Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 


Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > HijackThis Log Help (Inactive)
Reload this Page PC Defender part II
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read


 
 
LinkBack Thread Tools
Old 06-18-2009, 04:04 AM   #1 (permalink)
Registered User
 
Join Date: Jun 2009
Posts: 2
OS: xp


PC Defender part II
First of all sincere apologies for not being able to visit my thread until today.

I have followed the instruction you left Chemist - many thanks - I ran Combo-Fix twice but it couldn't seem to download the console - it ran anyway and here's the log-

ComboFix 09-06-17.02 - User 18/06/2009 10:48.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.741 [GMT 1:00]
Running from: c:\documents and settings\User\Desktop\Combo-Fix.exe
AV: PCguard Anti-Virus *On-access scanning disabled* (Updated) {5B5A3BD7-8573-4672-AEA8-C9BB713B6755}
FW: PCguard Firewall *enabled* {80593BF4-D969-4EC5-ADAE-A22F2DFC7A22}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\User\Application Data\pcdefender.exe
c:\documents and settings\User\Desktop\STOPzilla_Setup.exe
c:\windows\system32\UACqgejbapp.dat
c:\windows\system32\UACuuaspbde.log
c:\documents and settings\User\Application Data\pcdefender.exe
c:\documents and settings\User\Desktop\WinPC Defender.LNK
c:\documents and settings\User\Start Menu\WinPC Defender.LNK
c:\windows\IE4 Error Log.txt
c:\windows\system32\drivers\UACbodliyde.sys
c:\windows\system32\drivers\UAClgxnpxbwupvbotv.sys
c:\windows\system32\UACbhgxylnomwsjpgb.log
c:\windows\system32\UACedxeohuivcrffef.log
c:\windows\system32\UACgqoyxjlqyrhkxev.dll
c:\windows\system32\uacinit.dll
c:\windows\system32\UACjhyrbrjumcltdvv.log
c:\windows\system32\UACjydwvagpllhlwmr.dll
c:\windows\system32\UACrjbappexcpjbakt.dll
c:\windows\system32\UACtosysfowdhwhugg.dll
c:\windows\system32\UACtuisvphmnmdctni.dll
c:\windows\system32\UACygvmurnigucdoyl.dat

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_UACd.sys


((((((((((((((((((((((((( Files Created from 2009-05-18 to 2009-06-18 )))))))))))))))))))))))))))))))
.

