Topic: I've been hi jacked
View Single Post
  #8  
Old November 22nd, 2007, 09:28 PM
khmoles khmoles is offline
New Member
  
Join Date: Nov 2007
Posts: 23
combofix file part 1
ComboFix 07-11-19.3 - Owner 2007-11-22 12:05:08.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.143 [GMT -8:00]
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Alex\Desktop\Error Cleaner.url
C:\Documents and Settings\Alex\Desktop\Privacy Protector.url
C:\Documents and Settings\Alex\Desktop\Spyware&Malware Protection.url
C:\Documents and Settings\Alex\Favorites\Error Cleaner.url
C:\Documents and Settings\Alex\Favorites\Privacy Protector.url
C:\Documents and Settings\Alex\Favorites\Spyware&Malware Protection.url
C:\Documents and Settings\All Users\Application Data.\Starware316
C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\FindIt.bmp
C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\FindItHot.bmp
C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\findithotxp.png
C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\finditxp.png
C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\Highlight.bmp
C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\HighlightHot.bmp
C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\highlighthotxp.png
C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\highlightxp.png
C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\logo.bmp
C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\logoxp.bmp
C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\Reference.bmp
C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\ReferenceHot.bmp
C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\referencehotxp.png
C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\referencexp.png
C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\screensaver.bmp
C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\Screensavers0.bmp
C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\Weather.bmp
C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\weatherhotxp.png
C:\Documents and Settings\All Users\Application Data.\Starware316\buttons\weatherxp.png
C:\Documents and Settings\All Users\Application Data.\Starware316\contexts\error.xml
C:\Documents and Settings\All Users\Application Data.\Starware316\contexts\related.xml
C:\Documents and Settings\All Users\Application Data.\Starware316\contexts\travel.xml
C:\Documents and Settings\All Users\Application Data.\Starware316\Games\images\active\Games0.bmp
C:\Documents and Settings\All Users\Application Data.\Starware316\images\walertXP.bmp
C:\Documents and Settings\All Users\Application Data.\Starware316\Movies\images\active\Movies0.bmp
C:\Documents and Settings\All Users\Application Data.\Starware316\ScreensaversMarketingSitePager\i mages\active\ScreensaversMarketingSitePager0.bmp
C:\Documents and Settings\All Users\Application Data.\Starware316\SimpleUpdate\ProductMessagingCon fig.xml
C:\Documents and Settings\All Users\Application Data.\Starware316\SimpleUpdate\ProductMessagingCon fig.xml.backup
C:\Documents and Settings\All Users\Application Data.\Starware316\SimpleUpdate\SimpleUpdateConfig. xml
C:\Documents and Settings\All Users\Application Data.\Starware316\SimpleUpdate\SimpleUpdateConfig. xml.backup
C:\Documents and Settings\All Users\Application Data.\Starware316\SimpleUpdate\TimerManagerConfig. xml
C:\Documents and Settings\All Users\Application Data.\Starware316\SimpleUpdate\TimerManagerConfig. xml.backup
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\FindIt.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\FindItHot.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\findithotxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\finditxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Highlight.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\HighlightHot.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\highlighthotxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\highlightxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\logo.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\logoxp.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Reference.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\ReferenceHot.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\referencehotxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\referencexp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\screensaver.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Screensavers0.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\Weather.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\weatherhotxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\buttons\weatherxp.png
C:\Documents and Settings\All Users\Application Data\Starware316\contexts\error.xml
C:\Documents and Settings\All Users\Application Data\Starware316\contexts\related.xml
C:\Documents and Settings\All Users\Application Data\Starware316\contexts\travel.xml
C:\Documents and Settings\All Users\Application Data\Starware316\Games\images\active\Games0.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\images\walertXP.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\Movies\images\active\Movies0.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\ScreensaversMarketingSitePager\im ages\active\ScreensaversMarketingSitePager0.bmp
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\ProductMessagingConf ig.xml
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\ProductMessagingConf ig.xml.backup
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\SimpleUpdateConfig.x ml
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\SimpleUpdateConfig.x ml.backup
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\TimerManagerConfig.x ml
C:\Documents and Settings\All Users\Application Data\Starware316\SimpleUpdate\TimerManagerConfig.x ml.backup
C:\Program Files\screensavers.com
C:\Program Files\screensavers.com\ActiveDesktop\bin\ActiveDes ktopExe.exe
C:\Program Files\screensavers.com\SSSInstaller\bin\SSSInstall er.dll
C:\Program Files\screensavers.com\SSSUninst.exe
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2007-10-22 to 2007-11-22 )))))))))))))))))))))))))))))))
.

