Desktop\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2007-09-13 to 2007-10-13 )))))))))))))))))))))))))))))))
.
2007-10-13 15:15 <DIR> d-------- C:\Users\XuXu\DoctorWeb
2007-10-13 14:19 <DIR> d-------- C:\Users\All Users\Grisoft
2007-10-13 14:19 <DIR> d-------- C:\ProgramData\Grisoft
2007-10-13 13:16 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\PeerNetworking
2007-10-12 23:27 <DIR> d-------- C:\Program Files\Neopets
2007-10-12 22:43 <DIR> d-------- C:\Users\XuXu\Hijackthis
2007-10-12 21:06 <DIR> d-------- C:\Users\All Users\SUPERAntiSpyware.com
2007-10-12 21:06 <DIR> d-------- C:\ProgramData\SUPERAntiSpyware.com
2007-10-12 21:05 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\SUPERAntiSpyware.com
2007-10-12 20:56 51,200 --a------ C:\Windows\NirCmd.exe
2007-10-12 20:03 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\Skype
2007-10-12 19:54 <DIR> d-------- C:\Program Files\Skype
2007-10-12 19:54 <DIR> d-------- C:\Program Files\Common Files\Skype
2007-10-12 19:53 <DIR> d-------- C:\Users\All Users\Skype
2007-10-12 19:53 <DIR> d-------- C:\ProgramData\Skype
2007-10-11 19:02 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\vlc
2007-10-11 17:20 <DIR> d-------- C:\Program Files\Trend Micro
2007-10-11 16:18 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\Azureus
2007-10-11 16:18 <DIR> d-------- C:\Users\All Users\Azureus
2007-10-11 16:18 <DIR> d-------- C:\ProgramData\Azureus
2007-10-11 15:22 <DIR> d-------- C:\Program Files\Network Stumbler
2007-10-11 15:16 <DIR> d-------- C:\Program Files\dvdSanta
2007-10-11 11:03 <DIR> dr------- C:\Windows\System32\config\systemprofile\Music
2007-10-10 23:34 <DIR> d-------- C:\Users\XuXu\Shared
2007-10-10 23:34 <DIR> d-------- C:\Users\XuXu\Incomplete
2007-10-10 23:33 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\LimeWire
2007-10-10 23:33 <DIR> d-------- C:\Users\All Users\eMule
2007-10-10 23:33 <DIR> d-------- C:\ProgramData\eMule
2007-10-10 23:03 <DIR> d-------- C:\Program Files\Zune
2007-10-10 00:57 8,147,968 --a------ C:\Windows\System32\wmploc.DLL
2007-10-10 00:57 356,864 --a------ C:\Windows\System32\MediaMetadataHandler.dll
2007-10-10 00:57 7,680 --a------ C:\Windows\System32\spwmp.dll
2007-10-10 00:57 4,096 --a------ C:\Windows\System32\dxmasf.dll
2007-10-10 00:54 788,992 --a------ C:\Windows\System32\rpcrt4.dll
2007-10-10 00:54 737,792 --a------ C:\Windows\System32\inetcomm.dll
2007-10-10 00:54 84,480 --a------ C:\Windows\System32\INETRES.dll
2007-10-10 00:29 <DIR> d-------- C:\Program Files\Notebook Hardware Control
2007-10-10 00:28 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\Syntrillium
2007-10-10 00:26 <DIR> d-------- C:\Program Files\coolpro2
2007-10-10 00:24 <DIR> d-------- C:\Program Files\VirtualDub
2007-10-10 00:07 <DIR> d-------- C:\Program Files\Azureus
2007-10-09 23:59 <DIR> d-------- C:\Program Files\IrfanView
2007-10-09 23:57 <DIR> d-------- C:\Program Files\LimeWire
2007-10-09 23:56 <DIR> d-------- C:\Users\All Users\DVD Shrink
2007-10-09 23:56 <DIR> d-------- C:\ProgramData\DVD Shrink
2007-10-09 23:56 <DIR> d-------- C:\Program Files\DVD Shrink
2007-10-09 23:55 <DIR> d-------- C:\Program Files\eMule
2007-10-09 20:51 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\Winamp
2007-10-09 20:51 <DIR> d-------- C:\Program Files\Winamp
2007-10-09 20:40 <DIR> d-------- C:\Program Files\VideoLAN
2007-10-09 20:28 <DIR> d-------- C:\Users\All Users\Spybot - Search & Destroy
2007-10-09 20:28 <DIR> d-------- C:\ProgramData\Spybot - Search & Destroy
2007-10-09 20:24 <DIR> d-------- C:\Program Files\Windows Live
2007-10-09 20:23 <DIR> d-------- C:\Users\All Users\WLInstaller
2007-10-09 20:23 <DIR> d-------- C:\ProgramData\WLInstaller
2007-10-09 19:21 <DIR> d-------- C:\Program Files\Motorola
2007-10-09 19:21 327,168 --a------ C:\Windows\IsUninst.exe
2007-10-09 19:18 <DIR> d-------- C:\Program Files\Common Files\Motorola Shared
2007-10-08 03:11 <DIR> d-------- C:\Users\All Users\Yahoo!
