the scan is complete and i think it worked...
there are some errors that ocurred...
after combofix did his job greatly he got restarted, and at the login of windows it got me a error.
now when it is in windows i don`t have any start bar.
was kinda hard to get programs whit task manager, a the task manager works again.
anyway here is the log
ComboFix 08-02-25.3 - muistu 2008-02-26 19:11:06.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.771 [GMT 2:00]
Running from: C:\Documents and Settings\muistu.OPE\desktop\combofix.exe
Command switches used :: /killall
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\cftmon.exe
C:\Program Files\3721
C:\Program Files\3721\assist\asbar.dll
C:\Program Files\3721\helper.dll
C:\Program Files\Accoona
C:\Program Files\Accoona\ASearchAssist.dll
C:\Program Files\akl
C:\Program Files\akl\akl.dll
C:\Program Files\akl\akl.exe
C:\Program Files\akl\curlog.htm
C:\Program Files\akl\keylog.txt
C:\Program Files\akl\readme.txt
C:\Program Files\akl\uninstall.exe
C:\Program Files\akl\unsetup.dat
C:\Program Files\akl\unsetup.exe
C:\Program Files\amsys
C:\Program Files\amsys\awmsg.dat
C:\Program Files\amsys\guid.dat
C:\Program Files\amsys\ijl15.dll
C:\Program Files\amsys\mfc42.dll
C:\Program Files\amsys\msvcrt.dll
C:\Program Files\amsys\unins000.dat
C:\Program Files\amsys\unis000.exe
C:\Program Files\amsys\winam.dat
C:\Program Files\e-zshopper
C:\Program Files\e-zshopper\BarLcher.dll
C:\Program Files\p2pnetworks
C:\Program Files\p2pnetworks\amp2pl.exe
C:\WINDOWS\764.exe
C:\WINDOWS\7search.dll
C:\WINDOWS\absolute key logger.lnk
C:\WINDOWS\aconti.exe
C:\WINDOWS\aconti.ini
C:\WINDOWS\aconti.log
C:\WINDOWS\aconti.sdb
C:\WINDOWS\acontidialer.txt
C:\WINDOWS\adbar.dll
C:\WINDOWS\cbinst$.exe
C:\WINDOWS\daxtime.dll
C:\WINDOWS\default.htm
C:\WINDOWS\dp0.dll
C:\WINDOWS\eventlowg.dll
C:\WINDOWS\fhfmm-Uninstaller.exe
C:\WINDOWS\fhfmm.exe
C:\WINDOWS\flt.dll
C:\WINDOWS\hcwprn.exe
C:\WINDOWS\hotporn.exe
C:\WINDOWS\ie_32.exe
C:\WINDOWS\iexplorr23.dll
C:\WINDOWS\jd2002.dll
C:\WINDOWS\kkcomp$.exe
C:\WINDOWS\kkcomp.dll
C:\WINDOWS\kkcomp.exe
C:\WINDOWS\kvnab$.exe
C:\WINDOWS\kvnab.dll
C:\WINDOWS\kvnab.exe
C:\WINDOWS\liqad$.exe
C:\WINDOWS\liqad.dll
C:\WINDOWS\liqad.exe
C:\WINDOWS\liqui-Uninstaller.exe
C:\WINDOWS\liqui.dll
C:\WINDOWS\liqui.exe
C:\WINDOWS\ngd.dll
C:\WINDOWS\pbar.dll
C:\WINDOWS\pbsysie.dll
C:\WINDOWS\settn.dll
C:\WINDOWS\spredirect.dll
C:\WINDOWS\system32\ace16win.dll
C:\WINDOWS\system32\acespy
C:\WINDOWS\system32\acespy\__acelog.ndx
C:\WINDOWS\system32\acespy\systune.exe
C:\WINDOWS\system32\ESHOPEE.exe
C:\WINDOWS\system32\msole32.exe
C:\WINDOWS\system32\vxddsk.exe
C:\WINDOWS\system32\wml.exe
C:\WINDOWS\system32\wsnpoem
C:\WINDOWS\vxddsk.exe
C:\WINDOWS\wbeCheck.exe
C:\WINDOWS\wbeInst$.exe
C:\WINDOWS\wml.exe
C:\WINDOWS\xadbrk.dll
C:\WINDOWS\xadbrk.exe
C:\WINDOWS\xadbrk_.exe
C:\WINDOWS\xxxvideo.exe
.