2009-06-10 12:10 . 2009-06-10 12:10 -------- d-----w- c:\program files\Trend Micro
2009-05-29 18:32 . 2009-05-29 18:32 -------- d-----w- c:\program files\Loaris Trojan Remover
2009-05-29 17:34 . 2009-06-18 09:31 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-05-27 11:08 . 2009-05-27 11:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Hazard Perception Training
2009-05-27 11:05 . 2009-05-27 11:05 -------- d-----w- C:\FastTrak
2009-05-27 11:03 . 1998-02-06 20:37 299520 ----a-w- c:\windows\uninst.exe
2009-05-27 11:02 . 2009-05-27 11:02 -------- d-----w- c:\documents and settings\User\WINDOWS
2009-05-27 10:59 . 2009-05-27 11:00 -------- d-----w- c:\program files\Hazard Perception 2003-2004
2009-05-27 07:22 . 2009-05-27 07:22 -------- d-----w- c:\program files\TachographSimulator
2009-05-19 11:20 . 2009-05-19 11:20 -------- d-----w- c:\documents and settings\User\Application Data\TSO
2009-05-19 11:06 . 2009-05-19 11:06 -------- d-----w- c:\program files\DSA LGV & PCV Theory Test
2009-05-19 11:02 . 2009-05-19 11:02 -------- d-----w- c:\program files\PowerISO
2009-05-19 11:01 . 2009-05-19 11:01 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\WinZip
2009-05-19 11:00 . 2009-05-19 11:01 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-18 09:35 . 2009-03-31 11:24 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-06-18 09:35 . 2009-03-31 11:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-06-03 13:05 . 2009-04-20 12:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Driving Test Success
2009-06-03 13:00 . 2009-04-20 12:47 -------- d-----w- c:\program files\Driving Test Success - All Tests (2008-2009)
2009-05-28 16:06 . 2009-05-28 16:05 0 ----a-w- c:\documents and settings\User\Application Data\~ygw.tmp
2009-05-21 17:36 . 2009-03-28 19:56 -------- d-----w- c:\program files\Google
2009-05-19 11:10 . 2009-03-16 21:07 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-15 16:47 . 2009-05-15 16:47 -------- d-----w- c:\program files\ROUTE66
2009-05-15 10:18 . 2009-05-15 10:18 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-05-15 10:18 . 2009-03-16 21:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-05-15 10:17 . 2009-05-15 10:17 -------- d-----w- c:\program files\MSXML 4.0
2009-05-07 15:32 . 2008-04-14 12:00 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-29 04:46 . 2008-04-14 12:00 666624 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:46 . 2008-04-14 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-04-26 14:19 . 2009-03-27 16:12 -------- d-----w- c:\program files\Common Files\Scanner
2009-04-20 12:50 . 2009-04-20 12:50 -------- d-----w- c:\program files\Windows Media Connect 2
2009-04-17 12:26 . 2008-04-14 12:00 1847168 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:51 . 2008-04-14 12:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-01 13:19 . 2009-03-16 20:32 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-03-30 20:59 . 2009-03-30 20:59 0 ----a-w- c:\documents and settings\User\Application Data\~eu37.tmp
2009-03-27 16:47 . 2009-03-27 16:13 53192 ----a-w- c:\windows\system32\drivers\rp_skt32.sys
2009-03-24 11:39 . 2009-03-24 11:39 1915520 ----a-w- c:\documents and settings\User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-03-20 14:45 . 2009-03-20 14:36 57 ----a-w- c:\documents and settings\All Users\Application Data\Brother\BrLog\BrCollectDir\BR_cat.bat
2009-03-20 14:40 . 2009-03-20 14:40 50 ----a-w- c:\windows\system32\bridf06a.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Loaris Trojan Remover"="c:\program files\Loaris Trojan Remover\TrojanRemover.exe" [2009-05-29 3135488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2008-04-21 197904]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2006-06-28 622592]
"SetDefPrt"="c:\program files\Brother\Brmfl06b\BrStDvPt.exe" [2005-01-26 49152]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2006-06-29 77824]
"Broadbandadvisor.exe"="c:\program files\Virgin Broadband\advisor\Broadbandadvisor.exe" [2007-08-07 2061552]
"PCguard"="c:\program files\Virgin Broadband\PCguard\Rps.exe" [2007-09-05 310000]
"-FreedomNeedsReboot"="c:\program files\Virgin Broadband\PCguard\ZkRunOnceR.exe" [2007-09-05 13552]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2007-08-07 200704]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-05-16 213936]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2009-3-16 197904]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"="1"
"UpdatesDisableNotify"="1"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=

S2 gupdate1c9afdf49a6b640;Google Update Service (gupdate1c9afdf49a6b640);c:\program files\Google\Update\GoogleUpdate.exe [28/03/2009 20:56 133104]
S3 Radialpoint Security Services;Virgin Broadband PCguard;c:\windows\system32\dllhost.exe [14/04/2008 13:00 5120]
.
Contents of the 'Scheduled Tasks' folder

2009-06-18 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-28 19:55]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-sysav - c:\documents and settings\User\Application Data\pcdefender.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-18 10:50
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-06-18 10:52
ComboFix-quarantined-files.txt 2009-06-18 09:51

Pre-Run: 140,689,534,976 bytes free
Post-Run: 141,364,391,936 bytes free

149 --- E O F --- 2009-06-15 12:36
paulh45 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here

 

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 07:01 AM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2009, Tech Support Forum
Home Tips Plus | Outdoor Basecamp | Automotive Support Forum

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85