2007-11-25 23:20 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\McAfee
2007-11-24 20:35 626,960 -ra------ C:\WINDOWS\system32\hpvaut32.dll
2007-11-24 20:35 487,424 -ra------ C:\WINDOWS\system32\hpvcp70.dll
2007-11-24 20:35 344,064 -ra------ C:\WINDOWS\system32\hpvcr70.dll
2007-11-24 19:50 <DIR> d-------- C:\Temp\FixEngine
2007-11-22 10:06 <DIR> d-------- C:\WINDOWS\ERUNT
2007-11-19 08:28 <DIR> d-------- C:\d3temp
2007-11-15 17:45 <DIR> d-------- C:\Program Files\Gold Miner Vegas
2007-11-15 12:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Softdisk LLC
2007-11-12 16:33 <DIR> d-------- C:\Program Files\iTunes
2007-11-12 16:33 <DIR> d-------- C:\Program Files\iPod
2007-11-12 16:30 <DIR> d-------- C:\Program Files\QuickTime
2007-11-12 16:28 <DIR> d-------- C:\Program Files\Apple Software Update
2007-11-12 16:27 <DIR> d-------- C:\Program Files\Common Files\Apple
2007-11-12 16:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-11-12 16:27 30,464 --a------ C:\WINDOWS\system32\drivers\usbaapl.sys
2007-11-12 16:16 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2007-11-12 16:16 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2007-11-12 16:16 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2007-10-26 17:37 2 --a------ C:\WINDOWS\system32\RICHTX.DEP
2007-10-26 17:36 <DIR> d-------- C:\Program Files\MP3 WAV Converter
2007-10-26 10:21 <DIR> d-------- C:\Program Files\Netflix
2007-10-25 07:46 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2007-10-25 07:42 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-10-24 17:38 <DIR> d-------- C:\WINDOWS\.jagex_cache_32
2007-10-24 07:07 <DIR> d--hs---- C:\USMT.TMP

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2007-11-26 06:18 --------- d-----w C:\Program Files\HP
2007-11-26 06:18 --------- d-----w C:\Program Files\Hewlett-Packard
2007-11-22 08:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2007-11-19 16:02 --------- d-----w C:\Documents and Settings\Guest\Application Data\SiteAdvisor
2007-11-19 07:34 --------- d-----w C:\Program Files\Shockwave.com
2007-11-19 07:33 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-19 07:32 --------- d-----w C:\Program Files\Yahoo! Games
2007-11-19 07:28 --------- d-----w C:\Program Files\MSN Games
2007-11-19 07:28 --------- d-----w C:\Program Files\iWin
2007-11-19 07:26 --------- d-----w C:\Program Files\BitTorrent
2007-11-19 07:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\BVRP Software
2007-11-17 18:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\ATI MMC
2007-11-16 02:19 --------- d-----w C:\Program Files\McAfee
2007-11-14 21:33 --------- d-----w C:\Program Files\Common Files\McAfee
2007-11-13 01:09 --------- d-----w C:\Documents and Settings\Owner\Application Data\Apple Computer
2007-10-28 10:14 --------- d-----w C:\Program Files\MSN Messenger
2007-10-18 16:46 --------- d-----w C:\Documents and Settings\Owner\Application Data\BitTorrent
2007-10-10 05:35 --------- d-----w C:\Program Files\FlashGet
2007-10-09 23:01 --------- d-----w C:\Documents and Settings\Owner\Application Data\Move Networks
2007-10-08 22:46 --------- d-----w C:\Program Files\Google
2007-10-08 02:09 --------- d-----w C:\Program Files\Disney
2007-09-30 01:01 --------- d-----w C:\Program Files\Microsoft Games
2007-08-15 05:07 92,064 ----a-w C:\Documents and Settings\Owner\mqdmmdm.sys
2007-08-15 05:07 9,232 ----a-w C:\Documents and Settings\Owner\mqdmmdfl.sys
2007-08-15 05:07 79,328 ----a-w C:\Documents and Settings\Owner\mqdmserd.sys
2007-08-15 05:07 66,656 ----a-w C:\Documents and Settings\Owner\mqdmbus.sys
2007-08-15 05:07 6,208 ----a-w C:\Documents and Settings\Owner\mqdmcmnt.sys
2007-08-15 05:07 5,936 ----a-w C:\Documents and Settings\Owner\mqdmwhnt.sys
2007-08-15 05:07 4,048 ----a-w C:\Documents and Settings\Owner\mqdmcr.sys
2007-08-15 05:07 25,600 ----a-w C:\Documents and Settings\Owner\usbsermptxp.sys
2007-08-15 05:07 22,768 ----a-w C:\Documents and Settings\Owner\usbsermpt.sys
2005-01-12 17:58 1,568 ----a-w C:\Documents and Settings\Owner\Application Data\mpauth.dat
2004-09-29 20:59 0 --sha-w C:\WINDOWS\SMINST\HPCD.sys
2005-02-05 00:27 985 --sha-w C:\WINDOWS\system32\mmf(10)(2)(2).sys
2005-01-21 19:21 985 --sha-w C:\WINDOWS\system32\mmf(10)(3).sys
2005-01-21 18:59 985 --sha-w C:\WINDOWS\system32\mmf(11)(2).sys
2005-09-26 01:35 985 --sha-w C:\WINDOWS\system32\mmf(11)(3).sys
2005-01-19 21:40 985 --sha-w C:\WINDOWS\system32\mmf(12)(2).sys
2005-01-19 02:49 985 --sha-w C:\WINDOWS\system32\mmf(13)(2).sys
2005-01-15 05:18 985 --sha-w C:\WINDOWS\system32\mmf(14)(2).sys
2005-01-15 05:13 985 --sha-w C:\WINDOWS\system32\mmf(15)(2).sys
2005-01-12 19:11 985 --sha-w C:\WINDOWS\system32\mmf(16)(2).sys
2005-01-07 23:48 985 --sha-w C:\WINDOWS\system32\mmf(17)(2).sys
2005-01-06 18:17 985 --sha-w C:\WINDOWS\system32\mmf(18)(2).sys
2005-01-21 19:21 985 --sha-w C:\WINDOWS\system32\mmf(19)(2).sys
2004-12-29 00:00 985 --sha-w C:\WINDOWS\system32\mmf(2)(2)(2).sys
2005-04-25 03:33 985 --sha-w C:\WINDOWS\system32\mmf(2)(2).sys
2004-12-15 17:05 985 --sha-w C:\WINDOWS\system32\mmf(2)(3).sys
2005-02-07 03:04 985 --sha-w C:\WINDOWS\system32\mmf(2)(4).sys
2005-07-28 17:59 985 --sha-w C:\WINDOWS\system32\mmf(2).sys
2004-12-27 23:52 985 --sha-w C:\WINDOWS\system32\mmf(22)(2).sys
2004-12-26 21:48 985 --sha-w C:\WINDOWS\system32\mmf(23)(2).sys