((((((((((((((((((((((((( Files Created from 2008-01-26 to 2008-02-26 )))))))))))))))))))))))))))))))
.
2008-02-26 01:05 . 2008-02-26 01:05 <DIR> d-------- C:\Program Files\Trend Micro
2008-02-26 01:02 . 2008-02-26 01:02 <DIR> d-------- C:\Deckard
2008-02-26 00:53 . 2008-02-26 01:06 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2008-02-26 00:53 . 2008-02-26 00:55 30,590 --a------ C:\WINDOWS\system32\pavas.ico
2008-02-26 00:53 . 2008-02-26 00:55 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico
2008-02-26 00:53 . 2008-02-26 00:55 1,406 --a------ C:\WINDOWS\system32\Help.ico
2008-02-25 20:55 . 2008-02-25 20:56 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2008-02-25 20:24 . 2008-02-25 20:24 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-02-25 17:59 . 2008-02-25 17:59 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\SITEguard
2008-02-25 17:53 . 2008-02-25 17:53 <DIR> d-------- C:\Program Files\Common Files\iS3
2008-02-25 17:53 . 2008-02-25 20:54 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\STOPzilla!
2008-02-25 17:27 . 2008-02-25 17:27 89,107 --a------ C:\WINDOWS\system32\mgmrwmrv.exe
2008-02-25 17:27 . 2008-02-25 17:27 4 --a------ C:\WINDOWS\system32\winfrun32.bin
2008-02-23 23:43 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-02-23 23:38 . 2008-02-24 11:07 <DIR> d-------- C:\Program Files\DNA
2008-02-23 23:38 . 2008-02-24 10:49 <DIR> d-------- C:\Documents and Settings\muistu.OPE\Application Data\DNA
2008-02-23 23:38 . 2008-02-23 23:38 <DIR> d-------- C:\Documents and Settings\muistu.OPE\Application Data\BitTorrent
2008-02-23 23:27 . 2008-02-23 23:27 1,158 --a------ C:\WINDOWS\mozver.dat
2008-02-23 20:27 . 2008-02-23 20:27 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-20 11:07 . 2008-02-20 11:50 23 --a------ C:\WINDOWS\popcinfot.dat
2008-02-18 20:23 . 2008-02-18 20:23 278,984 --a------ C:\WINDOWS\system32\drivers\atksgt.sys
2008-02-18 20:23 . 2008-02-18 20:23 25,416 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys
2008-02-14 21:05 . 2008-02-14 21:05 <DIR> d-------- C:\Program Files\Unity
2008-02-13 18:05 . 2008-02-13 18:05 0 --a------ C:\WINDOWS\PowerReg.dat
2008-02-13 02:15 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2008-02-13 02:07 . 2008-02-13 02:07 <DIR> dr-h----- C:\MSOCache
2008-02-13 02:07 . 2008-02-25 18:05 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
2008-02-12 20:10 . 2008-02-12 20:10 <DIR> d-------- C:\Documents and Settings\muistu.OPE\Application Data\DAEMON Tools
2008-02-12 20:08 . 2008-02-12 20:08 716,272 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-02-07 21:29 . 2008-02-07 21:29 <DIR> d---s---- C:\Documents and Settings\muistu.OPE\UserData
2008-02-07 18:06 . 2008-02-25 21:22 <DIR> d-------- C:\Program Files\uTorrent
2008-02-07 18:06 . 2008-02-26 07:45 <DIR> d-------- C:\Documents and Settings\muistu.OPE\Application Data\uTorrent
2008-02-07 17:11 . 2008-02-07 17:11 <DIR> d-------- C:\Documents and Settings\muistu.OPE\Application Data\Yahoo!
2008-02-07 17:11 . 2008-02-07 17:11 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion
2008-02-07 17:09 . 2008-02-07 17:09 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo!