2007-10-08 03:11 <DIR> d-------- C:\ProgramData\Yahoo!
2007-10-07 17:45 <DIR> d-------- C:\Users\All Users\SonicStage
2007-10-07 17:45 <DIR> d-------- C:\ProgramData\SonicStage
2007-10-07 17:18 <DIR> d--h----- C:\TEMP
2007-10-07 13:56 <DIR> d-------- C:\Program Files\CCleaner
2007-10-06 12:51 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\Neopets Toolbar
2007-10-06 12:45 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\Yahoo!
2007-10-06 12:45 <DIR> d-------- C:\Users\All Users\Yahoo! Companion
2007-10-06 12:45 <DIR> d-------- C:\ProgramData\Yahoo! Companion
2007-10-06 12:44 <DIR> d-------- C:\Program Files\Yahoo!
2007-10-06 12:43 <DIR> d-------- C:\Windows\cache
2007-10-06 00:25 <DIR> d-------- C:\Users\XuXu\AppData\Roaming\acccore
2007-10-06 00:23 <DIR> d-------- C:\Users\All Users\Viewpoint
2007-10-06 00:23 <DIR> d-------- C:\ProgramData\Viewpoint
2007-10-06 00:23 <DIR> d-------- C:\Program Files\Viewpoint
2007-10-06 00:22 <DIR> d-------- C:\Users\All Users\AOL OCP
2007-10-06 00:22 <DIR> d-------- C:\Users\All Users\AOL
2007-10-06 00:22 <DIR> d-------- C:\ProgramData\AOL OCP
2007-10-06 00:22 <DIR> d-------- C:\ProgramData\AOL
2007-10-06 00:22 <DIR> d-------- C:\Program Files\AIM6
2007-10-06 00:21 512,096 --a------ C:\Windows\System32\drivers\amon.sys
2007-10-06 00:21 298,104 --a------ C:\Windows\System32\imon.dll
2007-10-06 00:21 15,424 --a------ C:\Windows\System32\drivers\nod32drv.sys
2007-10-05 23:48 <DIR> d-------- C:\Windows\Intuit
2007-10-05 23:38 <DIR> d-------- C:\Program Files\InterVideo
2007-10-05 23:37 2,297,552 --a------ C:\Windows\System32\d3dx9_26.dll
2007-10-05 23:29 <DIR> d-------- C:\Users\All Users\VAIO Media Platform
2007-10-05 23:29 <DIR> d-------- C:\ProgramData\VAIO Media Platform
2007-10-05 23:26 2,981,888 --a------ C:\Windows\System32\iplw7.dll
2007-10-05 23:26 2,973,696 --a------ C:\Windows\System32\ipla6.dll
2007-10-05 23:26 2,785,280 --a------ C:\Windows\System32\iplm6.dll
2007-10-05 23:26 2,686,976 --a------ C:\Windows\System32\iplm5.dll
2007-10-05 23:26 2,531,328 --a------ C:\Windows\System32\iplp6.dll
2007-10-05 23:26 2,502,656 --a------ C:\Windows\System32\iplpx.dll
2007-10-05 23:26 53,248 --a------ C:\Windows\System32\ipl.dll
2007-10-05 23:26 19,968 --a------ C:\Windows\System32\Cpuinf32.dll
2007-10-05 23:22 <DIR> d-------- C:\Windows\System32\Spiderman 3 dir
2007-10-05 23:21 770,048 --a------ C:\Windows\System32\CDDBUISony.dll
2007-10-05 23:21 655,360 --a------ C:\Windows\System32\CDDBControlSony.dll
2007-10-05 23:21 589,824 --a------ C:\Windows\System32\CddbMusicIDSony.dll
2007-10-05 23:21 532,480 --a------ C:\Windows\System32\CddbPlaylist2Sony.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-24 16:59 0 ---ha-w C:\Windows\system32\drivers\Msft_Kernel_Apfiltr_01001.Wdf
2008-02-24 16:59 --------- d-----w C:\Program Files\Apoint
2008-02-24 16:58 --------- d-----w C:\Program Files\CONEXANT
2007-10-12 23:30 0 ---ha-w C:\Windows\system32\drivers\Msft_Kernel_motmodem_01005.Wdf
2007-10-12 03:16 --------- d-----w C:\Program Files\Common Files\Adobe
2007-10-11 19:38 --------- d-----w C:\Program Files\Microsoft.NET
2007-10-11 19:37 --------- d-----w C:\Program Files\MSBuild
2007-10-11 18:29 --------- d-----w C:\Program Files\Java
2007-10-10 05:02 --------- d-----w C:\Program Files\Windows Mail
2007-10-10 04:55 56,320 ----a-w C:\Windows\System32\iesetup.dll
2007-10-10 04:55 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2007-10-10 04:55 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2007-10-07 21:45 --------- d-----w C:\ProgramData\Sony Corporation
2007-10-06 03:58 0 ---ha-r C:\Windows\system32\drivers\Sony_VGN-N395E.mrk
2007-10-06 03:50 --------- d-----w C:\Program Files\Sony
2007-10-06 03:45 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-06 03:45 --------- d-----w C:\ProgramData\Napster
2007-10-06 03:28 --------- d-----w C:\Program Files\Common Files\Sony Shared
2007-10-06 03:19 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-10-06 01:41 --------- d-----w C:\Program Files\Microsoft SQL Server
2007-10-06 01:20 174 --sha-w C:\Program Files\desktop.ini
2007-10-06 01:15 --------- d-----w C:\Program Files\Windows Defender
2007-10-06 01:15 --------- d-----w C:\Program Files\Windows Calendar
2007-10-06 01:11 8,192 ----a-w C:\Windows\System32\riched32.dll
2007-10-06 01:11 77,824 ----a-w C:\Windows\System32\rascfg.dll
2007-10-06 01:11 70,144 ----a-w C:\Windows\system32\drivers\pacer.sys
2007-10-06 01:11 694,784 ----a-w C:\Windows\System32\localspl.dll
2007-10-06 01:11 619,008 ----a-w C:\Windows\system32\drivers\dxgkrnl.sys
2007-10-06 01:11 61,952 ----a-w C:\Windows\system32\drivers\wanarp.sys
2007-10-06 01:11 52,736 ----a-w C:\Windows\System32\rasdiag.dll
2007-10-06 01:11 48,640 ----a-w C:\Windows\system32\drivers\ndproxy.sys
2007-10-06 01:11 384,000 ----a-w C:\Windows\System32\netcfgx.dll
2007-10-06 01:11 36,864 ----a-w C:\Windows\System32\cdd.dll
2007-10-06 01:11 33,280 ----a-w C:\Windows\System32\traffic.dll
2007-10-06 01:11 32,768 ----a-w C:\Windows\System32\rasmxs.dll
2007-10-06 01:11 286,208 ----a-w C:\Windows\System32\ipnathlp.dll
2007-10-06 01:11 22,016 ----a-w C:\Windows\System32\rasser.dll
2007-10-06 01:11 20,480 ----a-w C:\Windows\system32\drivers\ndistapi.sys
2007-10-06 01:11 15,360 ----a-w C:\Windows\System32\pacerprf.dll
2007-10-06 01:11 134,656 ----a-w C:\Windows\System32\dps.dll
2007-10-06 01:11 13,824 ----a-w C:\Windows\System32\wshqos.dll
2007-10-06 01:11 13,824 ----a-w C:\Windows\System32\icsunattend.exe
2007-10-06 01:03 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2007-10-06 01:03 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2007-10-06 01:03 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2007-10-06 01:03 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2007-10-06 00:58 88,576 ----a-w C:\Windows\System32\avifil32.dll
2007-10-06 00:58 82,944 ----a-w C:\Windows\System32\mciavi32.dll
2007-10-06 00:58 8,138,240 ----a-w C:\Windows\System32\ssBranded.scr
2007-10-06 00:58 712,192 ----a-w C:\Windows\System32\WindowsCodecs.dll
2007-10-06 00:58 69,632 ----a-w C:\Windows\System32\sendmail.dll
2007-10-06 00:58 65,024 ----a-w C:\Windows\System32\avicap32.dll
2007-10-06 00:58 31,232 ----a-w C:\Windows\System32\msvidc32.dll
2007-10-06 00:58 3,504,824 ----a-w C:\Windows\System32\ntkrnlpa.exe
2007-10-06 00:58 3,470,008 ----a-w C:\Windows\System32\ntoskrnl.exe
2007-10-06 00:58 123,904 ----a-w C:\Windows\System32\msvfw32.dll
2007-10-06 00:58 120,320 ----a-w C:\Windows\System32\dhcpcsvc6.dll
2007-10-06 00:58 12,800 ----a-w C:\Windows\System32\msrle32.dll
2007-10-06 00:58 10,240 ----a-w C:\Windows\System32\dhcpcmonitor.dll
2007-10-06 00:58 1,984,512 ----a-w C:\Windows\System32\authui.dll
2007-08-24 22:08 1,275,392 ----a-w C:\Windows\System32\msxml4.dll
2007-08-16 20:17 51,568 ----a-w C:\Windows\System32\sirenacm.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-10-05 21:08]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-05 09:22 C:\Windows\RtHDVCpl.exe]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2006-11-13 09:32]
"ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [2007-01-23 00:39]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-01-23 09:13]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-01-23 09:12]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2007-01-23 09:12]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-10-06 00:21]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 2007-02-13 19:19 98304 C:\Windows\System32\VESWinlogon.dll
S2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sVAIO_VEDB
S2 SQLWriter;SQL Server VSS Writer;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
S2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys
S3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys
S3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys
S3 MotDev;Motorola Inc. USB Device;C:\Windows\system32\DRIVERS\motodrv.sys
S3 motmodem;Motorola USB CDC ACM Driver;C:\Windows\system32\DRIVERS\motmodem.sys
S3 NETw3v32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw3v32.sys
S3 ti21sony;ti21sony;C:\Windows\system32\drivers\ti21sony.sys
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HTTP"
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
S3 WimFltr;WimFltr;C:\Windows\system32\DRIVERS\wimfltr.sys
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
*Newly Created Service* - ECACHE
.
Contents of the 'Scheduled Tasks' folder
"2007-10-13 17:23:28 C:\Windows\Tasks\Vaio Service Utility.job"
.
**************************************************************************
catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-13 17:02:13
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-10-13 17:02:41
.
--- E O F ---
Hello,
Well doing that made my job harder. :( Could you please post a new HijackThis log? Also, I see some of the things you ran, but could you please tell me what all you ran so I have an idea of what you've done?
Thanks,
tea
Well doing that made my job harder. :( Could you please post a new HijackThis log? Also, I see some of the things you ran, but could you please tell me what all you ran so I have an idea of what you've done?
Thanks,
tea
Sorry, but like I mentioned, this started a few days ago, and only until I posted on this site, did I get a response. I posted on those other sites and would watch other people post after me and get their topics answered and mine would just be skipped over and over without any response at all....You kind of get desperate ;) Umm if i'm not mistaken, I ran Combofix, SuperAntiSpyware, Kaspersky online scanner, Dr. Web CureIT....thats all I could remember....Here is the HJT log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:09:15 PM, on 10/14/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\ESET\nod32kui.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\AOL\1192400779\ee\aolsoftware.exe
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: 69.253.151.209 idenupdate.motorola.com
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Neopets - {CD292324-974F-4224-D074-CACA427AA030} - C:\PROGRA~1\Neopets\Toolbar\Toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Neopets - {CD292324-974F-4224-D074-CACA427AA030} - C:\PROGRA~1\Neopets\Toolbar\Toolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1192400779\ee\AOLSoftware.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0\AOL.EXE" -b
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 7259 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:09:15 PM, on 10/14/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\ESET\nod32kui.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\AOL\1192400779\ee\aolsoftware.exe
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: 69.253.151.209 idenupdate.motorola.com
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Neopets - {CD292324-974F-4224-D074-CACA427AA030} - C:\PROGRA~1\Neopets\Toolbar\Toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Neopets - {CD292324-974F-4224-D074-CACA427AA030} - C:\PROGRA~1\Neopets\Toolbar\Toolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1192400779\ee\AOLSoftware.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0\AOL.EXE" -b
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 7259 bytes
Hello,
Well, there is nothing bad whatsoever in that log. If everything else is coming up clean, then I would say you did a pretty good job cleaning it. :)
Regards,
tea
Well, there is nothing bad whatsoever in that log. If everything else is coming up clean, then I would say you did a pretty good job cleaning it. :)
Regards,
tea
Once again, sorry. Thank you for your help. At least now I know where to come next time I have a problem. Thanx again 
No reason to be sorry....and you're welcome.
tea
tea
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.