2004-12-26 21:33 985 --sha-w C:\WINDOWS\system32\mmf(24)(2).sys
2004-12-26 03:54 985 --sha-w C:\WINDOWS\system32\mmf(25)(2).sys
2004-12-24 22:36 985 --sha-w C:\WINDOWS\system32\mmf(26)(2).sys
2004-12-24 11:07 985 --sha-w C:\WINDOWS\system32\mmf(27)(2).sys
2004-12-21 13:35 985 --sha-w C:\WINDOWS\system32\mmf(28)(2).sys
2004-12-18 21:53 985 --sha-w C:\WINDOWS\system32\mmf(29)(2).sys
2005-12-14 17:44 985 --sha-w C:\WINDOWS\system32\mmf(3)(10).sys
2004-12-30 00:02 985 --sha-w C:\WINDOWS\system32\mmf(3)(2)(2).sys
2005-04-25 03:27 985 --sha-w C:\WINDOWS\system32\mmf(3)(2).sys
2005-02-05 15:05 985 --sha-w C:\WINDOWS\system32\mmf(3)(3).sys
2005-09-09 21:18 985 --sha-w C:\WINDOWS\system32\mmf(3)(4).sys
2005-09-28 02:08 985 --sha-w C:\WINDOWS\system32\mmf(3)(5).sys
2005-09-26 01:20 985 --sha-w C:\WINDOWS\system32\mmf(3)(6).sys
2005-09-28 15:14 985 --sha-w C:\WINDOWS\system32\mmf(3)(7).sys
2005-09-22 14:30 985 --sha-w C:\WINDOWS\system32\mmf(3)(8).sys
2005-11-30 19:08 985 --sha-w C:\WINDOWS\system32\mmf(3)(9).sys
2004-12-16 11:07 985 --sha-w C:\WINDOWS\system32\mmf(31)(2).sys
2005-02-05 00:19 985 --sha-w C:\WINDOWS\system32\mmf(32)(2).sys
2005-02-01 21:51 985 --sha-w C:\WINDOWS\system32\mmf(33)(2).sys
2005-01-30 01:42 985 --sha-w C:\WINDOWS\system32\mmf(34)(2).sys
2005-01-25 16:31 985 --sha-w C:\WINDOWS\system32\mmf(35)(2).sys
2005-01-22 15:56 985 --sha-w C:\WINDOWS\system32\mmf(36)(2).sys
2005-04-24 14:39 985 --sha-w C:\WINDOWS\system32\mmf(4)(2).sys
2005-02-05 00:27 985 --sha-w C:\WINDOWS\system32\mmf(4)(3).sys
2005-09-26 15:03 985 --sha-w C:\WINDOWS\system32\mmf(4)(4).sys
2005-09-26 01:20 985 --sha-w C:\WINDOWS\system32\mmf(4)(5).sys
2005-09-26 01:25 985 --sha-w C:\WINDOWS\system32\mmf(4)(6).sys
2005-12-06 07:46 985 --sha-w C:\WINDOWS\system32\mmf(4)(7).sys
2005-02-07 15:49 985 --sha-w C:\WINDOWS\system32\mmf(49)(2).sys
2005-04-18 10:09 985 --sha-w C:\WINDOWS\system32\mmf(5)(2).sys
2005-02-05 00:19 985 --sha-w C:\WINDOWS\system32\mmf(5)(3).sys
2005-09-26 01:25 985 --sha-w C:\WINDOWS\system32\mmf(5)(4).sys
2005-09-11 22:06 985 --sha-w C:\WINDOWS\system32\mmf(5)(5).sys
2005-09-16 17:21 985 --sha-w C:\WINDOWS\system32\mmf(5)(6).sys
2005-04-18 00:57 985 --sha-w C:\WINDOWS\system32\mmf(6)(2).sys
2005-02-01 21:51 985 --sha-w C:\WINDOWS\system32\mmf(6)(3).sys
2005-09-13 19:00 985 --sha-w C:\WINDOWS\system32\mmf(6)(4).sys
2005-09-11 22:06 985 --sha-w C:\WINDOWS\system32\mmf(6)(5).sys
2005-03-04 16:23 985 --sha-w C:\WINDOWS\system32\mmf(7)(2).sys
2005-01-30 01:42 985 --sha-w C:\WINDOWS\system32\mmf(7)(3).sys
2005-01-25 16:31 985 --sha-w C:\WINDOWS\system32\mmf(8)(3).sys
2005-01-22 15:56 985 --sha-w C:\WINDOWS\system32\mmf(9)(3).sys
.
Reply With Quote