2008-02-07 06:26 . 2005-09-14 11:24 179,200 -ra------ C:\WINDOWS\system32\drivers\e1e5132.sys
2008-02-07 06:26 . 2005-07-06 10:12 163,840 -ra------ C:\WINDOWS\system32\e1000msg.dll
2008-02-07 06:26 . 2005-06-15 07:27 126,976 -ra------ C:\WINDOWS\system32\Prounstl.exe
2008-02-07 06:26 . 2005-05-19 01:28 21,504 -ra------ C:\WINDOWS\system32\NicIn32.dll
2008-02-07 06:26 . 2005-06-14 16:08 20,480 -ra------ C:\WINDOWS\system32\NicCo32.dll
2008-02-07 06:26 . 2005-06-23 04:59 17,408 -ra------ C:\WINDOWS\system32\EtCo32.dll
2008-02-07 06:26 . 2005-07-13 11:06 2,790 -ra------ C:\WINDOWS\system32\e1e5132.din
2008-02-07 06:26 . 2003-11-03 11:15 1,902 --------- C:\WINDOWS\system32\SetupBD.din
2008-02-07 06:25 . 2008-02-07 06:25 940,794 --a------ C:\WINDOWS\system32\LoopyMusic.wav
2008-02-07 06:25 . 2008-02-07 06:25 146,650 --a------ C:\WINDOWS\system32\BuzzingBee.wav
2008-02-07 06:25 . 2004-08-04 09:15 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2008-02-07 06:25 . 2004-08-04 09:15 82,944 --a--c--- C:\WINDOWS\system32\dllcache\wdmaud.sys
2008-02-07 06:25 . 2004-08-04 09:07 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2008-02-07 06:25 . 2004-08-04 09:07 6,400 --a--c--- C:\WINDOWS\system32\dllcache\splitter.sys
2008-02-07 06:24 . 2004-08-04 09:07 171,776 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2008-02-07 06:24 . 2004-08-04 08:39 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2008-02-07 06:24 . 2004-08-04 09:15 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2008-02-07 06:24 . 2001-08-18 00:00 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2008-02-07 06:24 . 2004-08-04 09:07 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2008-02-07 06:24 . 2004-08-04 09:07 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2008-02-07 06:22 . 2004-11-18 20:42 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-02-07 06:21 . 2005-04-16 16:20 487,424 -r------- C:\WINDOWS\RtlExUpd.dll
2008-02-07 06:16 . 2008-02-07 06:26 17,414 --a------ C:\WINDOWS\Ascd_tmp.ini
2008-02-07 06:16 . 2004-04-27 16:26 5,824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2008-02-07 06:16 . 2004-08-13 12:56 5,810 -ra------ C:\WINDOWS\system32\drivers\ASACPI.sys
2008-02-07 06:07 . 2008-02-07 06:07 15,781 --a------ C:\WINDOWS\system32\drivers\mdc8021x.sys
2008-02-07 06:04 . 2007-04-13 09:44 356,352 --a------ C:\WINDOWS\system32\nvudisp.exe
2008-02-07 06:04 . 2007-04-13 09:44 115,830 --a------ C:\WINDOWS\system32\nvapps.xml
2008-02-07 06:04 . 2007-04-13 09:44 17,177 --a------ C:\WINDOWS\system32\nvdisp.nvu
2008-02-07 05:49 . 2008-02-07 05:49 8,192 --a------ C:\WINDOWS\REGLOCS.OLD
2008-02-07 05:47 . 2001-08-23 14:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-02-07 05:46 . 2004-08-03 23:56 2,134,528 --a--c--- C:\WINDOWS\system32\dllcache\smtpsnap.dll
2008-02-07 05:45 . 2008-02-07 05:45 <DIR> d--hs---- C:\Documents and Settings\All Users.WINDOWS\DRM
2008-02-07 05:45 . 2008-02-07 05:45 316,640 --a------ C:\WINDOWS\WMSysPr9.prx
2008-02-07 05:45 . 2008-02-07 05:45 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb
2008-02-07 05:45 . 2008-02-07 05:45 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb
2008-02-07 05:43 . 2004-08-03 23:56 1,352,192 --a--c--- C:\WINDOWS\system32\dllcache\cimwin32.dll
2008-02-06 21:36 . 2004-08-04 00:59 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2008-02-06 21:36 . 2001-08-17 15:59 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2008-02-06 21:35 . 2004-08-04 10:56 74,240 --a------ C:\WINDOWS\system32\usbui.dll
2008-02-06 21:35 . 2004-08-04 10:56 74,240 --a--c--- C:\WINDOWS\system32\dllcache\usbui.dll
2008-02-06 21:33 . 2008-02-07 05:44 <DIR> dr------- C:\Documents and Settings\All Users.WINDOWS\Documents
2008-02-06 21:32 . 2004-08-04 00:58 2,012,670 --a--c--- C:\WINDOWS\system32\dllcache\NT5.CAT
2008-02-06 21:30 . 2008-02-07 05:48 642 --a------ C:\WINDOWS\system32\$winnt$.inf
2008-02-06 21:13 . 2008-02-06 21:13 <DIR> d-------- C:\Documents and Settings\muistu.OPE\Application Data\vlc
2008-02-06 20:29 . 2005-10-28 10:11 27,648 -ra------ C:\WINDOWS\system32\drivers\iteatapi.sys
