Computer ForumsComputers  

Go Back   Computer Forums > The World Wide Web > Virus - Spyware Protection / Detection
ComboFix Log ComboFix Log
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
Old 04-30-2008, 01:53 AM   #1 (permalink)
Newb Techie
 
Join Date: Aug 2006
Posts: 46
Default ComboFix Log
I got a suspicious message from someone on IM and me being stupid clicked it. and i found out later that the link could be linked to a spam or virus website. my friends told me to run ComboFix and display a log on a forum like this, so here it is. I dont know for sure if i have something on my pc, but i want to make sure.
Attached Files
File Type: txt ComboFix.txt (9.3 KB, 31 views)
jasonhtml is offline   Reply With Quote
Old 04-30-2008, 05:02 AM   #2 (permalink)
Techalicious
 
Redmo0n's Avatar
 
Join Date: Aug 2007
Location: Perth, Australia
Posts: 1,570
Send a message via MSN to Redmo0n
Default Re: ComboFix Log
Post a Hijackthis log
__________________
I gorge off your kudos.

My NEW hero - http://www.incrediblecures.com/ IMMORTALITY!!!!
Redmo0n is offline   Reply With Quote
Old 04-30-2008, 09:39 AM   #3 (permalink)
Newb Techie
 
Join Date: Aug 2006
Posts: 46
Default Re: ComboFix Log
i thought hijackthis and combofix were very similar? whats wrong with this log?
jasonhtml is offline   Reply With Quote
Old 04-30-2008, 09:44 AM   #4 (permalink)
Security/Hacking Mod
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: USA
Posts: 25,860
Default Re: ComboFix Log
They are somewhat but we need hijackthis so we can tell you what entries to remove
__________________

www.MasterB365.com
www.Tech-Dump.com


"On 10-3-08 Obama Supporters Vandalized-Tresspassed and STOLE My Palin-McCain Sign Violating My First Amendment Right To Free Speech. Do It Again And You Will Find Out What The 2nd Amendment Is All ABOUT!"
Osiris is offline   Reply With Quote
Old 04-30-2008, 07:30 PM   #5 (permalink)
Newb Techie
 
Join Date: Aug 2006
Posts: 46
Default Re: ComboFix Log
ok, here is my hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:24:11 PM, on 4/30/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\WLTRYSVC.EXE
D:\WINDOWS\System32\bcmwltry.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\Tablet.exe
D:\Program Files\Wireless-N PCI Adapter\WLService.exe
D:\Program Files\Wireless-N PCI Adapter\WMP300N.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\WTablet\TabUserW.exe
D:\WINDOWS\system32\Tablet.exe
D:\WINDOWS\system32\WLTRAY.exe
D:\Program Files\Microsoft IntelliPoint\point32.exe
D:\WINDOWS\RTHDCPL.EXE
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\Google\Google Updater\GoogleUpdater.exe
D:\WINDOWS\ALCFDRTM.EXE
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
D:\Program Files\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\s wg.dll
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] D:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [IntelliPoint] "D:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Google Updater.lnk = D:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Start 3DxWare.lnk = D:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare\3dxsrv.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1305255E-BB5D-41CE-83E4-8C29F1E22C1A}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1305255E-BB5D-41CE-83E4-8C29F1E22C1A}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{1305255E-BB5D-41CE-83E4-8C29F1E22C1A}: NameServer = 192.168.1.1
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TabletService - Wacom Technology, Corp. - D:\WINDOWS\system32\Tablet.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - D:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: WMP300NSvc - GEMTEKS - D:\Program Files\Wireless-N PCI Adapter\WLService.exe

--
End of file - 6352 bytes


nothing looks that suspicious to me (but i've never used hijackthis before). so, maybe im clean?
jasonhtml is offline   Reply With Quote
Old 04-30-2008, 07:52 PM   #6 (permalink)
Security/Hacking Mod
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: USA
Posts: 25,860
Default Re: ComboFix Log
Looks good
__________________

www.MasterB365.com
www.Tech-Dump.com


"On 10-3-08 Obama Supporters Vandalized-Tresspassed and STOLE My Palin-McCain Sign Violating My First Amendment Right To Free Speech. Do It Again And You Will Find Out What The 2nd Amendment Is All ABOUT!"
Osiris is offline   Reply With Quote
Old 04-30-2008, 08:30 PM   #7 (permalink)
Newb Techie
 
Join Date: Aug 2006
Posts: 46
Default Re: ComboFix Log
thanks for looking it over so quickly
jasonhtml is offline   Reply With Quote
Reply

« Bad image error Possible virus? | Interesting virus. »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
HijackThis log file oobern HijackThis Logs (finished) 13 03-03-2008 09:20 PM
HJT Log Preacher HijackThis Logs (finished) 9 12-15-2007 03:32 PM
New Log enigm@tic HijackThis Logs (finished) 4 12-13-2007 08:45 PM
WoW Keylogger Maybe? Check my Log Please stuaz HijackThis Logs (finished) 11 10-04-2007 12:36 PM
Hijackthis log jtemple HijackThis Logs (finished) 1 09-20-2007 08:49 AM


All times are GMT -5. The time now is 11:18 PM.

Contact Us - Computer Technology Forums - Archive - Top

Powered by vBulletin® Version 3.7.1
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.1.0

Contact Management Software and AAOutlook