Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Inactive Malware Help Topics

User Tag List

Cant access My Pictures folder...another poster told me to post here

This is a discussion on Cant access My Pictures folder...another poster told me to post here within the Inactive Malware Help Topics forums, part of the Tech Support Forum category. They told me to run Combofix and post the log here..this is my work computer and my boss will be


 
 
Thread Tools Search this Thread
Old 01-29-2008, 10:40 AM   #1
Guest
 
Join Date: Jan 2008
Posts: 7
OS:



They told me to run Combofix and post the log here..this is my work computer and my boss will be pissed if it crashes...lol...someone please help me!
ComboFix 08-01-29.3 - Dustin 2008-01-29 13:27:16.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.153 [GMT -5:00]
Running from: C:\Documents and Settings\Dustin\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\Downloaded Program Files\MV30
C:\WINDOWS\Downloaded Program Files\MV30\ahndmz.dll
C:\WINDOWS\Downloaded Program Files\MV30\ahngk.dll
C:\WINDOWS\Downloaded Program Files\MV30\ahni18n.dll
C:\WINDOWS\Downloaded Program Files\MV30\AhnIni.dat
C:\WINDOWS\Downloaded Program Files\MV30\ahninst.dll
C:\WINDOWS\Downloaded Program Files\MV30\athelp.dll
C:\WINDOWS\Downloaded Program Files\MV30\azmain.dll
C:\WINDOWS\Downloaded Program Files\MV30\cabinet.dll
C:\WINDOWS\Downloaded Program Files\MV30\msvcp60.dll
C:\WINDOWS\Downloaded Program Files\MV30\mymedic.exe
C:\WINDOWS\Downloaded Program Files\MV30\myv3.exe
C:\WINDOWS\Downloaded Program Files\MV30\nls\i18n0411.nls
C:\WINDOWS\Downloaded Program Files\MV30\nls\i18n0412.nls
C:\WINDOWS\Downloaded Program Files\MV30\nls\i18n0804.nls
C:\WINDOWS\Downloaded Program Files\MV30\nls\myv30409.nls
C:\WINDOWS\Downloaded Program Files\MV30\nls\myv30411.nls
C:\WINDOWS\Downloaded Program Files\MV30\nls\myv30412.nls
C:\WINDOWS\Downloaded Program Files\MV30\nls\myv30804.nls
C:\WINDOWS\Downloaded Program Files\MV30\nls\send0411.nls
C:\WINDOWS\Downloaded Program Files\MV30\nls\send0412.nls
C:\WINDOWS\Downloaded Program Files\MV30\nls\send0804.nls
C:\WINDOWS\Downloaded Program Files\MV30\nls\v3dr0411.nls
C:\WINDOWS\Downloaded Program Files\MV30\nls\v3dr0412.nls
C:\WINDOWS\Downloaded Program Files\MV30\nls\v3dr0804.nls
C:\WINDOWS\Downloaded Program Files\MV30\nls\v3me0409.nls
C:\WINDOWS\Downloaded Program Files\MV30\nls\v3me0411.nls
C:\WINDOWS\Downloaded Program Files\MV30\nls\v3me0412.nls
C:\WINDOWS\Downloaded Program Files\MV30\nls\v3me0804.nls
C:\WINDOWS\Downloaded Program Files\MV30\system\v3sr.dat
C:\WINDOWS\Downloaded Program Files\MV30\unace.dll
C:\WINDOWS\Downloaded Program Files\MV30\unacev2.dll
C:\WINDOWS\Downloaded Program Files\MV30\unrar.dll
C:\WINDOWS\Downloaded Program Files\MV30\v3azex.dll
C:\WINDOWS\Downloaded Program Files\MV30\v3back32.dll
C:\WINDOWS\Downloaded Program Files\MV30\v3busend.dat
C:\WINDOWS\Downloaded Program Files\MV30\v3busend.exe
C:\WINDOWS\Downloaded Program Files\MV30\v3cfge.dll
C:\WINDOWS\Downloaded Program Files\MV30\v3dbpl32.dll
C:\WINDOWS\Downloaded Program Files\MV30\v3drex.dll
C:\WINDOWS\Downloaded Program Files\MV30\v3if.dll
C:\WINDOWS\Downloaded Program Files\MV30\v3isdb.dll
C:\WINDOWS\Downloaded Program Files\MV30\v3logex.dll
C:\WINDOWS\Downloaded Program Files\MV30\v3maildt.dll
C:\WINDOWS\Downloaded Program Files\MV30\v3msnc.dll
C:\WINDOWS\Downloaded Program Files\MV30\v3neti9x.dll
C:\WINDOWS\Downloaded Program Files\MV30\v3netint.dll
C:\WINDOWS\Downloaded Program Files\MV30\v3pro32e.dll
C:\WINDOWS\Downloaded Program Files\MV30\v3self.ahn
C:\WINDOWS\Downloaded Program Files\MV30\v3slfscn.dll
C:\WINDOWS\Downloaded Program Files\MV30\v3sr32.dll
C:\WINDOWS\Downloaded Program Files\MV30\v3stscan.dll
C:\WINDOWS\Downloaded Program Files\update
C:\WINDOWS\Downloaded Program Files\update\ahn.ui
C:\WINDOWS\Downloaded Program Files\update\ahnupctl.dll
C:\WINDOWS\Downloaded Program Files\update\autoup.exe
C:\WINDOWS\Downloaded Program Files\update\supdate.log
C:\WINDOWS\Downloaded Program Files\update\v3bz32.dll
C:\WINDOWS\Downloaded Program Files\update\v3pro32e.dl-
C:\WINDOWS\Downloaded Program Files\update\win\e\v3\realtime_nt\v3engine.sy-
C:\WINDOWS\Downloaded Program Files\update\win\e\v3\sign\v3warpd.v3-
C:\WINDOWS\Downloaded Program Files\update\win\e\v3\sign\v3warpn.v3-
C:\WINDOWS\Downloaded Program Files\update\win\e\v3\v3sr\v3sr.da-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\nls\i18n0411.nl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\nls\i18n0412.nl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\nls\i18n0804.nl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\nls\myv30409.nl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\nls\myv30411.nl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\nls\myv30412.nl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\nls\myv30804.nl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\nls\send0411.nl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\nls\send0412.nl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\nls\send0804.nl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\nls\v3dr0411.nl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\nls\v3dr0412.nl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\nls\v3dr0804.nl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\nls\v3me0409.nl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\nls\v3me0411.nl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\nls\v3me0412.nl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\nls\v3me0804.nl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\ahndmz.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\ahngk.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\ahni18n.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\ahninst.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\athelp.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\azmain.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\cabinet.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\msvcp60.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\mymedic.ex-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\myv3.ex-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\unace.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\unacev2.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\unrar.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\v3azex.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\v3back32.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\v3busend.da-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\v3busend.ex-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\v3cfge.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\v3dbpl32.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\v3drex.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\v3if.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\v3isdb.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\v3logex.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\v3maildt.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\v3msnc.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\v3neti9x.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\v3netint.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\v3self.ah-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\v3slfscn.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\v3sr32.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\v3stscan.dl-
C:\WINDOWS\Downloaded Program Files\update\win\p\myv3_2004\r\v3w32se2.dl-