2008-02-06 20:28 . 2008-02-06 20:28 <DIR> d-------- C:\Documents and Settings\muistu~OPE\LOCALS~1
2008-02-06 19:21 . 2001-08-23 14:00 13,107,200 --a------ C:\WINDOWS\system32\oembios.bin
2008-02-06 19:20 . 2004-08-03 23:56 2,067,968 --a--c--- C:\WINDOWS\system32\dllcache\cdosys.dll
2008-02-06 17:51 . 2008-02-06 17:51 <DIR> d-------- C:\WINDOWS\system32\WinFox
2008-02-05 20:07 . 2008-02-05 20:07 <DIR> d-------- C:\Program Files\Creative
2008-02-05 19:52 . 2008-02-05 19:52 <DIR> d-------- C:\Program Files\SystemRequirementsLab
2008-01-27 02:05 . 2008-01-27 02:20 <DIR> d-------- C:\Documents and Settings\muistu\Application Data\mIRC
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-25 18:53 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-02-24 09:06 --------- d-----w C:\Program Files\BFG
2008-02-23 21:43 --------- d-----w C:\Program Files\Java
2008-02-19 01:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-13 00:13 --------- d-----w C:\Program Files\Microsoft Works
2008-02-12 18:16 12,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2008-02-07 15:09 --------- d-----w C:\Program Files\Yahoo!
2008-02-06 18:31 --------- d-----w C:\Program Files\ASUS
2008-02-06 15:51 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-06 15:48 --------- d-----w C:\Documents and Settings\muistu\Application Data\BitTorrent
2008-01-23 19:38 --------- d-----w C:\Program Files\QuickTime
2008-01-23 02:17 --------- d-----w C:\Program Files\Google
2008-01-16 16:48 --------- d-----w C:\Program Files\Common Files\ButterflyVista
2008-01-15 16:55 --------- d-----w C:\Documents and Settings\muistu\Application Data\teamspeak2
2008-01-14 17:04 --------- d-----w C:\Documents and Settings\muistu\Application Data\Babylon
2008-01-08 04:28 --------- d-----w C:\Documents and Settings\muistu\Application Data\InstallShield Installation Information
2008-01-05 04:53 --------- d-----w C:\Documents and Settings\muistu\Application Data\CoreFTP
2007-12-29 23:08 --------- d-----w C:\Documents and Settings\muistu\Application Data\Apple Computer
2007-12-28 02:49 --------- d-----w C:\Program Files\MSECache
2007-12-27 22:15 --------- d-----w C:\Program Files\Apple Software Update
2007-12-27 14:44 --------- d-----w C:\Documents and Settings\muistu\Application Data\DivX
2007-12-27 04:45 --------- d-----w C:\Program Files\Webteh
2007-12-27 01:01 --------- d-----w C:\Documents and Settings\muistu\Application Data\WordWeb
2007-12-26 15:58 --------- d-----w C:\Documents and Settings\muistu\Application Data\InstallShield
2007-12-26 00:44 --------- d-----w C:\Program Files\AGEIA Technologies
2007-12-14 09:32 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="D:\Program Files\Steam\Steam.exe" [2008-02-06 20:39 1266936]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-08-30 17:43 4670704]
"DAEMON Tools Lite"="D:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-01-17 18:51 486856]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 01:06 1667584]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 15360]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2006-10-26 19:48 434528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2007-04-13 09:44 1626112 C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-04 11:44 16120832 C:\WINDOWS\RTHDCPL.exe]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-13 09:44 8429568]
"avast!"="d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 15:00 79224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-08-04 01:06 1667584 C:\Program Files\Messenger\msmsgs.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"D:\\Program Files\\Steam\\steamapps\\opemuistul\\team fortress 2\\hl2.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\DNA\\btdna.exe"=
"d:\\Program Files\\BitTorrent\\bittorrent.exe"=
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-02-26 19:14:12
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
d:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\nvsvc32.exe
d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2008-02-26 19:15:44 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-26 17:15:41