.
((((((((((((((((((((((((( Files Created from 2007-12-28 to 2008-01-29 )))))))))))))))))))))))))))))))
.

2008-01-29 13:10 . 2001-08-17 13:49 237,728 --a------ C:\cmldr
2008-01-29 13:10 . 2005-06-01 15:04 211 --a------ C:\Boot.bak
2008-01-28 13:41 . 2008-01-28 16:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-28 13:38 . 2008-01-28 13:40 7,467,056 --a------ C:\spybotsd15.exe
2008-01-28 13:29 . 2008-01-28 13:29 230 --a------ C:\WINDOWS\SYSTEM32\spupdsvc.inf
2008-01-28 09:18 . 2008-01-28 09:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Dell
2008-01-14 08:19 . 2008-01-14 08:19 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-14 08:19 . 2008-01-14 08:19 1,409 --a------ C:\WINDOWS\QTFont.for

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-29 18:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-01-29 18:09 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-12-26 16:32 --------- d-----w C:\Program Files\QuickTime
2007-12-26 16:30 --------- d-----w C:\Program Files\Apple Software Update
2007-12-26 16:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-12-26 16:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2007-12-04 15:10 6,026,816 ----a-w C:\Firefox Setup 2.0.0.11.exe
2007-11-28 13:55 --------- d-----w C:\Program Files\DivX
2007-10-31 18:03 245,408 ----a-w C:\WINDOWS\SYSTEM32\unicows.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 10:09 460784]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:54 5674352]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00 15360]
"DellTransferAgent"="C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe" [2007-11-13 16:46 135168]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 14:42 1404928]
"OSCD_Creator"="c:\Dell\PreODM.EXE" [2004-10-31 05:21 408576]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 03:00 132496]
"IAAnotif"="C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe" [2004-03-23 12:16 135168]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 12:52 339968]
"mmtask"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2004-09-14 08:50 53248]
"VSOCheckTask"="c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" [2004-07-01 15:15 139264]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 17:29 303104]
"MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2006-01-11 11:05 212992]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2005-05-04 22:54 26112]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-11 10:56 286720]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 01:02 86016]
"VirusScan Online"="c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" [2004-08-17 16:55 180224]
"Share-to-Web Namespace Daemon"="C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 10:42 69632]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe" [2002-12-09 19:19 188416]
"AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" [2006-10-23 07:50 71216]
"HostManager"="C:\Program Files\Common Files\AOL\1170334799\ee\AOLSoftware.exe" [2006-09-25 19:52 50736]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-10 00:59 115816]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2007-01-14 02:11 771704]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 17:30 517768]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"OSCD_Creator"="C:\Dell\PreODM.exe" [2004-10-31 05:21 408576]


*Newly Created Service* - COMHOST
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
"2007-12-26 16:30:39 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-08-17 22:30:00 C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (CEI-Dustin).job"
- c:\program files\mcafee.com\vso\mcmnhdlr.exe
"2008-01-17 04:00:00 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Dustin.job"
- C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exeh/TASK:
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, https://www.gmer.net
Rootkit scan 2008-01-29 13:31:46
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
OSCD_Creator = C:\Dell\PreODM.EXE /2??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-29 13:33:33
ComboFix-quarantined-files.txt 2008-01-29 18:33:31
.
2007-08-15 23:29:22 --- E O F ---
crystal120101 is offline  
Sponsored Links
Advertisement
 
Old 01-29-2008, 01:20 PM   #2
Guest
 
Join Date: Jan 2008
Posts: 7
OS:



Can someone please help me. I have pictures saved in there pertaining to work and it will be very bad if I am no longer able to access them. Thanks!
crystal120101 is offline  
Old 01-30-2008, 05:32 AM   #3
Guest
 
Join Date: Jan 2008
Posts: 7
OS:



Anyone?
crystal120101 is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 07:12 AM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts